urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Submission: On September 29 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 7 countries across 65 domains to perform 350 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 601985.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
20 142.251.12.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
3 64.120.88.131 133752 (LEASEWEB-...)
21 172.67.72.16 13335 (CLOUDFLAR...)
53 142.251.12.154 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
11 172.217.194.154 15169 (GOOGLE)
12 142.251.10.154 15169 (GOOGLE)
1 74.125.130.94 15169 (GOOGLE)
2 74.125.130.97 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
3 216.239.38.178 15169 (GOOGLE)
2 142.250.66.227 15169 (GOOGLE)
2 142.250.4.155 15169 (GOOGLE)
3 142.251.12.155 15169 (GOOGLE)
2 182.161.74.19 55569 (CRITEO-AS...)
2 182.161.73.148 55569 (CRITEO-AS...)
30 172.217.194.132 15169 (GOOGLE)
8 27 74.125.24.154 15169 (GOOGLE)
2 103.229.10.192 16509 (AMAZON-02)
1 104.16.86.20 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
3 52.196.248.191 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 145.40.89.200 54825 (PACKET)
1 4 139.99.49.250 16276 (OVH)
1 44.230.111.82 16509 (AMAZON-02)
1 23.207.37.41 16625 (AKAMAI-AS)
1 54.169.199.37 16509 (AMAZON-02)
1 35.213.124.31 15169 (GOOGLE)
6 12 104.18.19.126 13335 (CLOUDFLAR...)
8 35.244.159.8 15169 (GOOGLE)
1 34.107.148.139 15169 (GOOGLE)
2 6 104.254.148.251 29990 (ASN-APPNEX)
18 182.161.73.129 55569 (CRITEO-AS...)
2 182.161.73.132 55569 (CRITEO-AS...)
2 69.174.120.107 3257 (GTT-BACKB...)
3 182.161.73.142 55569 (CRITEO-AS...)
1 13.33.33.78 16509 (AMAZON-02)
9 142.251.10.148 15169 (GOOGLE)
1 9 172.217.194.105 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.58 16509 (AMAZON-02)
4 182.161.73.136 55569 (CRITEO-AS...)
2 3 35.213.12.39 ()
4 4 185.84.60.30 ()
1 1 52.2.255.108 ()
1 1 174.137.133.49 ()
1 1 18.179.72.109 ()
4 5 35.71.131.137 16509 (AMAZON-02)
2 2 124.146.215.51 ()
1 124.146.153.150 ()
1 202.233.84.1 ()
1 1 35.227.252.103 15169 (GOOGLE)
1 1 52.220.40.119 16509 (AMAZON-02)
1 151.101.193.108 ()
1 23.75.85.227 ()
1 23.207.36.240 ()
1 2 35.71.178.8 ()
1 23.207.36.20 ()
1 52.74.13.196 ()
350 59
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
20    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
fafa59765d81ca88780b84bf059c6146.safeframe.googlesyndication.com
b432474d6bcd0a9da4547a8302d158f9.safeframe.googlesyndication.com
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
21    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
53    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
11    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
securepubads.g.doubleclick.net
12    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
adservice.google.com
adservice.google.com.au
googleads4.g.doubleclick.net
1    74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net
d-20007048061093706366.ampproject.net
2    74.125.130.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f97.1e100.net
www.googletagmanager.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
3    216.239.38.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.66.227 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net
csi.gstatic.com
2    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
partner.googleadservices.com
3    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
adservice.google.com.au
2    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
2    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
30    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
27    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
www.googletagservices.com
cm.g.doubleclick.net
2    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    104.16.86.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
3    52.196.248.191 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-248-191.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    44.230.111.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-111-82.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    23.207.37.41 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-41.deploy.static.akamaitechnologies.com
a.teads.tv
1    54.169.199.37 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-199-37.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    35.213.124.31 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 31.124.213.35.bc.googleusercontent.com
grid.bidswitch.net
12    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
6    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
18    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    69.174.120.107 (Avondale, United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
3    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    13.33.33.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-78.sin2.r.cloudfront.net
rules.quantcount.com
9    142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net
s0.2mdn.net
9    172.217.194.105 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f105.1e100.net
www.google.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-58.sin2.r.cloudfront.net
pxl.qccerttest.com
4    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
3    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
4    185.84.60.30 (None, )

ASN- ()
c1.adform.net
1    52.2.255.108 (None, )

ASN- ()
sync.srv.stackadapt.com
1    174.137.133.49 (None, )

ASN- ()
dsp.adkernel.com
1    18.179.72.109 (None, )

ASN- ()
google.dap.fw-ad.jp
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    124.146.215.51 (None, )

ASN- ()
tg.socdm.com
1    124.146.153.150 (None, )

ASN- ()
gdn.socdm.com
1    202.233.84.1 (None, )

ASN- ()
aid.send.microad.jp
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    52.220.40.119 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    151.101.193.108 (None, )

ASN- ()
acdn.adnxs.com
1    23.75.85.227 (None, )

ASN- ()
eus.rubiconproject.com
1    23.207.36.240 (None, )

ASN- ()
js-sec.indexww.com
2    35.71.178.8 (None, )

ASN- ()
eb2.3lift.com
1    23.207.36.20 (None, )

ASN- ()
contextual.media.net
1    52.74.13.196 (None, )

ASN- ()
ups.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
78 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
fafa59765d81ca88780b84bf059c6146.safeframe.googlesyndication.com
b432474d6bcd0a9da4547a8302d158f9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
735 KB
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299
586 KB
22 bg3.co
www.bg3.co — Cisco Umbrella Rank: 601985
static.bg3.co
257 KB
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 636
csm.as.criteo.net — Cisco Umbrella Rank: 17270
244 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 2
5 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
326 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 14921
e3.adpushup.com — Cisco Umbrella Rank: 16219
aplogger.adpushup.com — Cisco Umbrella Rank: 15729
217 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 481
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com Failed
8 KB
11 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 23087
ads.as.criteo.com — Cisco Umbrella Rank: 17002
bidder.criteo.com — Cisco Umbrella Rank: 728
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17313
gum.criteo.com — Cisco Umbrella Rank: 402
dis.criteo.com Failed
39 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 268
394 KB
9 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13577
rtb.openx.net — Cisco Umbrella Rank: 1470
u.openx.net
us-u.openx.net
jp-u.openx.net
3 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com
31 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 32100
sync.aralego.com — Cisco Umbrella Rank: 2902
4 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 344
3 KB
5 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 957
fastlane.rubiconproject.com — Cisco Umbrella Rank: 465
eus.rubiconproject.com
pixel-eu.rubiconproject.com Failed
pixel.rubiconproject.com Failed
secure-assets.rubiconproject.com Failed
4 KB
5 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 103730
1 KB
4 adform.net
c1.adform.net
cm.adform.net Failed
2 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 930
x.bidswitch.net
3 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
175 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9124
45 KB
3 socdm.com
tg.socdm.com
gdn.socdm.com
3 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
468 B
2 doubleverify.com
tps.doubleverify.com — Cisco Umbrella Rank: 472
276 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1147
contextual.media.net
cs.media.net Failed
13 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 922
pixel.quantserve.com — Cisco Umbrella Rank: 417
11 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
1011 B
2 gstatic.com
csi.gstatic.com
381 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
75 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 663
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 15435
11 KB
1 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com Failed
125 B
1 indexww.com
js-sec.indexww.com
2 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 538
398 B
1 microad.jp
aid.send.microad.jp
641 B
1 fw-ad.jp
google.dap.fw-ad.jp
568 B
1 adkernel.com
dsp.adkernel.com
594 B
1 stackadapt.com
sync.srv.stackadapt.com
745 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 993
548 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 861
680 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1254
360 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4130
518 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 925
864 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 389
2 KB
1 ampproject.net
d-20007048061093706366.ampproject.net
0 bing.com Failed
c.bing.com Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 1rx.io Failed
sync.1rx.io Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 pubmatic.com Failed
image8.pubmatic.com Failed
ads.pubmatic.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
0 rlcdn.com Failed
id.rlcdn.com Failed
0 smartadserver.com Failed
ssbsync-global.smartadserver.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 ladsp.com Failed
cr-p3.ladsp.com Failed
0 turn.com Failed
ad.turn.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 atdmt.com Failed
ad.atdmt.com Failed
0 servenobid.com Failed
ads.servenobid.com Failed
public.servenobid.com Failed
350 65
Domain Requested by
43 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.bg3.co
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
30 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
23 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
contextual.media.net
eb2.3lift.com
21 static.bg3.co www.bg3.co
18 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
10 googleads.g.doubleclick.net cdn.ampproject.org
pagead2.googlesyndication.com
www.bg3.co
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
9 www.google.com 1 redirects tpc.googlesyndication.com
www.bg3.co
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
9 s0.2mdn.net static.criteo.net
www.bg3.co
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
s0.2mdn.net
6 ib.adnxs.com 2 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
contextual.media.net
6 e3.adpushup.com www.bg3.co
6 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 match.adsrvr.org 4 redirects cdn.adpushup.com
eb2.3lift.com
5 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 c1.adform.net 4 redirects
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.bg3.co
4 gum.criteo.com static.criteo.net
gum.criteo.com
cdn.adpushup.com
contextual.media.net
4 adpushup-d.openx.net cdn.adpushup.com
4 onetag-sys.com 1 redirects cdn.adpushup.com
onetag-sys.com
4 www.googletagservices.com googleads.g.doubleclick.net
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 x.bidswitch.net 2 redirects onetag-sys.com
contextual.media.net
eb2.3lift.com
3 c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 csm.as.criteo.net ads.as.criteo.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 us-u.openx.net u.openx.net
contextual.media.net
2 eb2.3lift.com 1 redirects cdn.adpushup.com
eb2.3lift.com
2 tg.socdm.com 2 redirects
2 aplogger.adpushup.com cdn.adpushup.com
2 tps.doubleverify.com ads.as.criteo.com
2 cat.sg1.as.criteo.com ads.as.criteo.com
2 htlb.casalemedia.com cdn.adpushup.com
2 ads.as.criteo.com googleads.g.doubleclick.net
2 rtb.jp2.as.criteo.com www.bg3.co
2 partner.googleadservices.com pagead2.googlesyndication.com
2 csi.gstatic.com cdn.ampproject.org
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 ups.analytics.yahoo.com onetag-sys.com
1 jp-u.openx.net u.openx.net
1 contextual.media.net cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
1 acdn.adnxs.com cdn.adpushup.com
1 match.sharethrough.com 1 redirects
1 rtb.openx.net 1 redirects
1 aid.send.microad.jp c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
1 gdn.socdm.com
1 google.dap.fw-ad.jp 1 redirects
1 dsp.adkernel.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 b432474d6bcd0a9da4547a8302d158f9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fafa59765d81ca88780b84bf059c6146.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-20007048061093706366.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 ssum-sec.casalemedia.com Failed js-sec.indexww.com
0 c.bing.com Failed eb2.3lift.com
0 pr-bh.ybp.yahoo.com Failed eb2.3lift.com
0 px.ads.linkedin.com Failed eb2.3lift.com
0 cs.media.net Failed contextual.media.net
0 cs.emxdgt.com Failed contextual.media.net
0 rtb.mfadsrvr.com Failed contextual.media.net
0 b1sync.zemanta.com Failed contextual.media.net
eb2.3lift.com
0 dis.criteo.com Failed contextual.media.net
0 pm.w55c.net Failed contextual.media.net
0 sync.1rx.io Failed contextual.media.net
0 ads.pubmatic.com Failed contextual.media.net
0 p.rfihub.com Failed contextual.media.net
0 secure-assets.rubiconproject.com Failed contextual.media.net
0 image8.pubmatic.com Failed onetag-sys.com
0 s.amazon-adsystem.com Failed onetag-sys.com
eb2.3lift.com
0 id.rlcdn.com Failed onetag-sys.com
0 ssbsync-global.smartadserver.com Failed onetag-sys.com
0 pixel.rubiconproject.com Failed onetag-sys.com
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
0 sync.mathtag.com Failed onetag-sys.com
0 cr-p3.ladsp.com Failed u.openx.net
0 ad.turn.com Failed u.openx.net
0 cm.adform.net Failed
0 public.servenobid.com Failed cdn.adpushup.com
0 pixel.tapad.com Failed
0 id5-sync.com Failed
0 ad.atdmt.com Failed c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
0 ads.servenobid.com Failed cdn.adpushup.com
350 105

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.doubleverify.com
Network Solutions OV Server CA 2		 2021-11-08 -
2022-12-09		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2021-10-06 -
2022-11-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh

This page contains 50 frames:

Primary Page: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Frame ID: 0977D9C16C3D6BD8DE15BACE8833DA33
Requests: 108 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F5D807C56D55C0DD2F7363208BBCE0F4
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 99A20EF4DE222236471A0397A70AE6A4
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A0F47B637497151479641E6BE7B8722F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 9E31B532B5400306C23E125B2EDFD417
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38571042042221827304&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3009&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=93004719&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&ga_hid=4719&dt=1664487475614&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&bdt=2222&dtd=484&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 8960E2CC2E5F44FC012C97B0295A31E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475652&bpp=13&bdt=1408&idt=735&shv=r20220927&mjsv=m202209280101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=2&ga_vid=1165728026.1664487476&ga_sid=1664487476&ga_hid=343950385&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2525578799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069959%2C42531706%2C31070010%2C44774605&oid=2&pvsid=2874003683732458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5oaipgf7r6u8&fsb=1&dtd=752
Frame ID: 805CE72E61846D974D39C0322DC98D52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475789&bpp=12&bdt=1527&idt=803&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=1&ga_vid=867079241.1664487477&ga_sid=1664487477&ga_hid=1406749941&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2525&biw=1600&bih=1200&isw=336&ish=280&ifk=1056026149&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531705%2C44767166%2C31069720&oid=2&pvsid=3097226791351910&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.suox96yce1dh&btvi=1&fsb=1&dtd=818
Frame ID: C324CD6BE602E98F7700A0D07499574E
Requests: 1 HTTP requests in this frame

Frame: https://fafa59765d81ca88780b84bf059c6146.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8FBFA5D9C058F9F487523D06FA6B0615
Requests: 1 HTTP requests in this frame

Frame: https://b432474d6bcd0a9da4547a8302d158f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BCF8156D91D6411B2DEC4D9340D55D63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CMmnfNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPEBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbq-ZX5SvAsokc0Dn9YLR-us0Xs0n_CVesgxQ8TrHqJeReIapKRcRoAGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=mlgdb4DiMu4&uach_m=[UACH]&cid=CAQSGwCsnQUx2FGmHQ0LuDxvE7JGbhnnMrWNHPJ9xhgBIBM
Frame ID: ACC43FF60CEED52C3B7BA586E0293DC3
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 69066F1FCBB6220484BB977FD8B82A29
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjqMMNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE9wFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dr-LOTxTO9l7KsCi04LJEvOEct5br9bCMbNFxp2fa1U1cKOSF60ugAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=QbMUbqzQCNU&uach_m=[UACH]&cid=CAQSGwCsnQUxcxZStLoazqhLfjlKR2gkb8ijZ3GOpRgBIBM
Frame ID: F29ABD7D12594FFBE8C015D505DEA1E8
Requests: 6 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: A1DEB9CC9E0130B27114BC68A567A182
Requests: 10 HTTP requests in this frame

Frame: https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/sushicat/300x250/index.html
Frame ID: 6C24EB391CB3136C17717AB8C51532D1
Requests: 3 HTTP requests in this frame

Frame: https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/yoga/300x250/index.html
Frame ID: 0ED41D4F8D24F05EA922E2764B84D4DA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 229238D958D513E36463ABC4BD81BBCC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D6010C1D3AB75036226983BDABFE4E29
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAEF20E6321B37A92F8CA4598DC8EC0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED93ED1E2CADEEF02317AAA31A5CC6BA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3E4ED86BDB59906B6C650A21D98603D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08FE6F51C94D0E7D29223E18C5B0B29D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28D6CEB864DC17E0F915426EBBF92764
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 781E06B627CEB8C19766B109619330BC
Requests: 2 HTTP requests in this frame

Frame: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9C76CCA2927C1AED7B450CDE3F4D684
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 679E39D85C2EF187B653D2666144ABC7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 945277FE6B3022E31E5067EE26295FD9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ABE91CCE0AF759BE662B3B825875BFC0
Requests: 2 HTTP requests in this frame

Frame: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA4E7DCF6CC07AF642D38FD49679478C
Requests: 17 HTTP requests in this frame

Frame: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B075890212314AA7B70606E76A9B807
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 71D8D7C5540B5D1F7D9B2A265AED1C3B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaQFRDwq4vjAhjmgenTATAB&v=APEucNUU3bcifqyDS1ARSe4N29jLNNxolADguWN2BAo1mnuSZoOjFpCIFzaHKdDdSxreGjfWFs5Hp7NSki-nSqdLudSLu_MVVA
Frame ID: C295437750C0735DA24AC2E671A9E9B1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaXShCmkVwYoPWmxwEwAQ&v=APEucNWmFSPmDNKEZ-32PJdCXmVrujTO8D_8aOrAyy36y-1c8IgDREGiMz6VmqMQmTePib39VfIlTwE3x9dIJ3_VAxx49IO-dA
Frame ID: 7BA602C6A3D50E2B355F2ABB7C3A0E11
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B377FE0336485AF54A2D1D52FC07FD28
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8F5D54F16CD0421E7650DF1F4DA7512C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F0466999B6545001B12DC777049FA86
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 66CA38A289C3128831F3DCF20A0062B1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16707801479196189636/300x250.html
Frame ID: A4B385858059DB740B773774326DF949
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664487478321
Frame ID: FA265DD9FEB6A3766E00918CA41FF7B8
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2933322E08DEAC9DD2540A6C7DF80611
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E5643956F0022E679E0EB488C6BAC514
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 109E7003850471625CE4A34E9A08BD6D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7B43490D7F30CA7EA88E10A5902979E7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2F82A0D6066C26FDCFC7B1101E3285EF
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: CA603FD8A103319AF2EF9022709131FD
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 22DB2B2EBC9C8A07D0E8A913705E52CD
Requests: 13 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Frame ID: CB55CA6A2B6B675F0DCE374BEE106388
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Drkt%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3D%7Buserid%7D
Frame ID: B5B99C6AD31B880D60DE24E455D78D82
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Dpba%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3DPM_UID
Frame ID: 519FB94031CE45274696032FBB659834
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: EB6C0EB384F239E85F32EBF13E30B54F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

廣西火山島遊人如織 海蝕火山岩風光綺麗 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

350
Requests

79 %
HTTPS

0 %
IPv6

65
Domains

105
Subdomains

59
IPs

7
Countries

3249 kB
Transfer

8384 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 234
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1&C=1
Request Chain 236
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzYQOvAjeHoupuwii0iPyQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
Request Chain 237
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKsugPJD0CaVU4CHe85copA&google_cver=1
Request Chain 238
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU3NjU1MjA0MTMwODg4MDgwOQ%3D%3D
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1&C=1
Request Chain 240
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzYQOhMXOyqi1ecU1Or4HgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKsugPJD0CaVU4CHe85copA&google_cver=1
Request Chain 242
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU3NjU1MjA0MTMwODg4MDgwOQ%3D%3D
Request Chain 260
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEHwPVaoheassV8JRxTsmdSI&google_cver=1&google_push=AZmPxg94mYF5BsfiQwguX3sIp4-NRzrLmSVfO55lkKsJ75GObsVMRsPl6-qywVOa4HGH8L_LG1JzHvo_Ee73aikNUJAfmFW3PLFPt6jzAJMiGEm14-geuQ-iWlZpWK1Tsk_jH0MOP9n0G3fE2NW1I_ENlUU HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEHwPVaoheassV8JRxTsmdSI&google_cver=1&google_push=AZmPxg94mYF5BsfiQwguX3sIp4-NRzrLmSVfO55lkKsJ75GObsVMRsPl6-qywVOa4HGH8L_LG1JzHvo_Ee73aikNUJAfmFW3PLFPt6jzAJMiGEm14-geuQ-iWlZpWK1Tsk_jH0MOP9n0G3fE2NW1I_ENlUU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg94mYF5BsfiQwguX3sIp4-NRzrLmSVfO55lkKsJ75GObsVMRsPl6-qywVOa4HGH8L_LG1JzHvo_Ee73aikNUJAfmFW3PLFPt6jzAJMiGEm14-geuQ-iWlZpWK1Tsk_jH0MOP9n0G3fE2NW1I_ENlUU&google_hm=skwh2ByUSGKlAwwNwMFemg==
Request Chain 261
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDBq-AOLIiWp3Yy0zHd-uSk&google_cver=1&google_push=AZmPxg9HaIJmQC7EQQWHBBrRmn6NucE4OmfXcoycgvaSXRx721u6vGPlI-FIuMEJSlndgvh4cXJfcs_DZctJPXglCs5fJvw9yUaKeU0B9bL6svKGnwFlCwTVL8W3Cfozihq6XeqnQzKdFuS4h8wtC9wNHPc HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDBq-AOLIiWp3Yy0zHd-uSk&google_cver=1&google_push=AZmPxg9HaIJmQC7EQQWHBBrRmn6NucE4OmfXcoycgvaSXRx721u6vGPlI-FIuMEJSlndgvh4cXJfcs_DZctJPXglCs5fJvw9yUaKeU0B9bL6svKGnwFlCwTVL8W3Cfozihq6XeqnQzKdFuS4h8wtC9wNHPc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIzODM2NTUwMzU2ODAyMDE4OQ&google_push=AZmPxg9HaIJmQC7EQQWHBBrRmn6NucE4OmfXcoycgvaSXRx721u6vGPlI-FIuMEJSlndgvh4cXJfcs_DZctJPXglCs5fJvw9yUaKeU0B9bL6svKGnwFlCwTVL8W3Cfozihq6XeqnQzKdFuS4h8wtC9wNHPc
Request Chain 262
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE-LhtYaTKqVV_bgPjhLL5E&google_cver=1&google_push=AZmPxg-VGa2JNJFtl5Pq9u_MYJe7-5_yvp6qWj7CYGjYJ9PCpy-AvA3CzvWwGNy_pO2vbO2QIUCTrcNIPwzyrdC8zGIYvUKScGFmqrHyHfW9CjNtFXurOrYOUizXqJCgzL9Lvx3h6LFcZT3sA-GgzmzYWDM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ap3zJ-U_T9tKze5X5km0EWfR_hE&google_push=AZmPxg-VGa2JNJFtl5Pq9u_MYJe7-5_yvp6qWj7CYGjYJ9PCpy-AvA3CzvWwGNy_pO2vbO2QIUCTrcNIPwzyrdC8zGIYvUKScGFmqrHyHfW9CjNtFXurOrYOUizXqJCgzL9Lvx3h6LFcZT3sA-GgzmzYWDM
Request Chain 263
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJ02JMuz9roZUC8jSA3xhY4&google_cver=1&google_push=AZmPxg8v2n5Wf-jXw0WLMp3CVJ0BJEm842jC5laM5NZKpojaIF2zXmndgtm01iIJ2HcgPccbg-gJQ_MzMyCs55zC0GguSt8Oar-yaRr5EnR-XDE4YBt4x9BGafqv5Y4YO5JG1DBfZSCiR_hzPKaHrZTkVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTc0MDk1NzI5MzA2MzU1NzE1NTM&google_push=AZmPxg8v2n5Wf-jXw0WLMp3CVJ0BJEm842jC5laM5NZKpojaIF2zXmndgtm01iIJ2HcgPccbg-gJQ_MzMyCs55zC0GguSt8Oar-yaRr5EnR-XDE4YBt4x9BGafqv5Y4YO5JG1DBfZSCiR_hzPKaHrZTkVA
Request Chain 264
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKmIzxc8i2CwT-T4HAzH0H4&google_cver=1&google_push=AZmPxg-So-8vTJfUhWMBj0--HI54nfDgQzjnWlNYLCeyhIPAXBbVlEMS-63yXzzHrEZaE3CJs6Fuu-89e_lJMH-3jMorVmn8_wrl7QbbpIME2K97xOT1BUibhT22AW2lqJ_DtdffripPqWbfHMDaZTOEA88 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg4svZNUMo_lm-bFRLiY-oRi9gKuhSik-eQ&google_push=AZmPxg-So-8vTJfUhWMBj0--HI54nfDgQzjnWlNYLCeyhIPAXBbVlEMS-63yXzzHrEZaE3CJs6Fuu-89e_lJMH-3jMorVmn8_wrl7QbbpIME2K97xOT1BUibhT22AW2lqJ_DtdffripPqWbfHMDaZTOEA88
Request Chain 265
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEChkNonPl93JqRWhjJc2VMc&google_cver=1&google_push=AZmPxg9_kZ-myah_LteT5Ph8jPiggBAnEdX_md5mNoqYdSUiVT2XXmyV9gku7fNu7cgY5_iDpg4ExgIBJDssTi4auZG_J9_Ys3ZK_tndQqRFgcdx6JAXEMtpN2SVUAizesjatHyvsTrRIXb6PkarHzbSSSU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9_kZ-myah_LteT5Ph8jPiggBAnEdX_md5mNoqYdSUiVT2XXmyV9gku7fNu7cgY5_iDpg4ExgIBJDssTi4auZG_J9_Ys3ZK_tndQqRFgcdx6JAXEMtpN2SVUAizesjatHyvsTrRIXb6PkarHzbSSSU&google_hm=ZTdmMGIwZDYtOGQyNi0zZmVjLTgxMzQtODU2NzEwNzYzNjli
Request Chain 266
  • https://sync.inmobi.com/gob?google_gid=CAESEBBpbQ9hujMXHfEsk_KD1Jc&google_cver=1&google_push=AZmPxg8PevrAJTCtpJYBFzyDsQFUPzOLNdr9JvJZlt2crPo-6LO5CyeK_MOBjQWViRnrMA9zKyxn4FVuu969Q98lcn8ZWgGhF3HvBCQ7abfQ3PdQJndjyvhyKaJLE4tkmanPNva6T2yl-iaFhYEMi7-cxNQg HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg8PevrAJTCtpJYBFzyDsQFUPzOLNdr9JvJZlt2crPo-6LO5CyeK_MOBjQWViRnrMA9zKyxn4FVuu969Q98lcn8ZWgGhF3HvBCQ7abfQ3PdQJndjyvhyKaJLE4tkmanPNva6T2yl-iaFhYEMi7-cxNQg HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Request Chain 269
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHFLk0db-ZNbFyItZSwBiFc&google_cver=1&google_push=AZmPxg-J_eY3tQQI_r9W5gWRCRYhvkzYmnOpXZP5bhBGmDY_d8XTk7C5iUKuHSqAMLR4RWjh_XK32Eyt9910VtBD3h3oQIRNEIERRz5xSkkIFPyOpu4M2l2tNDvOdilVfotLnkM5Ld4mnhIuOC_DYnzSUg HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEHFLk0db-ZNbFyItZSwBiFc&google_cver=1&google_push=AZmPxg-J_eY3tQQI_r9W5gWRCRYhvkzYmnOpXZP5bhBGmDY_d8XTk7C5iUKuHSqAMLR4RWjh_XK32Eyt9910VtBD3h3oQIRNEIERRz5xSkkIFPyOpu4M2l2tNDvOdilVfotLnkM5Ld4mnhIuOC_DYnzSUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MmVjMTlhNTctNWUwYi00YTllLWEyM2QtNWQwODE0YzQ1NWUz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3
Request Chain 270
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEDG5vtWY22wYS1CzdMNcBpA&google_cver=1&google_push=AZmPxg960fprqwOHxe_Uil6mj4aB0sYUwDfXkLB5_tIYlgN7AmHI2I_Mrb_K4NGSD31y0WsKl7E4qCg2RHbBFj5ARI3i34KJWi2qU1EWb4mARMN33RurqppFm27B70T0BAcCoby02-v4ffY96BwFhp78HWQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXpZUU9zQ284WVFBQUVsVHZ5NEFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDG5vtWY22wYS1CzdMNcBpA&google_cver=1
Request Chain 271
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHwPVaoheassV8JRxTsmdSI&google_cver=1&google_push=AZmPxg-nFxP9wkdXRzDPY85ukccBWqscmaQMPJCeP4-ulHtfllf_Lj_pTLcUykmPRBvZtWgXvwvds7bpA6ZZ3Iux9SFiIxJGJWF2ZzjC3vLdXDjVPYtH1IJodqnUkZCd4AXz4ZGKExBNnP8cfkqGjaa-FHE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHwPVaoheassV8JRxTsmdSI&google_cver=1&google_push=AZmPxg-nFxP9wkdXRzDPY85ukccBWqscmaQMPJCeP4-ulHtfllf_Lj_pTLcUykmPRBvZtWgXvwvds7bpA6ZZ3Iux9SFiIxJGJWF2ZzjC3vLdXDjVPYtH1IJodqnUkZCd4AXz4ZGKExBNnP8cfkqGjaa-FHE HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b24c21d8-1c94-4862-a503-0c0dc0c15e9a&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525897493458701898&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525897493458701898&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D
Request Chain 273
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDBq-AOLIiWp3Yy0zHd-uSk&google_cver=1&google_push=AZmPxg-F75g0gajtUB7_eEHTwwPejiujip42VTqgrVVUcBLXZFgW0nWn729mP46cE6U6DV-C2eQa2juM_wMUEh35-CIms8sjnfyKpM3eUCSItwciN12D8jJh0S3rvNHaoRJ5oLemToPbhKSAM9hLGI_omOY HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDBq-AOLIiWp3Yy0zHd-uSk&google_cver=1&google_push=AZmPxg-F75g0gajtUB7_eEHTwwPejiujip42VTqgrVVUcBLXZFgW0nWn729mP46cE6U6DV-C2eQa2juM_wMUEh35-CIms8sjnfyKpM3eUCSItwciN12D8jJh0S3rvNHaoRJ5oLemToPbhKSAM9hLGI_omOY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5NzMzNTQwMTA4Njk3MzQ4OQ&google_push=AZmPxg-F75g0gajtUB7_eEHTwwPejiujip42VTqgrVVUcBLXZFgW0nWn729mP46cE6U6DV-C2eQa2juM_wMUEh35-CIms8sjnfyKpM3eUCSItwciN12D8jJh0S3rvNHaoRJ5oLemToPbhKSAM9hLGI_omOY
Request Chain 274
  • https://rtb.openx.net/sync/dds?google_gid=CAESELIu0_aNP8bD57GnjJgDWpU&google_cver=1&google_push=AZmPxg-ruWFqGbsz8ujus816t7QFafdpz_uFznIMUF_K70T46_ib0WckJ1gj4nkaESVdTdzxj8ffk-nF2Ar5Tf9KTRjFl9eS_qIj_Zq_ncQliZ_0UUicnW6EAvzbgyvCiDe5SmNuLY3Ln15d55JOeGQk22c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-ruWFqGbsz8ujus816t7QFafdpz_uFznIMUF_K70T46_ib0WckJ1gj4nkaESVdTdzxj8ffk-nF2Ar5Tf9KTRjFl9eS_qIj_Zq_ncQliZ_0UUicnW6EAvzbgyvCiDe5SmNuLY3Ln15d55JOeGQk22c&google_hm=svzCLR3qy-oSi-7LQOu_2g==
Request Chain 275
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEXIIfrnF4uw_SmcWofdoeM&google_cver=1&google_push=AZmPxg-7wrSE_ltDxQEoSZmlE8loj6BEdYaaWRHd77qnMwunEkGkVNm7LDq1EQpSAkeRuu5CNkoe0yXwA8dwl-6PvrVCkQVRbhUl8r8JJ-VYnn_lIEeHGycl0ARw2SDwi_ly0kL6W1fDAbNeylZYnf5x5Tk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NmZmNzNkY2QtMThmMy00ZDk2LWIyMjctMjhhZWFjYzdjNDgx&google_push=AZmPxg-7wrSE_ltDxQEoSZmlE8loj6BEdYaaWRHd77qnMwunEkGkVNm7LDq1EQpSAkeRuu5CNkoe0yXwA8dwl-6PvrVCkQVRbhUl8r8JJ-VYnn_lIEeHGycl0ARw2SDwi_ly0kL6W1fDAbNeylZYnf5x5Tk0
Request Chain 301
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 303
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L8NKV9UL-11-8VHU&gdpr=0&us_privacy=1---
Request Chain 304
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=44995d8f-0ded-4e86-a0b7-fee033942bb3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=44995d8f-0ded-4e86-a0b7-fee033942bb3&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-lU41c_VE2uFDnroxAaXjMCkSEY5.tdZzitnhMkA-~A&gdpr=0&gdpr_consent=
Request Chain 305
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=44995d8f-0ded-4e86-a0b7-fee033942bb3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b24c21d8-1c94-4862-a503-0c0dc0c15e9a&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523716063242021849&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523716063242021849&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0
Request Chain 306
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D44995d8f-0ded-4e86-a0b7-fee033942bb3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4397%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D44995d8f-0ded-4e86-a0b7-fee033942bb3%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00NDk5NWQ4Zi0wZGVkLTRlODYtYTBiNy1mZWUwMzM5NDJiYjM%253D%26uid%3D%24UID
Request Chain 308
  • https://match.adsrvr.org/track/cmf/openx?oxid=6daa4811-b46c-72c4-f4ff-a27c93f28560&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3&ttd_puid=6daa4811-b46c-72c4-f4ff-a27c93f28560&gdpr=0&gdpr_consent=
Request Chain 309
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzYQOsCo8YQAAElTvy4AAAAA
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4ReWFP9PXWoNjsImVN8GY&google_cver=1
Request Chain 317
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7576552041308880809
Request Chain 319
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg4svaljpBg0Zh7uPHy0dAdjnnUHP3UT6Mg
Request Chain 322
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=L4oQEmeERfXu8STZQZLRvZrT5cNo1qFcW1MtaNX_0JU
Request Chain 325
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3&gdpr=0&gdpr_consent=
Request Chain 341
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3

350 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
www.bg3.co/a/ 		47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ab9bc4008aead16838e97f0479b050e38c090578a268a6b9457981021f70a10d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Sep 2022 21:37:53 GMT
ETag
"ba92-7iwc1YyUiTXNM41SX95DUyA8u9E"
Expires
Thu, 29 Sep 2022 22:37:53 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Sep 2022 21:37:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72580
x-xss-protection
0
server
sffe
etag
"262efd4b6b76c562"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Sep 2022 21:37:53 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Sep 2022 21:37:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9655
x-xss-protection
0
server
sffe
etag
"8ff35979583bd4ad"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Sep 2022 21:37:53 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Sep 2022 21:37:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
etag
"d4da8c7cd0fe74c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Sep 2022 21:37:53 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Sep 2022 21:37:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
etag
"ca421db8126f307e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Sep 2022 21:37:53 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5663
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEd4wEP7qEu9vXQ47Go8O8RY%2B7L%2B9H0BXfJGUMyw6FDiMzcPwx84E1200PHYxQ0n6txgt2HMF7dqnKQegtHLnrVJU2JMUb8wCtNA576lU3oxy664GVzu4Zm1Oy%2Btqxy4vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7527dcd99f955aa4-MEL

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Thu, 29 Sep 2022 21:37:54 GMT
content-encoding
br
last-modified
Thu, 29 Sep 2022 07:00:24 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-length
9571
expires
Thu, 29 Sep 2022 22:37:54 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
d9b19ef4c68b85c93da5e0ca1196a1b66df7b607c24b57ded31335ab29227280

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Thu, 29 Sep 2022 21:37:54 GMT
content-encoding
br
last-modified
Thu, 29 Sep 2022 19:17:27 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
x-cf-geodata
AU
content-length
105256
expires
Thu, 29 Sep 2022 22:37:54 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2256
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjRP3ZsGFTcJu8l5MwdJsqb7iQ%2B8Fgi8BMRLtV6KOQGEUsrHxQw%2FhtQjGXXofxOIKKeo%2F0ACiwFXp7MIPWwDG%2F3EDNu%2FJQYkp23dbnGo6Fc%2B8UobR6%2Bc69ms6KZSWj2Ttg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7527dcda48ab5aa4-MEL
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
a253a9822bcb217a9087aaaa4a7729b7d5bfb97194e1562be15a2121072a8e54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:37:54 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
a253a9822bcb217a9087aaaa4a7729b7d5bfb97194e1562be15a2121072a8e54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:37:54 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.16364893016801685&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:37:54 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.17557020758497166&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:37:54 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
0360bed100b3a6271a97f6bf613119e2.jpg
static.bg3.co/imgs/202209/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202209/0360bed100b3a6271a97f6bf613119e2.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf8304b05657563c0301cd1acaf4e38eec9ba99e3796e54fe852cc6cc2606b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 06:59:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0360BED100B3A6271A97F6BF613119E2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2MqQX4PyXGBo138cuLmMZ%2B95dcZ3JNFZ%2BA3KVvM8H1EAPvvMFYJZQE%2BY2rZpjdGS1naBJMKS8%2FO%2F89vctGjpdYBuThVwCRQbHz%2BF83WYmOphykFsFx2KQRdZ4AtKSI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcdccef317d0-MEL
content-length
43601
expires
Thu, 06 Oct 2022 21:37:55 GMT
56234076c70f82195ec366f019569097.jpg
static.bg3.co/imgs/202209/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202209/56234076c70f82195ec366f019569097.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87e88d636eedbb1732cb8dee8a245c70b5bfdff8447754976b3e5bf41c0640e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 06:59:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"56234076C70F82195EC366F019569097"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCIEgEuYnejQpbRlJa8NbPwLWbT9x32oWPZbFsJMFfNP5nhddZHmnbSUK2rKAa%2BaIm7l%2BKgFN8V%2FvBW8f%2FvRs2lv9%2BEEasFHFYFsP8KuQ1gqQOBv3qGtSPNlHORXaJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcdccef417d0-MEL
content-length
47116
expires
Thu, 06 Oct 2022 21:37:55 GMT
4d310acd82286d0bdd781d37af932146.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4d310acd82286d0bdd781d37af932146.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e84fa22928cbf7cc9d74c62a6e793cca5a1caf59746bcc0fdf589eba589a114

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 06:54:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4D310ACD82286D0BDD781D37AF932146"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjdziK7hfe7JTe00U%2B3OwDW8qqJzW5UzyeF61RrvhcL357bHKDwHOeT8YItfgHWSD77uq7%2B3S24FHmCtl2JXW8Fj7%2FygDYraCIMXXoocW7nQpfanoWtGM0gnyoFxaMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcdccef517d0-MEL
content-length
6065
expires
Thu, 06 Oct 2022 21:37:55 GMT
b994800d3babf40ecd7fb1db283f7145.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b994800d3babf40ecd7fb1db283f7145.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9225b49f97bcab9a2c897b1241671d98ea2c7a3e2232dcb21797b4d26997be0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 04:19:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B994800D3BABF40ECD7FB1DB283F7145"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZMOzXBvMYAnuNUEckUl02hE2DgfXHCrDdcHSC4B6semxcJY%2F3DzKWXlgbXKWGew%2Fpfk%2F0GpY7S%2B4nwXWCBj46fRowYW7IjjVUFsN8Syer5uqdRTG5lAMHlT7Sj15PU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcdccef717d0-MEL
content-length
7428
expires
Thu, 06 Oct 2022 21:37:55 GMT
597218a3d5f0aea074ddb6f2e31b83fb.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/597218a3d5f0aea074ddb6f2e31b83fb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c9bbaabecce53b78baa6ae56fc0c4400bb85aa9d0e20c97135e393c60f6ce4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 19:39:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"597218A3D5F0AEA074DDB6F2E31B83FB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHiGLwwIVmtAsYMQZaA8eMlN5R5wRNYuc6KR%2Bsdn6mI%2F0v4VyFJynRNVHmnBhtJLMz6u6E6Q%2BPkw7ROCogyWgZrHucKTigBd1iGdNFBRED9sAif%2FYgttEnLDFfVuB%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcdccefa17d0-MEL
content-length
5810
expires
Thu, 06 Oct 2022 21:37:55 GMT
11c6f5fe84828f3a369479f9813a9bb3.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/11c6f5fe84828f3a369479f9813a9bb3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee961e81e187f26e1d2f61cb5c5be0b3b70e532cbb844b5d91d1ed1b809beee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 00:10:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"11C6F5FE84828F3A369479F9813A9BB3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1osSvIsWqKfxFw%2FyXGoHuGyL7wit2wBq5L%2B9tR7XB8P6YqSKXnRXhiJvSHyUXzO5C%2FusDt2Xh82ThpO8aNLTA%2Fv97DDG2Qp6fH4gZkpmJl4uB0AXlEdmhB10vU5Li4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcdccef917d0-MEL
content-length
7026
expires
Thu, 06 Oct 2022 21:37:55 GMT
4a4ac1eaabfbc871948dbda290d60bcc.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4a4ac1eaabfbc871948dbda290d60bcc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d03f22431ef5a5ac30ea28a95e15420a70b84ad8b1123b1a84356c55d4b747

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 22:32:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4A4AC1EAABFBC871948DBDA290D60BCC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpQ8Z9%2Bt5BUznmCyrNJsAJ9NAMCfjTxwBenOWuGq8Oe%2BUdnmb0J8AyXIek74D6HLKRXepaayKnFtl31oTgaKOMBVGqr1BWMnSQgiirYJMthuY7pqWw%2FkSHb2Wf3c%2F8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcdcceef17d0-MEL
content-length
5460
expires
Thu, 06 Oct 2022 21:37:55 GMT
a6186a463602d3e70c745552d5a84303.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a6186a463602d3e70c745552d5a84303.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9074c976631ad867fe02029b46fa4ea30d7b46433a965f3f2aeeaa60d2f46084

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 04:19:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"A6186A463602D3E70C745552D5A84303"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v58YnIRAtj9WLEeALhc8%2BbsJyovrZSMv1j5YBoR5zPNkh3vwS5j2PiQ0yOWH88%2B3QaJGqn8CUOCfEocb8%2BgWwJpi6yRNPCpI5xv675MaOVExqc3QW0BalE5zKkRnxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcdccef017d0-MEL
content-length
7768
expires
Thu, 06 Oct 2022 21:37:55 GMT
e33df7296ee0cbf534850e6db547bb4e.jpg
static.bg3.co/imgs/202209/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202209/e33df7296ee0cbf534850e6db547bb4e.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d931013fa15069a793bee14a65e3a9b8e4bce2adff28ae4905e62bf52b296d08

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 06:59:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E33DF7296EE0CBF534850E6DB547BB4E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW6YcJw7XP9qB8XQ0l7xD9UVdwyVZmp8Q%2BxRWnWyBx3ye5xYLVeOcYDbFDFY8wg0tnpuIq3%2Fe25gHYoLck42I5dmOe1t3UVr13tRHnpbf9kG9AWotrLXoRnz7LFWLyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58c217d0-MEL
content-length
39194
expires
Thu, 06 Oct 2022 21:37:55 GMT
a6ce5aa57b17b90933e6679a43ff2bce.jpg
static.bg3.co/imgs/202105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a6ce5aa57b17b90933e6679a43ff2bce.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bdee6f00b9a245c30a26fb278c242f91f2f5c074d47cd8d7dd22f8c6cbc5ecb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 11:30:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"A6CE5AA57B17B90933E6679A43FF2BCE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj8HQTROHCVxyia2VX8W75UWOdOC8D8GwUb6DyKSkY9r1i1JnXXze9wE%2B%2FnFMTCNlK7wSrxlMm0L%2B42zah9C63N3nDnugZ7mPZkhDO6YZfdt%2BjBuGBbXnjbYSagimzE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58c317d0-MEL
content-length
3451
expires
Thu, 06 Oct 2022 21:37:55 GMT
35138ae6ee5c626928fee2ec2caaedd5.jpg
static.bg3.co/imgs/202201/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/35138ae6ee5c626928fee2ec2caaedd5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f72ee4a067838299be02176e75277e91c92bea87988e23404e084079b272664

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Jan 2022 03:30:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"35138AE6EE5C626928FEE2EC2CAAEDD5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIMsD%2Fta3JaFaPjqeYdHkpugBBtcQ4KL%2FqXpgb8Wb0yw9kNi1kOKkd9q5IkWmCF3F7FjOJIbS1H5jiDtlR61VmKaaSInmr5QV%2BfSI8F54C5eNhr9gP6AC%2FYQvNk4vVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58c417d0-MEL
content-length
3409
expires
Thu, 06 Oct 2022 21:37:55 GMT
69f435bc3de7ea36d9217d4f821598dd.jpg
static.bg3.co/imgs/202111/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/69f435bc3de7ea36d9217d4f821598dd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b951c6f01c3f4d03e5cc99b8e1c4815314ec0f3855597b40697f9f14c1d7bc7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Sun, 07 Nov 2021 02:05:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"69F435BC3DE7EA36D9217D4F821598DD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DcB8m3zMTIfrExFa%2BwwyE8Q6SimzExYQ23m8nc1nwyp9%2BxHx5PONfe1t%2FOFqI0er5G6ARnpqv%2F2jQGlRwI%2F%2Bp4xgUQgg2qpa8H9nR9Sf%2Fxv5VahVpZoiEPw7zf0kuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58c517d0-MEL
content-length
6341
expires
Thu, 06 Oct 2022 21:37:55 GMT
f65b59352566cd9715c2b51456399049.jpg
static.bg3.co/imgs/202201/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/f65b59352566cd9715c2b51456399049.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff2214c2181bf22151fe76b4cf649a61de7465d3c197f8139516a9d1ee81667

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Jan 2022 17:44:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F65B59352566CD9715C2B51456399049"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nm1yMQJ9NLZ2NGezGbq68fHTRRLizcRTRQBjoK%2FMukQdW3ddIqAxXFFVZXsonFMHcqOYgexfzONuj9TAlN8rVFGhijHd37eneCOjwecvL%2Bx46BrpMq6tPhxPcgA3pM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58c617d0-MEL
content-length
6584
expires
Thu, 06 Oct 2022 21:37:55 GMT
49191c2c4ee1a100904f5299a5bf8f10.jpg
static.bg3.co/imgs/202112/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/49191c2c4ee1a100904f5299a5bf8f10.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac093e7935d69e497236201bebb39dce3d42fed0ef8b88a0851936caf76dbf78

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Dec 2021 07:43:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"49191C2C4EE1A100904F5299A5BF8F10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbUnpWGJ%2BN3XUYR9y9mmPgTtG8HebmUU6AuwwfBW15t1%2FFxKjDS51rWX6RQm62JuHyl4%2B78iQ230VFESMSSxLCQAmJgGp0E1aBe7yCP3s5nwbRU8HsIfyeZa5Bib2EM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58c817d0-MEL
content-length
4318
expires
Thu, 06 Oct 2022 21:37:55 GMT
e9eb27fdf764e4d6d416e72c0efb070d.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e9eb27fdf764e4d6d416e72c0efb070d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469b5e0a744f809071294a40c665f29a42a73381490dbe10ca6eabc125567fb2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 15:09:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E9EB27FDF764E4D6D416E72C0EFB070D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maRolxwg%2B%2BjsTKavUKLx06qUzGemEz%2F1HDB6y9HkHC1a3MCNOuVACJ8Pxe4bGvrRufmcW%2FlMHqeCA6XlhSh7NYGGlzASs0dHP7M6hj2efUokCaY8BEO7bbImRu2JFWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58c917d0-MEL
content-length
8209
expires
Thu, 06 Oct 2022 21:37:55 GMT
38e71b74fc0edbfe0cb114ebcb72cde6.jpg
static.bg3.co/imgs/202107/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/38e71b74fc0edbfe0cb114ebcb72cde6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c21a3e4eda803a2a21503813c15a46e86a9ca59b235d25816b24905d0c92e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Jul 2021 07:41:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"38E71B74FC0EDBFE0CB114EBCB72CDE6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqHm1TwDbVEnVAFWSfs%2BxCLSXZSzXyHVzavsLQIIXc%2FWH07vDlApXcSuMfs0v7AA91bTLtVvbxybBz6zeB9hb%2BF5nV269Xb5XhO7Z2lUVa%2F2iXoGUYD%2FBeZzraybihE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58ca17d0-MEL
content-length
4023
expires
Thu, 06 Oct 2022 21:37:55 GMT
548b792e673e48e2e927d5f440870e65.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/548b792e673e48e2e927d5f440870e65.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb603093a2e8c87fd9955a9687191ef64f16b618e2501aef6de3c1f5dbf56cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 08:50:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"548B792E673E48E2E927D5F440870E65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3xcutW4JCbpcpXirwOm6CPXw59QkETG3fdm6Ly8ZPlo8tmwgJg379wRoQAm8siFrjgViVNipo%2BZzPPxVMpdO9U6GRTUXOYw1ylNirXh8h5vaZ59CMSzpXggrY1111k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58cb17d0-MEL
content-length
6310
expires
Thu, 06 Oct 2022 21:37:55 GMT
9e9cda7bd66b466abf8712ac53c00c25.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9e9cda7bd66b466abf8712ac53c00c25.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e916f381680f0ebdd3985f5731765c85407c3106ec564522c134e64b6b223ec5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 21:57:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9E9CDA7BD66B466ABF8712AC53C00C25"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxDX0qQFK8ZuJ2o6XzDNwmAbPJF%2Fjy0sM5%2FUiJcGCWDyPpozQKy75zX5%2BmxIA0nz8IhkRXYmPhyBLEWDmVn%2BmO0iZnFRSHMOfc7JGxlWkanFiwc38aOXb%2BNFnZxUpoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58ce17d0-MEL
content-length
5104
expires
Thu, 06 Oct 2022 21:37:55 GMT
c6c3e8f7a72c2fb1c84030085fde725c.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c6c3e8f7a72c2fb1c84030085fde725c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbf6825e0e585b05922d1c610bc18d7180b71affe23fe01edf234e8dd5a36db

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 06:13:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"C6C3E8F7A72C2FB1C84030085FDE725C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwGKufwV2259%2FBPpdL4CT690vAZ6NL0DPkFz7fqMcW1RkmahJ4FxMaJ6%2BelwDylkN1SLxOkMiR2s%2B8XTPEm1fE%2F26A4GhpnLJXkHHeue8gzDChpGFPYpc%2FE7kqMavBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58cf17d0-MEL
content-length
6608
expires
Thu, 06 Oct 2022 21:37:55 GMT
be23844454d0d379ad4f8e6887ed27de.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/be23844454d0d379ad4f8e6887ed27de.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1442b31a9fefb0ad2e7737a2618c702cbb6c86bd364103a4b4126e832953e3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 03:32:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"BE23844454D0D379AD4F8E6887ED27DE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9PUkdlw7ysuQ%2BjQBNmyQOeDQTaPZ%2BlH%2F2IX1p7czBa1Da6Ne%2BeU2g5rDS6TLSjqeY6FHGbgKodV75r4FMxaPfIEOKezpb5Ivaji%2F0x%2FSHew8qMxATjTrBfBi%2B527i8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58d017d0-MEL
content-length
7478
expires
Thu, 06 Oct 2022 21:37:55 GMT
a18f4409f86865150141cc1039ef59f4.jpg
static.bg3.co/imgs/202106/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/a18f4409f86865150141cc1039ef59f4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a66b738895cdc64c71ff4f986fc01e49e0728d87049a176f2f74b30bf3a7c1ef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 17:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"A18F4409F86865150141CC1039EF59F4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bd2gyQj%2FNQgURswLz4GO%2B9cHkhUeGltBT1Gk4E3undw1fwC8kjieWJHo5oInxQ10vxof9BUb%2Br5ryhtfetgw3Hcvz9ZAvDvkeHb1VNecEwvMszbrgMgu4sHY27HJYzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7527dcde58d117d0-MEL
content-length
10811
expires
Thu, 06 Oct 2022 21:37:55 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 17:32:03 GMT
age
187551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2994
x-xss-protection
0
server
sffe
etag
"ef33de73eae082fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 17:32:03 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 23:58:13 GMT
age
250781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23079
x-xss-protection
0
server
sffe
etag
"a56a470e0e255659"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 23:58:13 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
999 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
517c70d04c490d373559fc82e7d043cd9d6639f6607d4a098b3e86c1caefcc71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
550
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 17:31:58 GMT
age
187556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
server
sffe
etag
"b1ec7df2eb3636e4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 17:31:58 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1664487475.dop026.la3.t,1664487475.cds219.la3.hn,1664487475.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F5D8 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a3d45e54ebfce8c133a529d908e48b3af9ae46683e13edafd807731cd4edafc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40180
x-xss-protection
0
server
cafe
etag
2952305002264305322
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 21:37:55 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 99A2 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
5f1a47066aa85e63d75098c4453749fc4a185a2dcb3f1631f038e55257dbb897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40176
x-xss-protection
0
server
cafe
etag
15155931969390333418
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 21:37:55 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1664487475.dop026.la3.t,1664487475.cds219.la3.hn,1664487475.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 03:08:43 GMT
age
239352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10238
x-xss-protection
0
server
sffe
etag
"d9aacf1c86bf072e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 03:08:43 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame A0F4 		714 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
2312
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7527dcdf8dc15ab8-MEL
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 21:37:55 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rd12kCLsiWQh74ZLmyQqUynipqYUQWczBa8Vyyg00bbE3dMf1jGP0JAfGg8fD4mFyeLb9THFb0pYeXBGY8nuBJzwCbsSRNO4o24kL2AvddqBqJ%2FGpMI7jMcdlXHeDfXCNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:37:55 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 17:36:59 GMT
age
187256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57918
x-xss-protection
0
server
sffe
etag
"7c6c55ae06162656"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 17:36:59 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 9E31 		714 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
2312
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7527dcdf8dcc5ab8-MEL
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 21:37:55 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGhUw1dUHGAD1kh60KgMxRjnl7cpt1xs4bBcXoa6iHcjEzhihBQW7fPd1CJy1r%2Bi6UwHS4xpGccQcE%2FwLFOP89Q8FGz5A8WBwPkNax9SHp81TeA4RltuUX0aZ4bJyJ7bnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A0F4 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
0f4c8b81f1d4ae7ac1b75a73516050fced14535c5ced088078b27d7528ed08a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27763
x-xss-protection
0
server
sffe
etag
"1349 / 568 of 1000 / last-modified: 1664449484"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 29 Sep 2022 21:37:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9E31 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
48b324fcaaf59a205fbc675ada39c7f0a9c6d360824b367ac3afbe3eae9ec095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27757
x-xss-protection
0
server
sffe
etag
"1349 / 2 of 1000 / last-modified: 1664449484"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 29 Sep 2022 21:37:55 GMT
gtag.json
cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Sep 2022 07:20:47 GMT
age
51428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"cc10be84565b445b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 29 Sep 2023 07:20:47 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-20007048061093706366.ampproject.net/2209072154000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-20007048061093706366.ampproject.net/2209072154000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/ Frame F5D8 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070010
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9e1c718b2348895b07cfe690810bf4ce9afe3577ab7f023f4d04d95a628f4a3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125815
x-xss-protection
0
server
cafe
etag
224788815808969934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 21:37:56 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1664487475730
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Thu, 29 Sep 2022 21:37:55 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
631
expires
Thu, 29 Sep 2022 22:37:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ Frame 99A2 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
41d0df64699d28f8560adc3fddebefa9674313ae77cbad92d0f2481737433e88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125655
x-xss-protection
0
server
cafe
etag
15791310793263137124
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 21:37:56 GMT
pubads_impl_2022092601.js
securepubads.g.doubleclick.net/gpt/ Frame A0F4 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 11:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131426
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:39:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Sep 2023 11:07:05 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
94168
expires
Fri, 29 Sep 2023 21:37:57 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
317
expires
Fri, 29 Sep 2023 21:37:57 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
17440
expires
Thu, 29 Sep 2022 22:37:57 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
0f4c8b81f1d4ae7ac1b75a73516050fced14535c5ced088078b27d7528ed08a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27763
x-xss-protection
0
server
sffe
etag
"1349 / 696 of 1000 / last-modified: 1664449484"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 29 Sep 2022 21:37:56 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pubads_impl_2022092601.js
securepubads.g.doubleclick.net/gpt/ Frame 9E31 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 11:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131426
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:39:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Sep 2023 11:07:05 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQ0ODc0NzYwODEsInBhY2tldElkIjoiMDAwMEE3MDEtNWYxNTlmZmEtYjkxMy00YzFiLTg1NjktODZkZDc0YTBlYzkxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhbi14aS1odW8tc2hhbi1kYW8teW91LXJlbi1ydS16aGktaGFpLXNoaS1odW8tc2hhbi15YW4tZmVuZy1ndWFuZy1xaS1saS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=3793.100000023842
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQ0ODc0NzYwODEsInBhY2tldElkIjoiMDAwMEE3MDEtNWYxNTlmZmEtYjkxMy00YzFiLTg1NjktODZkZDc0YTBlYzkxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhbi14aS1odW8tc2hhbi1kYW8teW91LXJlbi1ydS16aGktaGFpLXNoaS1odW8tc2hhbi15YW4tZmVuZy1ndWFuZy1xaS1saS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=3793.8000000715256
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ0ODc0NzYwODEsInBhY2tldElkIjoiMDAwMEE3MDEtNWYxNTlmZmEtYjkxMy00YzFiLTg1NjktODZkZDc0YTBlYzkxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhbi14aS1odW8tc2hhbi1kYW8teW91LXJlbi1ydS16aGktaGFpLXNoaS1odW8tc2hhbi15YW4tZmVuZy1ndWFuZy1xaS1saS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=3794.100000023842
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ0ODc0NzYwODYsInBhY2tldElkIjoiMDAwMEE3MDEtNWYxNTlmZmEtYjkxMy00YzFiLTg1NjktODZkZDc0YTBlYzkxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhbi14aS1odW8tc2hhbi1kYW8teW91LXJlbi1ydS16aGktaGFpLXNoaS1odW8tc2hhbi15YW4tZmVuZy1ndWFuZy1xaS1saS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=3798.100000023842
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ0ODc0NzYwODgsInBhY2tldElkIjoiMDAwMEE3MDEtNWYxNTlmZmEtYjkxMy00YzFiLTg1NjktODZkZDc0YTBlYzkxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhbi14aS1odW8tc2hhbi1kYW8teW91LXJlbi1ydS16aGktaGFpLXNoaS1odW8tc2hhbi15YW4tZmVuZy1ndWFuZy1xaS1saS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=3800.399999976158
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%BB%A3%E8%A5%BF%E7%81%AB%E5%B1%B1%E5%B3%B6%E9%81%8A%E4%BA%BA%E5%A6%82%E7%B9%94%20%E6%B5%B7%E8%9D%95%E7%81%AB%E5%B1%B1%E5%B2%A9%E9%A2%A8%E5%85%89%E7%B6%BA%E9%BA%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-haSPzcRDfeR9fc3DqNhFig&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.5306198960720887&gjid=0.17459453908513844&_r=1&a=4719&z=0.2812065987854786&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8960 		603 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38571042042221827304&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3009&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=93004719&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&ga_hid=4719&dt=1664487475614&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&bdt=2222&dtd=484&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:56 GMT
expires
Thu, 29 Sep 2022 21:37:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&c=93004719&slotId=3&puid=1~1664487476214&met.a4a=ast.3325~ars_lvt.0~ars.3920&qqid=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F5D8 		379 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
f4cb89e2f249047e06c9281608753f7458af020c2c86b884f5dac4d005622eb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame F5D8 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F5D8 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 805C 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475652&bpp=13&bdt=1408&idt=735&shv=r20220927&mjsv=m202209280101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=2&ga_vid=1165728026.1664487476&ga_sid=1664487476&ga_hid=343950385&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2525578799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069959%2C42531706%2C31070010%2C44774605&oid=2&pvsid=2874003683732458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5oaipgf7r6u8&fsb=1&dtd=752
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ac4d9f8c068e2fab8850332cbda29999343839f495dc3065f2b137ff49799a5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10621
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:56 GMT
expires
Thu, 29 Sep 2022 21:37:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 99A2 		379 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
934167ca23b26b8898e0f2735c9b2e41657dc7f8376fadc258c87746b297c7e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 99A2 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 99A2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C324 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475789&bpp=12&bdt=1527&idt=803&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=1&ga_vid=867079241.1664487477&ga_sid=1664487477&ga_hid=1406749941&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2525&biw=1600&bih=1200&isw=336&ish=280&ifk=1056026149&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531705%2C44767166%2C31069720&oid=2&pvsid=3097226791351910&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.suox96yce1dh&btvi=1&fsb=1&dtd=818
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
5e3f2bcd9990588f5cfa4771f22f8d2a89f417f490e7480ef100cda4f95932fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10620
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:57 GMT
expires
Thu, 29 Sep 2022 21:37:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022092601.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 11:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131426
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:39:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Sep 2023 11:07:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Thu, 29 Sep 2022 21:37:57 GMT
integrator.js
adservice.google.com.au/adsid/ Frame A0F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A0F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A0F4 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=722557236806694&correlator=2369635059932365&eid=31068458%2C31068501%2C31069634%2C31069839%2C31069924&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664487476684&lmt=1644386353&dlt=1664487475188&idt=1477&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=xermhjkth9kr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1591308692.1664487477&ga_sid=1664487477&ga_hid=1542017896&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
2058128279d74eb5fda6ce21db2ea4467373fe70f34cafa2cc42e13d4b8d6292
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fafa59765d81ca88780b84bf059c6146.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FBF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fafa59765d81ca88780b84bf059c6146.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:57 GMT
expires
Fri, 29 Sep 2023 21:37:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&c=93004719&slotId=3&puid=2~1664487476714&met.a4a=ail.4425
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 9E31 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9E31 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9E31 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4340601197459910&correlator=691459568444470&eid=31068928%2C31069837&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664487476840&lmt=1644386353&dlt=1664487475199&idt=1633&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=n99m47wlydzf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=316420389.1664487477&ga_sid=1664487477&ga_hid=1519025295&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
22baebf9ee236c538f59eb4e6dac10aba76c6edd892bce543a8afd9960199e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b432474d6bcd0a9da4547a8302d158f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BCF8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b432474d6bcd0a9da4547a8302d158f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:57 GMT
expires
Fri, 29 Sep 2023 21:37:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame ACC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMmnfNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPEBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbq-ZX5SvAsokc0Dn9YLR-us0Xs0n_CVesgxQ8TrHqJeReIapKRcRoAGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=mlgdb4DiMu4&uach_m=[UACH]&cid=CAQSGwCsnQUx2FGmHQ0LuDxvE7JGbhnnMrWNHPJ9xhgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475652&bpp=13&bdt=1408&idt=735&shv=r20220927&mjsv=m202209280101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=2&ga_vid=1165728026.1664487476&ga_sid=1664487476&ga_hid=343950385&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2525578799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069959%2C42531706%2C31070010%2C44774605&oid=2&pvsid=2874003683732458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5oaipgf7r6u8&fsb=1&dtd=752
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 29 Sep 2022 21:37:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 29 Sep 2022 21:37:57 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame ACC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k6TEFNHxBqwC-gFi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQMxA2Y2BRCFgl8ogZ4Z5QABIAAA&wp=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
140664
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 6906 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475652&bpp=13&bdt=1408&idt=735&shv=r20220927&mjsv=m202209280101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=2&ga_vid=1165728026.1664487476&ga_sid=1664487476&ga_hid=343950385&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2525578799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069959%2C42531706%2C31070010%2C44774605&oid=2&pvsid=2874003683732458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5oaipgf7r6u8&fsb=1&dtd=752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f8826ee78746ed779b98dd9d258784fc4fe492ee7a11bd68a07129acf4e41f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:57 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=_wnnqC-uvTKkFYwGMEXIcJbfKQQZf8oGGW01kpkI2bJsVtrONBmevJPrVgLg0rPwwDawTSDoRJaU8Km1WFqt3tysubC9nU-qawIy3C8qxCKS9SShhS3daF5P171Yjm0QPHbslqk9vx7PV1LUv7GBFcEKt96VBj9nkfSKWfef_1rdtDsce-Afrq4e_UppwmOtS40uqUYVPJBB7wDm6MeBOEJTZ_6qEvVUDVPNmb4bRBJIEECUxl7m-1N9YLLQPXr7D05GIg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4478884
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame ACC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475652&bpp=13&bdt=1408&idt=735&shv=r20220927&mjsv=m202209280101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=2&ga_vid=1165728026.1664487476&ga_sid=1664487476&ga_hid=343950385&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2525578799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069959%2C42531706%2C31070010%2C44774605&oid=2&pvsid=2874003683732458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5oaipgf7r6u8&fsb=1&dtd=752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 20:48:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame ACC4 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475652&bpp=13&bdt=1408&idt=735&shv=r20220927&mjsv=m202209280101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=2&ga_vid=1165728026.1664487476&ga_sid=1664487476&ga_hid=343950385&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2525578799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069959%2C42531706%2C31070010%2C44774605&oid=2&pvsid=2874003683732458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5oaipgf7r6u8&fsb=1&dtd=752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:33:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 19:33:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ACC4 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475652&bpp=13&bdt=1408&idt=735&shv=r20220927&mjsv=m202209280101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=2&ga_vid=1165728026.1664487476&ga_sid=1664487476&ga_hid=343950385&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2525578799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069959%2C42531706%2C31070010%2C44774605&oid=2&pvsid=2874003683732458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5oaipgf7r6u8&fsb=1&dtd=752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:37:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F29A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjqMMNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE9wFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dr-LOTxTO9l7KsCi04LJEvOEct5br9bCMbNFxp2fa1U1cKOSF60ugAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=QbMUbqzQCNU&uach_m=[UACH]&cid=CAQSGwCsnQUxcxZStLoazqhLfjlKR2gkb8ijZ3GOpRgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475789&bpp=12&bdt=1527&idt=803&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=1&ga_vid=867079241.1664487477&ga_sid=1664487477&ga_hid=1406749941&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2525&biw=1600&bih=1200&isw=336&ish=280&ifk=1056026149&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531705%2C44767166%2C31069720&oid=2&pvsid=3097226791351910&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.suox96yce1dh&btvi=1&fsb=1&dtd=818
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 29 Sep 2022 21:37:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame F29A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k6TEFNHxBqwC-gFi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQNBA2Y7deqbVSwTkh3sEwABIAAA&wp=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
152938
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame A1DE 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475789&bpp=12&bdt=1527&idt=803&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=1&ga_vid=867079241.1664487477&ga_sid=1664487477&ga_hid=1406749941&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2525&biw=1600&bih=1200&isw=336&ish=280&ifk=1056026149&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531705%2C44767166%2C31069720&oid=2&pvsid=3097226791351910&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.suox96yce1dh&btvi=1&fsb=1&dtd=818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4c41da38a3c89ccef7763348498f4b16a85cd5e942213202c52114e5185b352f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:56 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=NtnKhS-uvTKkFYwGVSIl2Qw3lnkHaPtn_i4jM54O0bE23FB_Tb58NBfk1GWYm1zKt3p0gHgBg4b6iCEITiRXWf7bj0Qh2Itivtf8I-3G4pdEEASaESPNqC5v4Ebcr-uOBFRqOT3nxYt70uzffDdTt2k_GshFNFBfY6oiWVU6mVJ8S-XizG0IxyI4LoIqmvmJCTuCDnZuxRc1kZHFsEMg_lCHrgiszwfHqciVAztjRvGLi_5ZOQrnrKciI3ZikorI4keu7Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4203294
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame F29A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475789&bpp=12&bdt=1527&idt=803&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=1&ga_vid=867079241.1664487477&ga_sid=1664487477&ga_hid=1406749941&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2525&biw=1600&bih=1200&isw=336&ish=280&ifk=1056026149&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531705%2C44767166%2C31069720&oid=2&pvsid=3097226791351910&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.suox96yce1dh&btvi=1&fsb=1&dtd=818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 20:48:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame F29A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475789&bpp=12&bdt=1527&idt=803&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=1&ga_vid=867079241.1664487477&ga_sid=1664487477&ga_hid=1406749941&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2525&biw=1600&bih=1200&isw=336&ish=280&ifk=1056026149&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531705%2C44767166%2C31069720&oid=2&pvsid=3097226791351910&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.suox96yce1dh&btvi=1&fsb=1&dtd=818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:33:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 19:33:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F29A 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475789&bpp=12&bdt=1527&idt=803&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=1&ga_vid=867079241.1664487477&ga_sid=1664487477&ga_hid=1406749941&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2525&biw=1600&bih=1200&isw=336&ish=280&ifk=1056026149&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531705%2C44767166%2C31069720&oid=2&pvsid=3097226791351910&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.suox96yce1dh&btvi=1&fsb=1&dtd=818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:37:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A0F4 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
26f7f2c20742d63068b59c8f42d7cad213c27ab02c1641c73d03d580e649bb0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11295
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9E31 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
22f0fbacffde9c833cfede6746bac541a812e86565afe4e8557c48c6d1130e65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11183
x-xss-protection
0
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
etag
"+b0B6ncQDCugPb96DWf2QA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 06 Oct 2022 21:37:57 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220929
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ae1d09e3e3ba08fbfd1ef4defffda3bec432f55b89ea7529276db3048f4d9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23798
x-jsd-version
1.0.1478
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4557-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-Al8/8R/c5/QIa7IyRz4MQPnxdmU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gd8O7Jc1KhiXhby%2FjL%2FbxejSrOPHYtIk8TFJqY6Udw7PSt5GFApf0KNcvD1%2BCAyo%2F9jNH8k5vlfWFZeWoHLs9UDrFrwBeUeNah03SRkba672lBPKWfZeUU6yNO6cA5fHXMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7527dcef99cd3778-MEL
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=82843629747
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.248.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-248-191.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a8c58ade1cbf551321e1fffbb24de8def0120d65801b8396e39b044239136715

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.248.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-248-191.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
73a645c098f0a0b001424560d5b87df68b5b97998ec91ed54f375f50a73a94da

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.248.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-248-191.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c09793c2f014918f9c4452ad67e812a10b17ec0c0231917b16930421adb891f9

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:59 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=be067748-1deb-4d33-ae29-6a94f7d5b69d%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=e2798a46-0b04-4b24-9894-977487fbaf0b%3B334104d9-32bb-4ad3-b6f9-717681b39c74%3Bc618ffad-ff9b-4886-8bd0-2636427b817e&l_pb_bid_id=6f5c0fc0ce3f09%3B7bbfc8a9835697%3B8cda5a50733e94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.6238398787964954
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
53c3ed8a0c360ba1465ed43bf7d8cfd401a23d65ce20283a5a2ba3d733e3118a

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 21:37:58 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bg3.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		584 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
10c007df5ff83f3f314238ca5399f563f2d97f25853fd8cc641a23796c38ba0e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
476
content-length
301
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.111.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-111-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
17
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.37.41 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-37-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 29 Sep 2022 21:37:58 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.199.37 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-199-37.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:58 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.124.31 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
31.124.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0155a5a3f05be5c150468a5130b4ed9aae34fe963c387bc50263614f659149ce

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 29 Sep 2022 21:37:58 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
adreq
ads.servenobid.com/ 		0
0
cygnus
htlb.casalemedia.com/ 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22471a40debbb6a74%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254aa700dd17f24c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2257acdf3437d4e19%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22586015e08e79467%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22be067748-1deb-4d33-ae29-6a94f7d5b69d%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da02e7041f6b6dc7aa4c956b6266341a2a9e13e1d1a0179eecc977049ceb38f8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCA1pca7n%2BL2uHmoCOAlHOiPxonM6wn55qwtdUqlbxx85rth4jQq5TGLKLTerc0jIyJ9Nf79rPD8lpVk%2BcwVKvkhF7dSKcoyLIxV9Zh9zBVmsw1GyV4mmxB75e%2BdcLgctHl30NhD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7527dcefeaf2df81-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22471a40debbb6a74%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2257acdf3437d4e19%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22586015e08e79467%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22be067748-1deb-4d33-ae29-6a94f7d5b69d%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da02e7041f6b6dc7aa4c956b6266341a2a9e13e1d1a0179eecc977049ceb38f8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCE9PnWMECbzoLujGBXUXaUoOhiaFodinf4P1NB8eGDaUjZLE69c1hsv0Yetm7o3X0%2FY9RFTw9YZpFCjZyPoej5KDLcldrOyNm94BMUdO2YLuf0FGJeVAKqBNdMnCpD6wf8SLL%2Bw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7527dcefeaf7df81-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
arj
adpushup-d.openx.net/w/1.0/ 		173 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=91972adc-f9f8-421a-a53d-b1b2ee80fc98%2C8d32745d-d157-4e5a-be28-eb0a06b1314a%2Cbd6d8802-3ad8-4460-a4eb-590df5da9b4e&nocache=1664487477502&pubcid=be067748-1deb-4d33-ae29-6a94f7d5b69d&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
50acfcbf8e0b2866589b3603c2f28b3b86c974680d1fe007bed108e2f8205288

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=913a3b38-c831-43bc-828b-6cab7a32371d&nocache=1664487477502&pubcid=be067748-1deb-4d33-ae29-6a94f7d5b69d&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:57 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=585aedda-ff59-4e7a-baab-a19863fbadd0&nocache=1664487477503&pubcid=be067748-1deb-4d33-ae29-6a94f7d5b69d&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:57 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e5a65f46-730f-4d93-8637-9f8abbdc4066&nocache=1664487477503&pubcid=be067748-1deb-4d33-ae29-6a94f7d5b69d&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:57 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44ac02ea07c96f24633262e18f47593e30f22442377f4a8bee84adf02e01b4ae

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
279
alt-svc
clear
prebid
ib.adnxs.com/ut/v3/ 		32 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9cc157bffd0b09af9bb7da04660e3334e5c2d85be27d2296605a73d10e983cc4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 29 Sep 2022 21:37:58 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.17; 103.209.254.17; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2e5f477b-cc10-4e7c-a7d8-8724b83e9c25
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame A1DE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Sep 2023 21:37:57 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A1DE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Sep 2023 21:37:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A1DE 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 24 Sep 2023 21:37:57 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A1DE 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 24 Sep 2023 21:37:58 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame A1DE 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=24m7qlW8Y_hLnft_r9WpQ1geKbsGQZyR8oZBNl8RI7_2ECvDlBHo_MqFu3ZwELJstkPDjn3XlA9RbWm60ZHtdgPd18O6sCUrQEO5DIkqskDy_rhUVAlS-j9ytyd6pAZzHB5od-0BZu6c5VxPNlK3vSaBSsrQvfYXRGk--QgSlOElNyQ5UJfQXfb3OjRdlJdPzVc7XksRujJkmC8ieQwnjN_Nyvf4SNaHoItV8M7XOQulqFcLjbOPJ7wyyyenHk34MKtrP-a0BbO8o9Uj1Wy0CCPUYTkjq4HskBqWLl4qhzSMycKbMQNZIXj0Hp0B8xKvKS-LQhhBLPc73KC7OS4F9-GfTgJT6m9d1wTLBAEFGDlZnHcLma_sUt9-XMaH-vgZbpO2yQb6T2orcdwMExWUV0BHZ22I4Q0bTwCx7PJZYVs3hs6J0RIrFeoL5EnVDOqVEAhJ-g
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1760547
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame ACC4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e2fee741a72d1c636e3173caf6e2ef9b219353fef464f2e6346da79e0612ff6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F29A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6579a6c375c7e47cbc073b0a913cf48704c9ee8d5219c1ac6121ce59bb4dee84

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/sushicat/300x250/ Frame 6C24 		63 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/sushicat/300x250/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:57 GMT
etag
W/"632bead1-fd81"
expires
Sun, 24 Sep 2023 21:37:57 GMT
last-modified
Thu, 22 Sep 2022 04:55:45 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
visit.jpg
tps.doubleverify.com/ Frame A1DE 		0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=23716808&cmp=192152&sid=3129&plc=6788205&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&gdpr=0;
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.107 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 21:37:59 GMT
Cache-Control
max-age=0
Expires
09/28/2022 21:37:59
all
csm.as.criteo.net/ Frame A1DE 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=NtnKhS-uvTKkFYwGVSIl2Qw3lnkHaPtn_i4jM54O0bE23FB_Tb58NBfk1GWYm1zKt3p0gHgBg4b6iCEITiRXWf7bj0Qh2Itivtf8I-3G4pdEEASaESPNqC5v4Ebcr-uOBFRqOT3nxYt70uzffDdTt2k_GshFNFBfY6oiWVU6mVJ8S-XizG0IxyI4LoIqmvmJCTuCDnZuxRc1kZHFsEMg_lCHrgiszwfHqciVAztjRvGLi_5ZOQrnrKciI3ZikorI4keu7Q&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A1DE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Sep 2023 21:37:57 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A1DE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Sep 2023 21:37:57 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6906 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Sep 2023 21:37:57 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6906 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Sep 2023 21:37:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6906 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 24 Sep 2023 21:37:57 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6906 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 24 Sep 2023 21:37:58 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 6906 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Rcrp2lW8Y_hLnft_r9WpQ1geKbtAEsJP8p-wR6wfKTjwCvOsQB8SxdNHPphJCc4Iovi4GXlFVF3O3blmuhoqG_CWFg2MGFgdvVJtbrNKAYggWFsq6_nVXCo_VCwCF9Di3ED0MmZPgKDR-SO9ncCCsixj2fe6cZSiWq6vz4Dne3sTrZwdvalkvj8Kt08K-x-t7khqKFODKNpOufYBbEaLGwFsZqz8DeiikP8qdmcfC-LTApiOUBV9JarYaD1ZUQQV662nKQ4vqnrPW9tabmS1qrk3epXjjQkCcd_j8Dj2oFnvcIfEi1X9Ym1zcmFFiFqjecXjKrrgatXGlwmQaAk12xS0LHCLUkCUI8w46ljyXUU0Nbdqvu7FkYs5r7GdCuIBoTi2gfMFrEMgpl_O1VrkSSWlm44iVcyQm02hMA89CdvKu5ceIS6lacwHE-dxfN8GQ0KpkA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2263742
expires
Mon, 26 Jul 1997 05:00:00 GMT
visit.jpg
tps.doubleverify.com/ Frame 6906 		0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=23716808&cmp=192152&sid=3129&plc=6788219&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&gdpr=0;
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.107 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 21:37:59 GMT
Cache-Control
max-age=0
Expires
09/28/2022 21:37:59
index.html
static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/yoga/300x250/ Frame 0ED4 		63 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/yoga/300x250/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:57 GMT
etag
W/"632beaef-fd81"
expires
Sun, 24 Sep 2023 21:37:57 GMT
last-modified
Thu, 22 Sep 2022 04:56:15 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
all
csm.as.criteo.net/ Frame 6906 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=_wnnqC-uvTKkFYwGMEXIcJbfKQQZf8oGGW01kpkI2bJsVtrONBmevJPrVgLg0rPwwDawTSDoRJaU8Km1WFqt3tysubC9nU-qawIy3C8qxCKS9SShhS3daF5P171Yjm0QPHbslqk9vx7PV1LUv7GBFcEKt96VBj9nkfSKWfef_1rdtDsce-Afrq4e_UppwmOtS40uqUYVPJBB7wDm6MeBOEJTZ_6qEvVUDVPNmb4bRBJIEECUxl7m-1N9YLLQPXr7D05GIg&sds=2&rev=82987&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 29 Sep 2022 21:37:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6906 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Sep 2023 21:37:58 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6906 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Sep 2023 21:37:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A0F4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:37:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9E31 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:37:58 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-78.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:59:58 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2281
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
xPWrIFO-rObQgAj6a7DgRyt3WydQL7Ocb0qrd7EukNfBiIqWmQ5yCA==
Enabler.js
s0.2mdn.net/ads/studio/ Frame 0ED4 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/yoga/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Sep 2022 21:45:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2292 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
141824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D601 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
GSE /
Resource Hash
aed462cd4e2607331627efa7f5597626f899356a0a05a92443298b9261840db5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EzOrBXT5V2GUVgTfTq4qqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-EzOrBXT5V2GUVgTfTq4qqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:58 GMT
expires
Thu, 29 Sep 2022 21:37:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAEF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
141824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ED93 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
GSE /
Resource Hash
40acc9836ba9fb798b624b3be19ea27058477bad94a91ccd8b60bd2bc95cdf10
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LcrKXEOFR-rsvF8rC5Dxag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-LcrKXEOFR-rsvF8rC5Dxag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:37:58 GMT
expires
Thu, 29 Sep 2022 21:37:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Enabler.js
s0.2mdn.net/ads/studio/ Frame 6C24 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/sushicat/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Sep 2022 21:45:03 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 2292 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 23:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 23:46:32 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame FAEF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 23:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 23:46:32 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIxODg3OTRfMTY2NDQ4NzQ3ODUyOSIsInVzZXJJZCI6IjU2MDQyNl8xNjY0NDg3NDc4NTI5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiODYzOTk5XzE2NjQ0ODc0Nzg1MjkiLCJwYWdlUGF0aCI6IiUyRmElMkZ5YW4teGktaHVvLXNoYW4tZGFvLXlvdS1yZW4tcnUtemhpLWhhaS1zaGktaHVvLXNoYW4teWFuLWZlbmctZ3VhbmctcWktbGkuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZ5YW4teGktaHVvLXNoYW4tZGFvLXlvdS1yZW4tcnUtemhpLWhhaS1zaGktaHVvLXNoYW4teWFuLWZlbmctZ3VhbmctcWktbGkuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjQ0ODc0Nzg1Mjl9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
server
nginx/1.14.0 (Ubuntu)
L2EveWFuLXhpLWh1by1zaGFuLWRhby15b3UtcmVuLXJ1LXpoaS1oYWktc2hpLWh1by1zaGFuLXlhbi1mZW5nLWd1YW5nLXFpLWxpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveWFuLXhpLWh1by1zaGFuLWRhby15b3UtcmVuLXJ1LXpoaS1oYWktc2hpLWh1by1zaGFuLXlhbi1mZW5nLWd1YW5nLXFpLWxpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Thu, 29 Sep 2022 21:37:58 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=214
content-length
555
expires
Thu, 29 Sep 2022 22:37:58 GMT
pixel
pxl.qccerttest.com/ 		35 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1889317555;fpan=1;fpa=P0-342885189-1664487478606;pbc=be067748-1deb-4d33-ae29-6a94f7d5b69d;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1664487478605;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-58.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 10:38:02 GMT
via
1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P1
age
39598
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
ydRis5AuZ_foIFl8lT74lw5sgceGFppMEkLJerrSwh3DeSoDnwL0BA==
pixel;r=1144893249;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1144893249;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-342885189-1664487478606;pbc=be067748-1deb-4d33-ae29-6a94f7d5b69d;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1664487478608;tzo=0;ogl=;ses=6bd302c0-9766-4329-895d-c09d7af08098
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2292 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KUOiYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame ACC4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoLCqVBgldm65yxhzrtXRPGTb1fIskDLjxrEC8ao4kFtgd_Kl_jq4esKku2O7psjQujKnEJIxjRklW_PKJpIaalTwa&sig=Cg0ArKJSzMgcrmSpRjhlEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664487476920&rpt=801&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:37:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 6906 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=_wnnqC-uvTKkFYwGMEXIcJbfKQQZf8oGGW01kpkI2bJsVtrONBmevJPrVgLg0rPwwDawTSDoRJaU8Km1WFqt3tysubC9nU-qawIy3C8qxCKS9SShhS3daF5P171Yjm0QPHbslqk9vx7PV1LUv7GBFcEKt96VBj9nkfSKWfef_1rdtDsce-Afrq4e_UppwmOtS40uqUYVPJBB7wDm6MeBOEJTZ_6qEvVUDVPNmb4bRBJIEECUxl7m-1N9YLLQPXr7D05GIg&sds=2&rev=82987&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 29 Sep 2022 21:37:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
generate_204
tpc.googlesyndication.com/ Frame FAEF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6HxQYg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D601 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=722557236806694&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ED93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=4340601197459910&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
p1.jpg
static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/yoga/300x250/ Frame 0ED4 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/yoga/300x250/p1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAHujkJnUGrAA1FtDmcKoauJfFUgTvWPQ&u=%7CMyM%2Bv3gr69gDDWGYiMI%2F0wq8pTh2I6bQvOkB7%2BZMUxc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVbJvRYYTML1Z8msTwjHGHvux1EUAmnqwA-Po4jnNM8Ti_Ya7n7ybCcWHvbTNyez3qlJaeU4dIdzwrwLgxiTpfG__PhfdyEuAihNgVhJt_1tn20DK7JyG9cyNVk2giSKyk2OC_KT3g6-dk9tSzQRpEFS9c97xsxVhLs7-zYAVMdOrH8ZdKhDIzvI9mWShNuh7upXDR9zw8O098F2qQ-mImFD5VAs_Q25xBtXdnphlBtIZ694-R1dL5n0CLFQ8_D8wPtPdyEqB7opsoRY-69k3gCyHluCCLP8FLFO9_G4B7qQeyoX1mbL4fKmbjMOx3DYd3LBM4zyf4dxlU3ydbLWTMim8MzJ9sI3KkTF3HsF99fgvZjKsW1NLFy0J9U16KxJnKUJpUvYP8W1MwBjY4HHj2Oh1nGIZEBDMHwiueGlc6nHUjXTxUD3yqixytwyrQJ4J9t5hlaZXuH-wRBM64lpTEVZlWgVr3Ev-yt3Q9TDmLqueBSlLQdQor9CCJKGsgFK7XyH-Wy45Dx_mCgQJv0ag1iuWCYSuXbtZCw0fOKdqmu8Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1u4iNBA2Y7n0HquD9fwPtIu12AuY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCAL_Q7d68pT6oAwGqBPQBT9CPDJZGECNBWGdzeC0sIpFsttF-uHADNdlS28Cm5ldOM0D_PUM5sAeQkhb4PzxoyaK8VQYxf9dK8VO5fP0Pq62PdrXzO_SjNF0ttPtTJYbypttKNNur9-Jx4LuFtbLapALV3hcNOKN1ANNe_6QiD4qc1dHOw3OuoxkM2DKgryB6iBPKthrGGAGtqESEmFQoAPEgpYp8-TDYI4a-UDraRZKUcyYssFgYvgb9IPvF_3AS4Ua17SIxA5pfBEcOhqGnUuFDO9Fu5mHxKbr8Z1_AWcWh7zKK7kjgEXFv-G8-CPq7YiC5sJJx1xxAafr9TzUiuSwkj4AGyfzrv6LC6OycAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3TNmRsxEHQq0Ugue_hQObtFh5BqA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2fdcc086c66d6d46161cc9e2566e3f5d9e33e2abb9c07126383d50931b4751fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/yoga/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 22 Sep 2022 04:56:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"632beaef-14222"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
82466
expires
Sun, 24 Sep 2023 21:37:59 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d7d7e9938d26a27c9f40902bbcbae7060bd05296736a878c9287ca2b0c64eb94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75344
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 29 Sep 2022 21:37:59 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS95YW4teGktaHVvLXNoYW4tZGFvLXlvdS1yZW4tcnUtemhpLWhhaS1zaGktaHVvLXNoYW4teWFuLWZlbmctZ3VhbmctcWktbGkuaHRtbCIsInRpbWUiOjE2NjQ0ODc0NzkwMzR9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:58 GMT
server
nginx/1.14.0 (Ubuntu)
p1.jpg
static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/sushicat/300x250/ Frame 6C24 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/sushicat/300x250/p1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzYQNAAKx7cKj-FDAAzKyis9xDe_Q_BGA1poeg&u=%7CMyM%2Bv3gr69jbPOmEXjg0Ma556A0OEpcwRrYVh5Y%2FN7k%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ps6R1YfkeQVZTGT18SIMDUrRYh8cY6w9BUz-zFikmfkD697ab8dz-hmrgHONRFhNPAncs98J3sh8paAOClwQia2XV7XRiUifgoqe6c25kWhbtotuzkBTB2qa5AMFqUROTzwPDsObSXx5s7PuOTWnX3lb85bqz0I3HvCMdyrZptTt5_U2iiyhmkwF4EFHsn4RBn7f3QaYz8Z1FG1GxxPgAjclJlxVGOEinAD28ZmHDwJ18Zk3dPiwbQM8mr2UjBnbqKioTT3h3vCA8PtdCSoQRP7ljQqrH7n-wya6_Q_Qs1Wr8xFFoT4Pjx3rKj2aOKjafNUjDqfEm2w6nlpSvEJ21d-TIEQ0IlVhJykQbt5fvntugsjyGQNt6USFYJpGQGrksJ-4RBbkP4FNkebBtr3b_v46u2LlfyOZ51EGrCBP6iDqlS5a5LDg2NcE4g5YNr3vJt9ZHB-0UzWB3A6pSMUMggXGE4_k81AFC8W8NtQ_5VR1pcnGqGXdz8FCP-MTK1idEJZcxtOOCNqxgpytEcIGKgCt3sXKQ5OlylOF75n7gMnc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngFeNBA2Y7ePK8PCvwTKlbPICJj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQIAv9Dt3rylPqgDAaoE-gFP0OB8t5kI1UCwZ18Lo0dypN9cNtGMI1ygqqEqfoy7ldL8ynRdZyZwRQDb4BYfrwtLb0zapP-l7p5lcaVmhbB03AJaU7xrjEbbkKmLpJS7sW3dGg2aSXeZOPmmzVC-f6Vw3xP1Bhm9mBtxcPpRbtSijwrmelawbZbIrzBxBi7U1MR3lRIj3EJ768K-nSqFt291E_-CADAU8wdKyAfZGeHbSGN8W3pd8xp5izm7qXrasbfVt7gpn7oRJUuL07GLjR8bQp14ArlCiEEOdfpYsAk2Dv2JGK629VAF1UnTTWmfiDCtZtTMpfja2Tu2kAdW1UsZaER5htPRR7R8gAbJ_Ou_osLo7JwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3t3PdKxxyfyTY91H8RPxyp8WravA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c9d39b0c6fd30f79e7feea1a01d35fbfdeeeeeda6a7b33a2f2f26375b9aa5d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/95385/20220922_fy22q4_cpro_creativeclimbers/sushicat/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 22 Sep 2022 04:55:45 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"632bead1-d4a7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54439
expires
Sun, 24 Sep 2023 21:37:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A0F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=722557236806694&bg=!_v2l_bnNAAYIxsuQKMY7ACkAdvg8WoY_eBB-HMlSGD2xJUz0CM3WN7_ZC6DwQXZ0NTwn-Oog4Fs2XQIAAACBUgAAAAJoAQeZAr5XUH1suFkbJ0y3JxhbxKPrYRs0pLdTnx9EbsBeBjQ0x8AQgHLk3jyEOXQLsL0sKOgoLZWjIcQNv7vSL7Chn6tZRZFyE0L024VCXOdJYRlgaf2l-VxYX5PjlAc2VhsdL3yaarcRawCj6lQpKJU06zVG_9JGhqO-ea-3fBgbSNFDWFoBv-bw1V7QXXzQ6-ZT0_Z0mo2DN8pev1wxAXolXh3J6XU0yQGcCbTviWbthX-lTlRU1rJjTwHn3ZJNBvsAWDmg_b7IdiVKf1wZVQfEmhz2p6_fhKekxiGQLKElLPQOe8YbMHmwyzer6bgOtp9yL299Knw9qZVnt6Uu8DE6Mjsq4m5_ZQh2ZlVhFPfbWFl82oWznK4pVZHt4JUglMeHjEzEF3JyN7qajQkTnbLH9QWE3zCTKGzvkwH_4yX2SohNgqw_juvlza0fuzF9VsACpkJVEd2nXeuQTkzNjrDq9wVoiLeozPUm6AtLWBMEtiYoAeRuGx-DmZsFE_jzc63n2p5UpVRbd-rf90dGV8y9dnDQmAtdQwsTDltk33PwipSk9nQKnIg8s1DKYrt_1mWcVzzvruN0GuIIy24qZeHBG0AQg1FhFUyK_DBDJZOe-mtFogJTmT9CDpQZmcwUNfes5DmBRlon5sv7jZiygPXTWIb0rIfq9b5nBwsKSw7IbTHym7R7vLLWJ6l_NA8sng3fZUAF_6WTolUN70fPhWEN3CyZysFjoX6Xwbm_qqzAYCmBuZMFByPzM7sAbrnB0UcbLyK5Q9uhORiNVSTBDtRzou3YKdgQvMwZASyHQioVdd1JxxRotCodfrOyDAwFdaQj1d50CF8gb4pwu-3SBi8h_E7uoLaKegrjIfwzN3SBzMmWEA3u0ZxiHQIvkowt08_2sOolMu5cVhyp90M4HTTc1X0fj5TdFC9ggRYTaDWdTJE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9E31 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=4340601197459910&bg=!WlmlWR3NAAYIxsuQKMY7ACkAdvg8WuOBO8CWYSt6MX9FBjw7FlEl_-6BieXpCNQD2Ds97R0HjDKAzQIAAACEUgAAAAFoAQeZArlGqJOE-NrHn43TyZLqYMoKmrvuXi0zGi5_zZslWGV1eJ0n_apZ9NGK2slDUuLKXVIUTP0J3y7Vr8nCIf0HF8Dzj0NAbaF9UfauZc8vLvpveB40ANsrI9_QZPwdQa5qt2_nH5GE6qT3LuKV67s1f6QSfr0lmK-Tr1ygchhjUJY0mkL7PiOhZWVfrGHFb6wkaq05Lb9camvSi3InPOXh01PzDcVkd3ES6rYklBmAmAS2HIkgTC2iq9JWSOujw2fXShnvL-D1kPbmTkNtwUy4O1X_CLDVzVIGT_hGCqHNOUNhO8MF7zJQpphBJOYnw8gpI1ZdPmV_oa0SsGEwFhsY9fiYOFQLogXcSOJiOoAYJHl3EogiD_eXJLlBDXjHmFldCqXXhxmJR05R6jLEzkktncSbR71fYLD1XV8nvwdRrDpTgWI9KnKTXQ1gn3-cHVsxpULhxGVhL5NdRTMkCRta5Z4z-4RQdDF9sYTR6inrvJ5zS8oovYCY51gl_ILCCNW6RNnezXygli3dqPl9xAlg82eqzDfKPG5Cs4k8gNPIWpQtF2opBdTLhbM7ufVV78d6VoQtDUhkt80_crP4taXKfX1VMmC0tk3vQ3--sBahVdBlNuK-2H9d365jIdi2QyxaKZsVwBJIiv6AiweflayBi_bupuA_EXvp_W-ZdLZxp10q6g-OrDgZIVgHJbPdPg_lhcbTdLDHHNDfBybFpwBbncr3797wcRL3IxTyq7MzFx1StKQXOyAWOctXcS0qt1gKDwuY00OpbCo2fOp7Tc1iWZfSglle88aOUWBwTvWrFgA2u0xxhYh48L5ilX_64MNtM9COjvqeeVKwg9CkBZn7zXrU7l-pAOr7vgfDJZjGD7Xrk2QJoysuUJERdyR65gKmamnVR-KJiSngqD3PI3ws74EYEAdDDDQ3zo09
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9s0&_p=4719&cid=418387068.1664487480&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664487479&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&dt=%E5%BB%A3%E8%A5%BF%E7%81%AB%E5%B1%B1%E5%B3%B6%E9%81%8A%E4%BA%BA%E5%A6%82%E7%B9%94%20%E6%B5%B7%E8%9D%95%E7%81%AB%E5%B1%B1%E5%B2%A9%E9%A2%A8%E5%85%89%E7%B6%BA%E9%BA%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 99A2 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
067d20fac4083b7d51e6f4313eec1c579cba7959c0465c58d1ebb86409fa4b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11134
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F5D8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9fb6a34b437449b9e1f9bb8f4ac7126ef62c741d5be12286334fe173d2f7d023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11214
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E5%BB%A3%E8%A5%BF%E7%81%AB%E5%B1%B1%E5%B3%B6%E9%81%8A%E4%BA%BA%E5%A6%82%E7%B9%94%20%E6%B5%B7%E8%9D%95%E7%81%AB%E5%B1%B1%E5%B2%A9%E9%A2%A8%E5%85%89%E7%B6%BA%E9%BA%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-haSPzcRDfeR9fc3DqNhFig&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=7621&dns=6&tcp=404&rrt=0&srt=690&pdt=1&clt=1142&dit=1142&a=4719&z=0.6181735941494806&gtm=2pu000&t=timing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 08:15:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48128
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 99A2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:38:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F5D8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:38:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D3E4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
141826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 08FE 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
GSE /
Resource Hash
40ab1e1b441b16936d593640005e472948a6f4170527c02708ba56d5222932db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OiH2T1qoRMoOstS8PWvmlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-OiH2T1qoRMoOstS8PWvmlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:00 GMT
expires
Thu, 29 Sep 2022 21:38:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 28D6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
141826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 781E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
GSE /
Resource Hash
29218b7d804201ebe3b309b401a6ef23c562909a0f59e9af333d6781ab694d8c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qQ_TIppnSIAEh4c4KTZUew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-qQ_TIppnSIAEh4c4KTZUew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:00 GMT
expires
Thu, 29 Sep 2022 21:38:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame D3E4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 23:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 23:46:32 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=731933168054561&correlator=4152096545422738&eid=31068929%2C31069923%2C44761478&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D7456150894ef812%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D759a2aaa834893e%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D58708309ca693b57-2263e41dbbd6004b%3AT%3D1664487476%3ART%3D1664487476%3AS%3DALNI_MYTCgTbXMwVsUvSO3p4N1HBCocCdQ&gpic=UID%3D00000a106f5f41b5%3AT%3D1664487476%3ART%3D1664487476%3AS%3DALNI_MZOH6cxvAt9qK8o2LZduiniH65o6g&arp=1&abxe=1&dt=1664487480494&lmt=1664487480&dlt=1664487473392&idt=3597&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=418387068.1664487480&ga_sid=1664487480&ga_hid=4719&ga_fc=true&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
acb00756558449eb036c4ffa99c52e7230c4d2e7655c9946dc6595b84cea4f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26213
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
d745a428bd193d2b28edd4fa5b52a35e209df48780a4dc9d020d28b88712822b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10992
x-xss-protection
0
container.html
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C9C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:00 GMT
expires
Fri, 29 Sep 2023 21:38:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Sep 2022 21:38:00 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 28D6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 23:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 23:46:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:38:00 GMT
syncframe
gum.criteo.com/ Frame 679E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:00 GMT
server
Kestrel
server-processing-duration-in-ticks
965709
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Sep 2022 21:38:01 GMT
generate_204
tpc.googlesyndication.com/ Frame D3E4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4r_3Aw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 08FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=3097226791351910&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 781E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=2874003683732458&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 28D6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NQDjzg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9452 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
141826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ABE9 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
GSE /
Resource Hash
2adb24e71fe40bf6c217e3e30ea7d4969dc89d99096b6ea556ed83c849c721f6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PNFotZR3WAdOsqMQZ3vzoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-PNFotZR3WAdOsqMQZ3vzoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:00 GMT
expires
Thu, 29 Sep 2022 21:38:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame ABE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=731933168054561&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA4E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:00 GMT
expires
Fri, 29 Sep 2023 21:38:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B07 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:00 GMT
expires
Fri, 29 Sep 2023 21:38:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 71D8 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 04:09:13 GMT
age
235728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
etag
"b9e6b1d3ca7cc68d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 04:09:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 71D8 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 04:09:11 GMT
age
235730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"dcaf3864e0ab6b08"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 04:09:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 71D8 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 04:09:11 GMT
age
235730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"95b4b320f7966d1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 04:09:11 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 71D8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 04:09:11 GMT
age
235730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
etag
"5561dff7c028bd87"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 04:09:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 71D8 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Sep 2022 04:09:11 GMT
age
235730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
etag
"00747b471d2f1a24"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 04:09:11 GMT
truncated
/ Frame 71D8 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2cdaa1d7602f9c3d804b0f8e461f4b035dcae48b9a4e6f5e8d0ebdfa7bdcc33

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
8261573141823900187
tpc.googlesyndication.com/simgad/ Frame 71D8 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8261573141823900187?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnYkYjs9WpKWlNhWJqIxXyiHdJrnw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
8187754c0fe154f71b1505675239ee1928b0cd65159205abbe1fae052ca3b4d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 13:24:13 GMT
x-content-type-options
nosniff
age
116028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56013
x-xss-protection
0
last-modified
Sat, 17 Sep 2022 15:05:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Sep 2023 13:24:13 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 71D8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 05:44:56 GMT
x-content-type-options
nosniff
server
cafe
age
57185
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Fri, 30 Sep 2022 05:44:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 71D8 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 06:16:51 GMT
x-content-type-options
nosniff
server
cafe
age
55270
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 30 Sep 2022 06:16:51 GMT
l
www.google.com/ads/measurement/ Frame 71D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpqQg7ktOgcdKl1mWIGezKKZ6oxzHPCCSclskadNwYv3iBWys7CMJj9F_ada3VlSJarLhy94hs-HDcbXYwxiY2QuFlKQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 71D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc2ZcOBA2Y4b0JvuPmsMPmo2a0Aj35NDAbMDHopDnEPH7qISQMxABILqEwDNgpcCjgKQBoAGtiO_1KMgBAuACAKgDAcgDCKoEtQJP0C-wd5Or1xHc2hBjX8I9eqwh8PnUVAGkAoGdMS-VKF2RdWtFWaqpH1Y2JR4B8rmuGwb9e7nY7nWamkgrNAJqgCqLbTTjS4bl89fmCe_Qsybt8cmOe8Y34gISWLPFIuZhR07i5OWYxGA4Qo2nuI3jLymo5i9l54oC6vRW-9hoiSLhnJhI9bTZJlHF5QPkBbuNTgHrUCfsoP8W0Dp5HviN2xzg-DcpDFduTSzUunr42Fx9Ub8SR5Sf8dhyvp9QMri2rLPmn-7RIPg-6POaHuRyvDgTLiiWlfA2FKlU9kcdJOmcBqh3HeOFddu0dn9sW21uuRgfJVOj-g3aEmH1hcnv10ZV4vCAaXp2lvWyd9bu-jvETCbW0X9kP1V2Qip5aE4lobN7NXp8F5gm9UxWfwQCUO2jW2TABMXDw9uIBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAetwL_VA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMqyAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=A0im0__00OM&uach_m=[UACH]
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 9452 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 23:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 23:46:32 GMT
json
gum.criteo.com/sid/ Frame 679E 		422 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2ee5b74078697198e58a8983bea3486978bbb61ff42185acf5ad21dcdfba637b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1725914
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 99A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=3097226791351910&bg=!3N-l35vNAAYIxsuQKMY7ACkAdvg8Wh12AS8-bffKrNBM6E9XDx797Gur4-AXKTwAN770ikFZ7ZjniQIAAACoUgAAAAJoAQcKAC_80q_ARyliTCUYv0bp0OPchfa8fFrIxYeKamgru-Gu8IqV-ERHn7LIpWx8LCM1tZkCuoc2dm6t_sNzxEAZsM8YROdMUueRtrvPX5kiZH609d9xiJrs90Gslrh7U3fwjEq34J0SgUIz84laxViG1Ck9Wlt1nJXlYqT0JExqx7FgMWYRu7rT2UBsMnq5KhLBdiy6ziiU-CdAU2N7dMKtctwlUb4mU8BJ2HrAYP2XogRYc9R-S6BuztBYNVKSvoxxYzJTMu5BRQc63vrZP8PQSx3Gh4HOQpdLhd-JhGov5KdbJ4yquI03TfVa00WA6nPq8_8TT24HGinKj_Sk5wB_j5WRGRJxgqC5tzmpWVt9AYFnWsG2QdEd3vCZF8dOe1WcoKZEe9OYkQt-Z19vWoeqgR8GjHXjlddh3QPIHj85yQvsHtQ2uJLWdghDrrkiaRpOziM5pPFKGLUIFFGFeYHgzz_028xQcCKKW9c9_ZD6z6T5NgwRBQMcb9rOs0iJ2bAoMUp34PFawO0VuXnusqT0qkQf8pXniAZc7ey-c0cfIayqyiollWOj2Ay9_6SEH3H5XMe65d_aV0arKZ2F8iqUw13CGyLal9tEBZyKO6-p_8x3_ZYFgWqkbmSddNmw6HSa4Aca9ZfQVt2KMYtxWcdu80PrnoBpn7bE3eImM9ac8h9lcJLIvQbUorHRC7G_3Y5pl7fKPgc8yzWd5F46-QzgiUB6Yv7oorXFqNwdvJ1pdpe6htB63jPo8gnaxigiA6ncTgZo0wyyhkBdJgWbb2nP17tUYC4rME0h8gefeqKVNWgQT3ssZlMT8r-JsY_wcxpxp1fzBBiYr-5CyXel15GCusnRCsfeBuatE7XE8tnx0hi-j5l2L4r4WeppRu6MP1huA-9KrIYcCdSkUx-ZxdRkJf08VEdrNKVUlZ1CqBRDAXQhFsJtyyNjjta7FCFqjYPSHwTD9fIl_nkH0xlbFto_872ZHpm9LFeZJzxJGwCx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F5D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=2874003683732458&bg=!MDOlM3fNAAYIxsuQKMY7ACkAdvg8WvnYgc-JPL6wAertw3s9qnEQ-xYHeBCT7Iq0gXSWrziZKci8dgIAAACGUgAAAAJoAQcKAKio2Zy3nDuRdHURvu1zgfCdNuX92GbeGU-jfCnXcxbD83eAqFRLfB-rxuIBWwccBRUXae293F3yt7NHOxnTWH6MeUnZk7UU94vKNW56TxyW6W46o559nZRQHMTbb00qVMYadaWZRMxmAmkl1lTJtO2dx78bA4JK8p61KoLSgfyTGF4dx-n-rfnG83CpyCv9NZmsw85SdBNAAqnf67xc7l44xgQ2tRigCkuZAq3ZYxOcixlY6CRwgnz5xtvy0A5Z5vU2EOsxrP3F2BPm-KUPU5bO29YiNgJnjuZYUUBdA9ioW4PG3Ep4N0ouZo9S4yimYUISn4sJrG6mA4p0y739k3xRLG_VsrVok_0MIIr-qTnGdFa2Sc3fpc1Ga5nNuqUCJSB9NWBmJD7erZtTi8T_H34jUTwgMOSHT-x1pwti6xoBOZ_mjcm2cSvrJZfBL7yLB0e5adUkbA6nrHH01iL2Ehr-zNgoaS1mBgVm6F76JGLgi7FEEMzU-RT4mX7krrQAext_WtER3KH_cLyDFU1FRtSyK-VvYmHJShUYRtp3EIWFYM9ZY0SppQ7IR24xdVqlnNzDvunm86tQAXkO7RulLZoXNIN11gCI0yREMai4nsMzVzRLblx0D8m4AgKthgFb1cR39k0Yuke3huwicj1kBW0F75i_j1FXr2iFC4RDjx8h2G0E9Ewt3c0NA8uOnmqrA36KgcvfZCuaN5KyjPU68engw5nGWRhkUZgF3jsNkwmGIaTw5_lf0hFRSLiV6GILx5vzmot8p_F5WIupNY6VztnRDPfSzLsGF75sr6UA9EhTuNpws7uLvN4DUpn7nAo9DPj7hQmDbSrco1L1aCXUWM6CnJkLJ1IosHTAfR3R2JNehbYRMPc391QAGx40QLLnD2w0UFuqr6bImhXaurN0W-M78yleVX3Xsiz4TuF1_RCZ2IJKvKQdc11RNpxo5yid9HVOHGFqUeoGX7QYHwFawjJ2GVs2xd0RU3R2SZkhe6tS_WrP_CphrXGy45SnNoVeBSVZ0cxOADj2TMz5EkXwW7x_L3alLcwtxAWfAwoV9U5uTNMcxczhMZ4u5TtfPvwvyT4bR2o-cocjJB35_MAKYtjFRRXG5q8Ud9PC6qSM1TwzyeaxxG_uEtJO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9452 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ROfmeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C295 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaQFRDwq4vjAhjmgenTATAB&v=APEucNUU3bcifqyDS1ARSe4N29jLNNxolADguWN2BAo1mnuSZoOjFpCIFzaHKdDdSxreGjfWFs5Hp7NSki-nSqdLudSLu_MVVA
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CA4E 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CX5atSglcAjEkWY-2xzXMZPkWzMrYJmRXmAPzQEcMXm8HyKu2izx33Hbvc--J9lJuxLkPjXdpJH3lpbgRu1I1NdL2_TbhyAnwG0eortuXJjKmXmG6xGDbjTKrAcKb5L10vxlty_RYYzw1MeHvfSTVhoySj2VDGqAo55GSihRYwL6J-U-zdta24OaHSZ9pkbqWMUjaa&cry=1&dbm_d=AKAmf-BJ12ObrQ8-QjWjlmUdKTh9ZdUP3GbBCpkUUNT525pH2rTp7urzOadt0xvlWZ7xuJwgq6zSFvr2XfYJrAcORSPPdp1o3ParYvHNA0xnImyAsZh06W4xdUDyTzH1k2eVYkWS9_M-8_CutNN32d29uPI-cF9ZAhA_ex_D3kM4GO5Sajl-5x0GVqHEreuYYY4oe_YN2JFU7TmJAdqlRvIAnDSzH5vgBFHnFhPGN-OKLnRsR0QxUwd3gJizvJhKK5iKnAiLSEWIJO2utg-2X-PRt4YOudBZedm7tV2r94M7JONu2mv9Cc8I5kGvU0wf0EpjddEovizKzyR60oDR-lwY7qzMT_MsngG5M3GWWAzEScVwFT8b77YLJ0Bda0adD2o_-apUdUrWd2p-vFWkpaz_sUcoTjbWHrMfYInYYwZBXSAibxiiC2bjTskspc76PZeQKyqSH7nZgavh7udPCiUyalT-a0fKeVljY7VWwch7zAVCjoL77bOlTZJjJTUFbzsM9YuAqS9S8a5jbqrSMuxLC2g6vRvwVBErIsO3Q8K2kpUOMbdubagmnB2UccXSkvtMEhRHhvmN_udMwkm_k9w9UNucSyVlYMdRci51fZWMdgDrXskvvwfAaY0ftDgPUfvNNDkW2x3QjbQU5lR8MWJ4sFo_TnVGWxLG77xc2qGGcV-acWCYccyWeTCFUrrE_Q-N3VFooxYjAJXwQW9_McAnh5KqrttIngtdAOEH3JtG-h-K7wxrbCU-dZObS5QOdLQTt_1dbFjwdesnapht9njH0BW084GTr3oG2wiwhYoitUadgfFZscugO2KbNgvNijLUCGu8ivvWjuT5czh6KSqxoR8NbQJI1agEeSDyYleHJ6UnmvJNKmS4GfVo1fF4xisaA0ajhRUAPUx1tyqF7XXqzwcLCM4GK8LsXjzn8OwFmqI4DyJfO7dLTkTfwud8luFS-cAP-0a4Y80cisvWkQwk6h579JzweGi5FglT23AftllxX1HpmHyognRvCnrYTpQa73xla-offAWhwVv5vw6tsuQaa6fYMkTsk45Q2NDkLJBIjcKYIMkXjVdc6tQut4MBshIEBzCFkcCW_R61s2okt39tNemvTLHmA8P-WJ39CNZYNIi_AtmVOdfyzmx_wysqkTwf1SCBQZYKl_mjIR4hkQMPVnv-0eRdys1Bpga_2awjq8QbDyIqEG0uPG7EK6208cdlOcEHiD-xb0EgUGfscPjJllhX2x0tzJr7GLQIDhe6-rxc88QqCwqLH71vx2OyHZexniH_OtpH_v5y9XKT8G1xBNnDwnE6giTugnI3V3v1TvHR7e6PCxaUhb557VPredrT88xszDTSzigVTuEigCw0HcU7jGbbhjkS4AswnxuG4qQ7dgnC4MZoKfkNp1-tI4UMqHoqYXQb_SAqvT_zXyvIOqKTQprl56IDv_KznB69T9S5p7TV79ze_lLC58StjrGQPhWDneanm0ryXcCHrjmx97MhonZlNH8PM_BuCC06Gf8z-jVASRuDpGDgV67Ji4n7cPEmeNFfLvEVXWCMadykIIJZG96ijp9-Pu0Tj2B_EmLLFv7be5A26fdQZdmJoT1yidyiYtBSbyeQcD9e-kRF0J_zdPNNS_a8NXNddYjWZP5EqbX2_aMDUpykQ7LnzW2IC_YHCXBq3DR1b9Llig3KLN4ixp40AmqfB9iuPn16AfcsQ-l_LCZcgfVI1NmX7xfqbpegmKEL6TQ-3XzaY-z1InEX8UrPGRcd1Cv2SuinCPqve9jELWM8Nv-KS0_88oHcYNif3ti3fMp5bz90kQdYSv3fOpMkvPwLqF38Xk1A0tvo2ktDPqzW0ipxMvM1-UP5Quc91gayxU2gEI_OY4zBHu9hn8qPOssbSi-FEV9-MFqrsH_TynvdALmn3Eq1XQJi5OLi1J-7UAVZacC8TXMbmvdR0c1uDd86YdzFLBa03PgcHOtPDpLvtQ23XpW-c61QKuiYEGvqV-8jfQBRgBycKNDeuTOQMAP6998DI29y6RLybdebLyQbqJ9jMg3zdvqgU164UHXx8JBMGQSd_nKL_s5f05jXkKKCC4x05VE_H3WRJr4WX42kAcrBnPx1O2GozQ3tTqkUGHal573EKWj4CQ6US74aMdxYvDeWwvyyuWhaGZN9YnpPBd2af_D5OggoxJy6xfDzXeKZDaMivuuxLO4xJXq08jknJFrsDUxiAJGrxQmdJ8JzzYQrgi5YM7BQ9Q1FSgNRDwghMLurK4elHlYsdl0wjDjbhIp2tBZjfId_tpe2LGneHJEUzvnqjaPgUgprlYEAEViQFHMomVjU29ZyPhOvOq4KV2iNwXzZyB7rHulUP24aX-VIspCuNk6-DmimoZqMwlVB9qP-emH71EPQjYyHD7EdTavDg_L-MXrCE8V-ccRgK0EUoWKGU4PsW8EZ2yCsA1hz83uNwSHH6Lsnq6dbdzc1nU4goBIXzQgDvlTb5y5MMdU2pa_2ZjMiQuMN4qGDLRbqy-TDCBKNMbSWlpaC2hpAg-u_SJnp57i6qgyohcv2ZCXLdDQCyChAHNmDACbWo0uGQCRK96cNZUxMJuMSeoFWYBxjvocM1V6iZS1fL4-O7HiLMpfL5C40YxSzDTA51w5woSZaNJu5ovzgIXsqqQfxhmeLvSEZZDxnl-aiwbpm3XjSWHWzEiHhYmbC41L7ZIXUEymwyO1ps6Mb4hqA0WvyBcNxr35VREEDWGz17E3ol2uZjjo_1coU-N7RIa3ROZV6p8_37zNM5YFDE_OThc3j6K1LXXcmuwD0Vjj-wD3fzsHWSb291zmBcIrK2kSOhMJhRS8mx0L9zV9aziyGTDIoy7DdPfzMZKuIBjfVwX0r2ysa6X4QsMQ4xuTwafpjiMICm-9Orphk9QgB9B7fL8YW3c5XzgFX2lirjV77WwrAN4Kfc2QdC-j2b6if_WimNq2V2Y9C9DXRi9_D3-m3zV7wtSmLa-OSrovm5GQNesTUyGI5ZvrNcrdY7BDdeHEumPX4EV3I2wjmgp6CmZlB9edx3UHkzl0A9vCbTd-K7RMp9Gwkw4z-6ig687_MYbXhdwrQS5lmq6tygoptLwllA1axUcfze4_w2G2wRubNowxiMyICLNCYQiS5ARg6x8oI6oy1z3Y9TjalEBEgbGMRquH_EGEEe8dF6SEimnoG1eIdlw9_8fOmi3z3mJ1pfz7C_30NWpqYwtOIRNr-B9T6wERy68GvVby5sWsQRO3O_7Q9s91xBHgJc6GoMECicD662NRgoRkLrpvZOS7rxsxSEUd9VF1cXWjxbAWBSYZqOUTkd78vCJ-PiyePnRi0tLbo_taoc-9sneGjFSS5Ycvu8oD22Hgksfq4yQLV3Gop9qaXaRrMivF31ocwzkYLu7zUNkxvo9fjqNKEWuiuJOEMLD0O84U17AsnLpkDyCpxUMlzAIWJ_Pd_RDPbl_rIbqx1SvgSo9aNVmcyI7xrFkP35iDM4xpCEi7wKiTsNBXJcpQ2PsPZHAfRx8JHMZK1lY02eBxeaAMLs3Lzb8htQLuRk1pbThegcqxgggryu-pScrN9s_7ljl6M8mA67nI9&cid=CAASJORoyJxbzT4Hsp2x6YnoymAguovVHVxPc3cSH1nfHeWip9n9Mg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
6b93b384ba34761613cd707cafcfddf2730bbb3d59e7153c84c301c69084d5d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33864
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA4E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BR3m-O4eov_A6p-BceqJN05828WvQFgOGBDeEV4FEIP0zS0qRr2Xq2iIzlu8UePvmxykLt09TyzJ1JHVEofkIcJTrWGBpzv2XBXSi1WWBQHRoLGS8
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame CA4E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 20:48:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame CA4E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:33:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 19:33:21 GMT
l
www.google.com/ads/measurement/ Frame CA4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1xpOXcbDFcEgAKmjFRFObGrAHkocxResl9nvSQhPUwu9ABBdfYgSb7CMVe2KoACamYcQ35SapFa2xQzye_JubzHRkJg
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA4E 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:38:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7BA6 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaXShCmkVwYoPWmxwEwAQ&v=APEucNWmFSPmDNKEZ-32PJdCXmVrujTO8D_8aOrAyy36y-1c8IgDREGiMz6VmqMQmTePib39VfIlTwE3x9dIJ3_VAxx49IO-dA
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 21:38:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9B07 		73 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfDs8m1DMx9q0QkzS-NlAEl1MHfiK0_16djOLIdNVoXvbRQgyjkHrQYZ7WN4wgavYy2FliaiYx8OKbM-hupCILtB-h0A&cry=1&dbm_d=AKAmf-BizZG36aEvJ0fJrax8nXRLfxULv8Y3ygWs89XGFVCDpWxTtYHBTSbs8x8g5yE3duBqGaBrd-6dgAOxHfsiwDlBYx1EkBHC-rXRAj1wvAW-3DLlZvLw9xeDAL9ABjKJ46-rFMiQNp7zHuB4a1CU_lxlRx8GBgaW4lI6ZVdZijt-px1YgogP803r67tLP5C-sPdfO5YlrCy4mysF-1uJ2wEqipd6aBaTSjbTm5TvK_9dtZio7Ca79GC2Ph05TDDgWBMSY3jOhFQzeeZq5EUONHrFfPa0NO7bo_1lImP0D36ClCcdohGX7fr9Rk9aWzu6ZcGD3ZzU20aVz_xaNOK5QPmlCVpISyhL60TPabgYHtk6gXtjZmIBLxj3fwtXyuD0RrXygdUcVIUm-ISkrKG54aK5SCcYn8dtk09kFnu5R3Iiz7VV2Buh9-koghM5lQMA6kNEmoMkwk_-LG_1_fUV79AaAtMx7ISZlMCnuqxStHC6efEi7KUXAwCmK77hgH3WQQlbVuqWV-I_QHPaTve3qod_K3hnB_kmAlbWjlwLLbTwkXPkTnEOD5En-fr75I1axs6GNub_1e5QwFyQHyfOL06PhhHvWO7Jt7Wv3s8Ko3_4M-vbHr2dt52cH96VQTRCWqZRLfpbOXNF7yafcROXBngVf29CZZfYxDY_jXPCbGH4gZ_PrMjpi3t3nBDY1-Qo4Xf1omSzhOpWUlVk_QTmgGpEa2zvogYKLfmh9vU6KsD-UYxs6nswcIovtK4SQWlMcfrN4Rss_ZZ3yDSIUrUxmlZQEIpHFxQurXZy7G3ryWRSln3X-cufKTJ_7XVq_FOJ32dU-fqWilBMFl7wsZdQtKOvK2L5YgeQFRkIISFLi88XLVVqbeZkER5sYoUsNbkoRAY5bVzUsGeMH-yxPRBkxV9kiMF9DYOe3gD_qy9eSRGxrC_pukDl3Tx9QbXjKIjRhz-gCuCUI88qbTmHI8xp3SqorDUFV7mdZd2Ez3KU5C08lEVi5pu-q48DXiP3oSlz8qCygik-q-Z1g54odcw8_dE8xfkDS3vAIKWwou6nfcmACLCYHxKgrP0EEFNHkhoJK7_OuN1Oi_QOnKo-4asmjwaiGUtgRrl0QVXBG7mYl644-9rNMBW5ATcrU8z_TzqSnV2wTxyNpSVGiuUbdpyYsyiOM2pymFz-9GpKWIN39REFI9oHHxnB0jWX8wWFM0shEBi_T5Qv-O0-ZUZFkNEuIXDLyuY9pNbh5FhTVuC-2UBpZyVu2TrLLw5sQz6CZoqdq-W212VhYjqTmqSeHZcvZZAWAVBa8vBctjOASCCD6xv31sOwdUirhmuqd6M2k7we0G8vZ1ZggK0hBSN6OaWdKty6-JQl_WuJTfWcMauUqpdnU_IlDmKykSNOPWgi_lkorlkl0CL__eY3kkwm1rSNsJcGPe95gnheGJfWp3dpiuScZE9mQe67SZ3MZWdXnLFoGwzduGLqC0F8i1e0I5EgHDTrffjV9xXp2hN-E6z18wHfOg1y218aqwJm4i4eCs7au3PvYTHVU4_YJlxc88eDY8CwbcnB0aZX-XFS_MPGdwxWuO5Hm8ZyIn1UZVEa65B6dJqZeDXgRUmBed1bSFoPh5NqvDPWnHJciw7neqTmG0YJuAHfeuL4BPiNvTXgfKJAuqFsSu9XV1Vd5BwagVVaQy8PhTA--evgltjPJQWU2WEprzBtUYX2-y01ixtv1kQOzGI4wIBNOSUoKdVCnP-6W0TPiKhTNa88hZQEJWud07ccvlqGjIaf0vyD84Kc780wrPbBufm1Xdl0SvvYhIuL1UX_7emoHqFmhnqSsCbspBMWV-PqGn3MPX8LJpgRNII5Au017wtvT76_WXfMPQioPc_Ozm6t3uEKHzEbUpw0IaDq_gYnENoPI7uDJFCVY-aR0fM2KRPRhdGPcK5VVnuY_lEpV0NA_7WgUq8_S4sLZEAM-33F7gZVUbybgyLxuuLKNvdprSwb6J3-rjI_ZeiDrWxoqp2dl7rRg2_qhZiMkv3TAdto7FPHHRkjh2Y1golV0aZsh2ZpyhNvlL7dUnOaM-VVbrFfiEnS1DrSPt0rCGAuo9P7r-Xa_lPdUT4ZpNgM9BkWK03OyLVr6bTm-anJxYrmp6niLqP-z7D-DVeVAUK-Sg0a_tec6Q495Tyl_v1NkA4EqYdtexs47EahS6K_PWrs4tOa8SaruYHfUlFRW-gXQm56Zd92UDd9VZZOq-x8UAZC6PzBcf_SJMVYv9T-zYVWSGEKhUcTDvMPA8aOh4OoXQEUd9AxoC0ggKrXdrI47_QLqW5KIxbl-vBbdLd7CC-iPjHFdKD4cm3mEvF0MgGKwa2XGjBbyEX-nK-f0zl39E-WvTcLmkxhN0NNbYw7Gm2-Fk4lHoWNIwvo4pgCPoFcMVtx7XJ6PfYujY6cC2aKvmgnrCq-gdueCkyUTpo8EyjYgKSifInkG5pVcGpP3eq7mDcXzPQENI-9W9WDESeLpDTAwFycfrUJIi0bneFS-JFiIYtvFBewqILNu7wxIp9aSqZT6PCbHU1QwXh-V64vp8kXwBVI_ZCs7CTKfsiv8Ro-LR8fep5Cxe6s2yuIcR3zLwY27g2rheA30JIv02OUtNMC_dzEDafa6WgvdEnFCB1n8taznyMRafR_jENebW9KnSFOs7s4eL9GpJxtfYUATQyUrJFpAUc2fbzBCsWXFcM5SfD4T7KD8PRKVg4SBXeLjLOzPhPEDZmfQweMu3iyaV8F5WodlkhxrwLwNTnGGUVhzTvdlJjjmahyBNJ0kS7nufJNFJCRh99GCqy0mm4FFdmTwhKZ_ZW6gQAHolEKs3ls-OZREEs-8RBX4PO6vzcTfGbzxIorK2O4XrZPIbJP6A2YScktHo4Q5aXJ1gsRVXZyPwbkc8B4TFeZ6UC1W-i8ZwYYr2UnQRjLfYOZVXJYfwxqE4M3lIRUGt-3xtXmWTLRcdyXb4u8x9yrOI6nRtE-kY2EM6E9jwiUs_hz_5W2duXCLeu85_hrhFaozhA7ECuTdV4fM0q5do0FmBTcfPGFBc7nVf9aXA8bfuHiG6cllNg-_R7N4Y8cujE4omU7wC-JarF8bgFfSQ6WEh1aRzYsaLJMiPLJnbYf6UmS5Q7BwuV_Moj-7MZEpajKXCsHj-77tYCQj_yo9tbWQd890KpWcR5QxZA&cid=CAASJORopddw_0Dp4jvZzhQOMCaek8-wO5Pirxqg_5SgSY98dwWETQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
7800cef2c62af22a675d2c16dd92d47707be5a30e36963ca5247585f1f7660bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34582
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B07 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dq-8hPkwOoY6jVS1wADqhIwhRJojxMADgmkvn2gMRSV15oTnJIbv8upnbspay2XMbeN3IaX2iyQ2x2fi_n3W27xIaoq2ewI_9Qpo3ve7ic7hvmUiw
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 9B07 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 20:48:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 9B07 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:33:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 19:33:21 GMT
l
www.google.com/ads/measurement/ Frame 9B07 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1iV5a1zRd5M7qK3E9mm8TsdqlLVyFpUhHGyaHFtmSQhv-MwyplGZ1IgJ-X84heKqw3G5zW6_9bk1G1_J09I4wwxhHQA
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B07 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Sep 2022 21:38:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 71D8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 29 Sep 2022 21:38:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame C295
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1&C=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaQFRDwq4vjAhjmgenTATAB&v=APEucNUU3bcifqyDS1ARSe4N29jLNNxolADguWN2BAo1mnuSZoOjFpCIFzaHKdDdSxreGjfWFs5Hp7NSki-nSqdLudSLu_MVVA
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2UgAynxnxC%2FhKdRRVZ%2FpNTmFCuF8t7slmh3M0maoKqAxjoqhnyXzqcEYWzUPx8%2BGjsV2gz%2Ft92evtnruIMBuVfX2fOyZ%2B0%2BmPTKbV6mfZ08Lb0tsNPgB2Wpo7U2rM16b%2FP9yqe1%2BwwTqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7527dd0ca94d5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhcgUuk3tm1xaEyaF7yIBXf06M%2FiHf8Q%2FM%2B3V9PtxaLUDk5bUPJ3gkQFURUaIgVDStZTXPoGHdcU%2FYK9mnOaIKItKoZzxuiMKHy8MQZ%2FT5F%2B6Iixno8SGAJ4uNnwYcOHfUZZY%2BPo9uxzaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1&C=1
cache-control
no-cache
cf-ray
7527dd0a9cb7fe91-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame C295
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzYQOvAjeHoupuwii0iPyQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaQFRDwq4vjAhjmgenTATAB&v=APEucNUU3bcifqyDS1ARSe4N29jLNNxolADguWN2BAo1mnuSZoOjFpCIFzaHKdDdSxreGjfWFs5Hp7NSki-nSqdLudSLu_MVVA
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvYdbu%2FbS%2BRImjnEuqYqLBAdT3urxqYpmSQnErPT4MLM5kFzHPfqM9DlniODNQb7jrLA9ymjqmiAeBoPVEwT%2F8EIKwy9XhSQFQ9cOCqyUTE1%2FNYf5dm4UtRwPOco9p8xPlVm65YBf1c9%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7527dd0f6d0d5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C295
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKsugPJD0CaVU4CHe85copA&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKsugPJD0CaVU4CHe85copA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaQFRDwq4vjAhjmgenTATAB&v=APEucNUU3bcifqyDS1ARSe4N29jLNNxolADguWN2BAo1mnuSZoOjFpCIFzaHKdDdSxreGjfWFs5Hp7NSki-nSqdLudSLu_MVVA
Protocol
HTTP/1.1
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 21:38:02 GMT
AN-X-Request-Uuid
870e239b-fa9b-45cc-9ada-52319ab98f4d
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.17; 103.209.254.17; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKsugPJD0CaVU4CHe85copA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C295
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU3NjU1MjA0MTMwODg4MDgwOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU3NjU1MjA0MTMwODg4MDgwOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaQFRDwq4vjAhjmgenTATAB&v=APEucNUU3bcifqyDS1ARSe4N29jLNNxolADguWN2BAo1mnuSZoOjFpCIFzaHKdDdSxreGjfWFs5Hp7NSki-nSqdLudSLu_MVVA
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 21:38:01 GMT
AN-X-Request-Uuid
ca7fdde2-86e2-45ba-bd82-677a230da525
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU3NjU1MjA0MTMwODg4MDgwOQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
103.209.254.17; 103.209.254.17; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7BA6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1&C=1
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaXShCmkVwYoPWmxwEwAQ&v=APEucNWmFSPmDNKEZ-32PJdCXmVrujTO8D_8aOrAyy36y-1c8IgDREGiMz6VmqMQmTePib39VfIlTwE3x9dIJ3_VAxx49IO-dA
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2s2mgShQJEWjwUUATXOi%2FlBjGndTM8SDSFhOQZz6G9k%2F65ju%2FMiRP7H2y0vH0MNjtFtZxS62qHrJAZcHk%2B7Vdo11VCrWls1uQisOXcL8HCTf8hXO8vIT18VLGqbviGUudmMZkWmZmIEHWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7527dd0ca94b5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFOTowDfkRj2bqboC3BxM%2Fc26G%2F%2BCbLa2niuG4GDQUHR8AA%2B1xzCNfUQ4FOdacjswCT%2F8oVzEjlr5WOF2IH79HPQXJDYB3fVjRxfBFXQPGwzp8Cz25zA0PLlOTLIkhh7P1wljrx%2BYXY0Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1&C=1
cache-control
no-cache
cf-ray
7527dd0abcdcfe91-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 7BA6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzYQOhMXOyqi1ecU1Or4HgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaXShCmkVwYoPWmxwEwAQ&v=APEucNWmFSPmDNKEZ-32PJdCXmVrujTO8D_8aOrAyy36y-1c8IgDREGiMz6VmqMQmTePib39VfIlTwE3x9dIJ3_VAxx49IO-dA
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsDbW24Ze0Z5jhR%2FIyrxuBNPK491WEfcYF6wj3VszUe3hcGGWkVWeG1HxusA6T8vwBNIdM3BUf43tOD7e9ExpNWyVF4l%2FH1c3mR%2F2gyXQjvfg8xULrbVlsQTCapPJmy9crXxZsUey6ssiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7527dd0f5cfe5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH6c-7C9FuhJ4i2SnPdRObg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7BA6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKsugPJD0CaVU4CHe85copA&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKsugPJD0CaVU4CHe85copA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaXShCmkVwYoPWmxwEwAQ&v=APEucNWmFSPmDNKEZ-32PJdCXmVrujTO8D_8aOrAyy36y-1c8IgDREGiMz6VmqMQmTePib39VfIlTwE3x9dIJ3_VAxx49IO-dA
Protocol
HTTP/1.1
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 21:38:02 GMT
AN-X-Request-Uuid
03c25534-e31a-4849-9743-252cc5fdb283
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.17; 103.209.254.17; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKsugPJD0CaVU4CHe85copA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7BA6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU3NjU1MjA0MTMwODg4MDgwOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU3NjU1MjA0MTMwODg4MDgwOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaXShCmkVwYoPWmxwEwAQ&v=APEucNWmFSPmDNKEZ-32PJdCXmVrujTO8D_8aOrAyy36y-1c8IgDREGiMz6VmqMQmTePib39VfIlTwE3x9dIJ3_VAxx49IO-dA
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 21:38:02 GMT
AN-X-Request-Uuid
3adbf5b1-2e22-41ed-95a2-d8ea01a8e4b6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU3NjU1MjA0MTMwODg4MDgwOQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
103.209.254.17; 103.209.254.17; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CA4E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
Origin
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 02:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Sep 2022 02:05:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/ Frame CA4E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CX5atSglcAjEkWY-2xzXMZPkWzMrYJmRXmAPzQEcMXm8HyKu2izx33Hbvc--J9lJuxLkPjXdpJH3lpbgRu1I1NdL2_TbhyAnwG0eortuXJjKmXmG6xGDbjTKrAcKb5L10vxlty_RYYzw1MeHvfSTVhoySj2VDGqAo55GSihRYwL6J-U-zdta24OaHSZ9pkbqWMUjaa&cry=1&dbm_d=AKAmf-BJ12ObrQ8-QjWjlmUdKTh9ZdUP3GbBCpkUUNT525pH2rTp7urzOadt0xvlWZ7xuJwgq6zSFvr2XfYJrAcORSPPdp1o3ParYvHNA0xnImyAsZh06W4xdUDyTzH1k2eVYkWS9_M-8_CutNN32d29uPI-cF9ZAhA_ex_D3kM4GO5Sajl-5x0GVqHEreuYYY4oe_YN2JFU7TmJAdqlRvIAnDSzH5vgBFHnFhPGN-OKLnRsR0QxUwd3gJizvJhKK5iKnAiLSEWIJO2utg-2X-PRt4YOudBZedm7tV2r94M7JONu2mv9Cc8I5kGvU0wf0EpjddEovizKzyR60oDR-lwY7qzMT_MsngG5M3GWWAzEScVwFT8b77YLJ0Bda0adD2o_-apUdUrWd2p-vFWkpaz_sUcoTjbWHrMfYInYYwZBXSAibxiiC2bjTskspc76PZeQKyqSH7nZgavh7udPCiUyalT-a0fKeVljY7VWwch7zAVCjoL77bOlTZJjJTUFbzsM9YuAqS9S8a5jbqrSMuxLC2g6vRvwVBErIsO3Q8K2kpUOMbdubagmnB2UccXSkvtMEhRHhvmN_udMwkm_k9w9UNucSyVlYMdRci51fZWMdgDrXskvvwfAaY0ftDgPUfvNNDkW2x3QjbQU5lR8MWJ4sFo_TnVGWxLG77xc2qGGcV-acWCYccyWeTCFUrrE_Q-N3VFooxYjAJXwQW9_McAnh5KqrttIngtdAOEH3JtG-h-K7wxrbCU-dZObS5QOdLQTt_1dbFjwdesnapht9njH0BW084GTr3oG2wiwhYoitUadgfFZscugO2KbNgvNijLUCGu8ivvWjuT5czh6KSqxoR8NbQJI1agEeSDyYleHJ6UnmvJNKmS4GfVo1fF4xisaA0ajhRUAPUx1tyqF7XXqzwcLCM4GK8LsXjzn8OwFmqI4DyJfO7dLTkTfwud8luFS-cAP-0a4Y80cisvWkQwk6h579JzweGi5FglT23AftllxX1HpmHyognRvCnrYTpQa73xla-offAWhwVv5vw6tsuQaa6fYMkTsk45Q2NDkLJBIjcKYIMkXjVdc6tQut4MBshIEBzCFkcCW_R61s2okt39tNemvTLHmA8P-WJ39CNZYNIi_AtmVOdfyzmx_wysqkTwf1SCBQZYKl_mjIR4hkQMPVnv-0eRdys1Bpga_2awjq8QbDyIqEG0uPG7EK6208cdlOcEHiD-xb0EgUGfscPjJllhX2x0tzJr7GLQIDhe6-rxc88QqCwqLH71vx2OyHZexniH_OtpH_v5y9XKT8G1xBNnDwnE6giTugnI3V3v1TvHR7e6PCxaUhb557VPredrT88xszDTSzigVTuEigCw0HcU7jGbbhjkS4AswnxuG4qQ7dgnC4MZoKfkNp1-tI4UMqHoqYXQb_SAqvT_zXyvIOqKTQprl56IDv_KznB69T9S5p7TV79ze_lLC58StjrGQPhWDneanm0ryXcCHrjmx97MhonZlNH8PM_BuCC06Gf8z-jVASRuDpGDgV67Ji4n7cPEmeNFfLvEVXWCMadykIIJZG96ijp9-Pu0Tj2B_EmLLFv7be5A26fdQZdmJoT1yidyiYtBSbyeQcD9e-kRF0J_zdPNNS_a8NXNddYjWZP5EqbX2_aMDUpykQ7LnzW2IC_YHCXBq3DR1b9Llig3KLN4ixp40AmqfB9iuPn16AfcsQ-l_LCZcgfVI1NmX7xfqbpegmKEL6TQ-3XzaY-z1InEX8UrPGRcd1Cv2SuinCPqve9jELWM8Nv-KS0_88oHcYNif3ti3fMp5bz90kQdYSv3fOpMkvPwLqF38Xk1A0tvo2ktDPqzW0ipxMvM1-UP5Quc91gayxU2gEI_OY4zBHu9hn8qPOssbSi-FEV9-MFqrsH_TynvdALmn3Eq1XQJi5OLi1J-7UAVZacC8TXMbmvdR0c1uDd86YdzFLBa03PgcHOtPDpLvtQ23XpW-c61QKuiYEGvqV-8jfQBRgBycKNDeuTOQMAP6998DI29y6RLybdebLyQbqJ9jMg3zdvqgU164UHXx8JBMGQSd_nKL_s5f05jXkKKCC4x05VE_H3WRJr4WX42kAcrBnPx1O2GozQ3tTqkUGHal573EKWj4CQ6US74aMdxYvDeWwvyyuWhaGZN9YnpPBd2af_D5OggoxJy6xfDzXeKZDaMivuuxLO4xJXq08jknJFrsDUxiAJGrxQmdJ8JzzYQrgi5YM7BQ9Q1FSgNRDwghMLurK4elHlYsdl0wjDjbhIp2tBZjfId_tpe2LGneHJEUzvnqjaPgUgprlYEAEViQFHMomVjU29ZyPhOvOq4KV2iNwXzZyB7rHulUP24aX-VIspCuNk6-DmimoZqMwlVB9qP-emH71EPQjYyHD7EdTavDg_L-MXrCE8V-ccRgK0EUoWKGU4PsW8EZ2yCsA1hz83uNwSHH6Lsnq6dbdzc1nU4goBIXzQgDvlTb5y5MMdU2pa_2ZjMiQuMN4qGDLRbqy-TDCBKNMbSWlpaC2hpAg-u_SJnp57i6qgyohcv2ZCXLdDQCyChAHNmDACbWo0uGQCRK96cNZUxMJuMSeoFWYBxjvocM1V6iZS1fL4-O7HiLMpfL5C40YxSzDTA51w5woSZaNJu5ovzgIXsqqQfxhmeLvSEZZDxnl-aiwbpm3XjSWHWzEiHhYmbC41L7ZIXUEymwyO1ps6Mb4hqA0WvyBcNxr35VREEDWGz17E3ol2uZjjo_1coU-N7RIa3ROZV6p8_37zNM5YFDE_OThc3j6K1LXXcmuwD0Vjj-wD3fzsHWSb291zmBcIrK2kSOhMJhRS8mx0L9zV9aziyGTDIoy7DdPfzMZKuIBjfVwX0r2ysa6X4QsMQ4xuTwafpjiMICm-9Orphk9QgB9B7fL8YW3c5XzgFX2lirjV77WwrAN4Kfc2QdC-j2b6if_WimNq2V2Y9C9DXRi9_D3-m3zV7wtSmLa-OSrovm5GQNesTUyGI5ZvrNcrdY7BDdeHEumPX4EV3I2wjmgp6CmZlB9edx3UHkzl0A9vCbTd-K7RMp9Gwkw4z-6ig687_MYbXhdwrQS5lmq6tygoptLwllA1axUcfze4_w2G2wRubNowxiMyICLNCYQiS5ARg6x8oI6oy1z3Y9TjalEBEgbGMRquH_EGEEe8dF6SEimnoG1eIdlw9_8fOmi3z3mJ1pfz7C_30NWpqYwtOIRNr-B9T6wERy68GvVby5sWsQRO3O_7Q9s91xBHgJc6GoMECicD662NRgoRkLrpvZOS7rxsxSEUd9VF1cXWjxbAWBSYZqOUTkd78vCJ-PiyePnRi0tLbo_taoc-9sneGjFSS5Ycvu8oD22Hgksfq4yQLV3Gop9qaXaRrMivF31ocwzkYLu7zUNkxvo9fjqNKEWuiuJOEMLD0O84U17AsnLpkDyCpxUMlzAIWJ_Pd_RDPbl_rIbqx1SvgSo9aNVmcyI7xrFkP35iDM4xpCEi7wKiTsNBXJcpQ2PsPZHAfRx8JHMZK1lY02eBxeaAMLs3Lzb8htQLuRk1pbThegcqxgggryu-pScrN9s_7ljl6M8mA67nI9&cid=CAASJORoyJxbzT4Hsp2x6YnoymAguovVHVxPc3cSH1nfHeWip9n9Mg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 19:32:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame CA4E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CX5atSglcAjEkWY-2xzXMZPkWzMrYJmRXmAPzQEcMXm8HyKu2izx33Hbvc--J9lJuxLkPjXdpJH3lpbgRu1I1NdL2_TbhyAnwG0eortuXJjKmXmG6xGDbjTKrAcKb5L10vxlty_RYYzw1MeHvfSTVhoySj2VDGqAo55GSihRYwL6J-U-zdta24OaHSZ9pkbqWMUjaa&cry=1&dbm_d=AKAmf-BJ12ObrQ8-QjWjlmUdKTh9ZdUP3GbBCpkUUNT525pH2rTp7urzOadt0xvlWZ7xuJwgq6zSFvr2XfYJrAcORSPPdp1o3ParYvHNA0xnImyAsZh06W4xdUDyTzH1k2eVYkWS9_M-8_CutNN32d29uPI-cF9ZAhA_ex_D3kM4GO5Sajl-5x0GVqHEreuYYY4oe_YN2JFU7TmJAdqlRvIAnDSzH5vgBFHnFhPGN-OKLnRsR0QxUwd3gJizvJhKK5iKnAiLSEWIJO2utg-2X-PRt4YOudBZedm7tV2r94M7JONu2mv9Cc8I5kGvU0wf0EpjddEovizKzyR60oDR-lwY7qzMT_MsngG5M3GWWAzEScVwFT8b77YLJ0Bda0adD2o_-apUdUrWd2p-vFWkpaz_sUcoTjbWHrMfYInYYwZBXSAibxiiC2bjTskspc76PZeQKyqSH7nZgavh7udPCiUyalT-a0fKeVljY7VWwch7zAVCjoL77bOlTZJjJTUFbzsM9YuAqS9S8a5jbqrSMuxLC2g6vRvwVBErIsO3Q8K2kpUOMbdubagmnB2UccXSkvtMEhRHhvmN_udMwkm_k9w9UNucSyVlYMdRci51fZWMdgDrXskvvwfAaY0ftDgPUfvNNDkW2x3QjbQU5lR8MWJ4sFo_TnVGWxLG77xc2qGGcV-acWCYccyWeTCFUrrE_Q-N3VFooxYjAJXwQW9_McAnh5KqrttIngtdAOEH3JtG-h-K7wxrbCU-dZObS5QOdLQTt_1dbFjwdesnapht9njH0BW084GTr3oG2wiwhYoitUadgfFZscugO2KbNgvNijLUCGu8ivvWjuT5czh6KSqxoR8NbQJI1agEeSDyYleHJ6UnmvJNKmS4GfVo1fF4xisaA0ajhRUAPUx1tyqF7XXqzwcLCM4GK8LsXjzn8OwFmqI4DyJfO7dLTkTfwud8luFS-cAP-0a4Y80cisvWkQwk6h579JzweGi5FglT23AftllxX1HpmHyognRvCnrYTpQa73xla-offAWhwVv5vw6tsuQaa6fYMkTsk45Q2NDkLJBIjcKYIMkXjVdc6tQut4MBshIEBzCFkcCW_R61s2okt39tNemvTLHmA8P-WJ39CNZYNIi_AtmVOdfyzmx_wysqkTwf1SCBQZYKl_mjIR4hkQMPVnv-0eRdys1Bpga_2awjq8QbDyIqEG0uPG7EK6208cdlOcEHiD-xb0EgUGfscPjJllhX2x0tzJr7GLQIDhe6-rxc88QqCwqLH71vx2OyHZexniH_OtpH_v5y9XKT8G1xBNnDwnE6giTugnI3V3v1TvHR7e6PCxaUhb557VPredrT88xszDTSzigVTuEigCw0HcU7jGbbhjkS4AswnxuG4qQ7dgnC4MZoKfkNp1-tI4UMqHoqYXQb_SAqvT_zXyvIOqKTQprl56IDv_KznB69T9S5p7TV79ze_lLC58StjrGQPhWDneanm0ryXcCHrjmx97MhonZlNH8PM_BuCC06Gf8z-jVASRuDpGDgV67Ji4n7cPEmeNFfLvEVXWCMadykIIJZG96ijp9-Pu0Tj2B_EmLLFv7be5A26fdQZdmJoT1yidyiYtBSbyeQcD9e-kRF0J_zdPNNS_a8NXNddYjWZP5EqbX2_aMDUpykQ7LnzW2IC_YHCXBq3DR1b9Llig3KLN4ixp40AmqfB9iuPn16AfcsQ-l_LCZcgfVI1NmX7xfqbpegmKEL6TQ-3XzaY-z1InEX8UrPGRcd1Cv2SuinCPqve9jELWM8Nv-KS0_88oHcYNif3ti3fMp5bz90kQdYSv3fOpMkvPwLqF38Xk1A0tvo2ktDPqzW0ipxMvM1-UP5Quc91gayxU2gEI_OY4zBHu9hn8qPOssbSi-FEV9-MFqrsH_TynvdALmn3Eq1XQJi5OLi1J-7UAVZacC8TXMbmvdR0c1uDd86YdzFLBa03PgcHOtPDpLvtQ23XpW-c61QKuiYEGvqV-8jfQBRgBycKNDeuTOQMAP6998DI29y6RLybdebLyQbqJ9jMg3zdvqgU164UHXx8JBMGQSd_nKL_s5f05jXkKKCC4x05VE_H3WRJr4WX42kAcrBnPx1O2GozQ3tTqkUGHal573EKWj4CQ6US74aMdxYvDeWwvyyuWhaGZN9YnpPBd2af_D5OggoxJy6xfDzXeKZDaMivuuxLO4xJXq08jknJFrsDUxiAJGrxQmdJ8JzzYQrgi5YM7BQ9Q1FSgNRDwghMLurK4elHlYsdl0wjDjbhIp2tBZjfId_tpe2LGneHJEUzvnqjaPgUgprlYEAEViQFHMomVjU29ZyPhOvOq4KV2iNwXzZyB7rHulUP24aX-VIspCuNk6-DmimoZqMwlVB9qP-emH71EPQjYyHD7EdTavDg_L-MXrCE8V-ccRgK0EUoWKGU4PsW8EZ2yCsA1hz83uNwSHH6Lsnq6dbdzc1nU4goBIXzQgDvlTb5y5MMdU2pa_2ZjMiQuMN4qGDLRbqy-TDCBKNMbSWlpaC2hpAg-u_SJnp57i6qgyohcv2ZCXLdDQCyChAHNmDACbWo0uGQCRK96cNZUxMJuMSeoFWYBxjvocM1V6iZS1fL4-O7HiLMpfL5C40YxSzDTA51w5woSZaNJu5ovzgIXsqqQfxhmeLvSEZZDxnl-aiwbpm3XjSWHWzEiHhYmbC41L7ZIXUEymwyO1ps6Mb4hqA0WvyBcNxr35VREEDWGz17E3ol2uZjjo_1coU-N7RIa3ROZV6p8_37zNM5YFDE_OThc3j6K1LXXcmuwD0Vjj-wD3fzsHWSb291zmBcIrK2kSOhMJhRS8mx0L9zV9aziyGTDIoy7DdPfzMZKuIBjfVwX0r2ysa6X4QsMQ4xuTwafpjiMICm-9Orphk9QgB9B7fL8YW3c5XzgFX2lirjV77WwrAN4Kfc2QdC-j2b6if_WimNq2V2Y9C9DXRi9_D3-m3zV7wtSmLa-OSrovm5GQNesTUyGI5ZvrNcrdY7BDdeHEumPX4EV3I2wjmgp6CmZlB9edx3UHkzl0A9vCbTd-K7RMp9Gwkw4z-6ig687_MYbXhdwrQS5lmq6tygoptLwllA1axUcfze4_w2G2wRubNowxiMyICLNCYQiS5ARg6x8oI6oy1z3Y9TjalEBEgbGMRquH_EGEEe8dF6SEimnoG1eIdlw9_8fOmi3z3mJ1pfz7C_30NWpqYwtOIRNr-B9T6wERy68GvVby5sWsQRO3O_7Q9s91xBHgJc6GoMECicD662NRgoRkLrpvZOS7rxsxSEUd9VF1cXWjxbAWBSYZqOUTkd78vCJ-PiyePnRi0tLbo_taoc-9sneGjFSS5Ycvu8oD22Hgksfq4yQLV3Gop9qaXaRrMivF31ocwzkYLu7zUNkxvo9fjqNKEWuiuJOEMLD0O84U17AsnLpkDyCpxUMlzAIWJ_Pd_RDPbl_rIbqx1SvgSo9aNVmcyI7xrFkP35iDM4xpCEi7wKiTsNBXJcpQ2PsPZHAfRx8JHMZK1lY02eBxeaAMLs3Lzb8htQLuRk1pbThegcqxgggryu-pScrN9s_7ljl6M8mA67nI9&cid=CAASJORoyJxbzT4Hsp2x6YnoymAguovVHVxPc3cSH1nfHeWip9n9Mg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3899
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 20:33:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 9B07 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfDs8m1DMx9q0QkzS-NlAEl1MHfiK0_16djOLIdNVoXvbRQgyjkHrQYZ7WN4wgavYy2FliaiYx8OKbM-hupCILtB-h0A&cry=1&dbm_d=AKAmf-BizZG36aEvJ0fJrax8nXRLfxULv8Y3ygWs89XGFVCDpWxTtYHBTSbs8x8g5yE3duBqGaBrd-6dgAOxHfsiwDlBYx1EkBHC-rXRAj1wvAW-3DLlZvLw9xeDAL9ABjKJ46-rFMiQNp7zHuB4a1CU_lxlRx8GBgaW4lI6ZVdZijt-px1YgogP803r67tLP5C-sPdfO5YlrCy4mysF-1uJ2wEqipd6aBaTSjbTm5TvK_9dtZio7Ca79GC2Ph05TDDgWBMSY3jOhFQzeeZq5EUONHrFfPa0NO7bo_1lImP0D36ClCcdohGX7fr9Rk9aWzu6ZcGD3ZzU20aVz_xaNOK5QPmlCVpISyhL60TPabgYHtk6gXtjZmIBLxj3fwtXyuD0RrXygdUcVIUm-ISkrKG54aK5SCcYn8dtk09kFnu5R3Iiz7VV2Buh9-koghM5lQMA6kNEmoMkwk_-LG_1_fUV79AaAtMx7ISZlMCnuqxStHC6efEi7KUXAwCmK77hgH3WQQlbVuqWV-I_QHPaTve3qod_K3hnB_kmAlbWjlwLLbTwkXPkTnEOD5En-fr75I1axs6GNub_1e5QwFyQHyfOL06PhhHvWO7Jt7Wv3s8Ko3_4M-vbHr2dt52cH96VQTRCWqZRLfpbOXNF7yafcROXBngVf29CZZfYxDY_jXPCbGH4gZ_PrMjpi3t3nBDY1-Qo4Xf1omSzhOpWUlVk_QTmgGpEa2zvogYKLfmh9vU6KsD-UYxs6nswcIovtK4SQWlMcfrN4Rss_ZZ3yDSIUrUxmlZQEIpHFxQurXZy7G3ryWRSln3X-cufKTJ_7XVq_FOJ32dU-fqWilBMFl7wsZdQtKOvK2L5YgeQFRkIISFLi88XLVVqbeZkER5sYoUsNbkoRAY5bVzUsGeMH-yxPRBkxV9kiMF9DYOe3gD_qy9eSRGxrC_pukDl3Tx9QbXjKIjRhz-gCuCUI88qbTmHI8xp3SqorDUFV7mdZd2Ez3KU5C08lEVi5pu-q48DXiP3oSlz8qCygik-q-Z1g54odcw8_dE8xfkDS3vAIKWwou6nfcmACLCYHxKgrP0EEFNHkhoJK7_OuN1Oi_QOnKo-4asmjwaiGUtgRrl0QVXBG7mYl644-9rNMBW5ATcrU8z_TzqSnV2wTxyNpSVGiuUbdpyYsyiOM2pymFz-9GpKWIN39REFI9oHHxnB0jWX8wWFM0shEBi_T5Qv-O0-ZUZFkNEuIXDLyuY9pNbh5FhTVuC-2UBpZyVu2TrLLw5sQz6CZoqdq-W212VhYjqTmqSeHZcvZZAWAVBa8vBctjOASCCD6xv31sOwdUirhmuqd6M2k7we0G8vZ1ZggK0hBSN6OaWdKty6-JQl_WuJTfWcMauUqpdnU_IlDmKykSNOPWgi_lkorlkl0CL__eY3kkwm1rSNsJcGPe95gnheGJfWp3dpiuScZE9mQe67SZ3MZWdXnLFoGwzduGLqC0F8i1e0I5EgHDTrffjV9xXp2hN-E6z18wHfOg1y218aqwJm4i4eCs7au3PvYTHVU4_YJlxc88eDY8CwbcnB0aZX-XFS_MPGdwxWuO5Hm8ZyIn1UZVEa65B6dJqZeDXgRUmBed1bSFoPh5NqvDPWnHJciw7neqTmG0YJuAHfeuL4BPiNvTXgfKJAuqFsSu9XV1Vd5BwagVVaQy8PhTA--evgltjPJQWU2WEprzBtUYX2-y01ixtv1kQOzGI4wIBNOSUoKdVCnP-6W0TPiKhTNa88hZQEJWud07ccvlqGjIaf0vyD84Kc780wrPbBufm1Xdl0SvvYhIuL1UX_7emoHqFmhnqSsCbspBMWV-PqGn3MPX8LJpgRNII5Au017wtvT76_WXfMPQioPc_Ozm6t3uEKHzEbUpw0IaDq_gYnENoPI7uDJFCVY-aR0fM2KRPRhdGPcK5VVnuY_lEpV0NA_7WgUq8_S4sLZEAM-33F7gZVUbybgyLxuuLKNvdprSwb6J3-rjI_ZeiDrWxoqp2dl7rRg2_qhZiMkv3TAdto7FPHHRkjh2Y1golV0aZsh2ZpyhNvlL7dUnOaM-VVbrFfiEnS1DrSPt0rCGAuo9P7r-Xa_lPdUT4ZpNgM9BkWK03OyLVr6bTm-anJxYrmp6niLqP-z7D-DVeVAUK-Sg0a_tec6Q495Tyl_v1NkA4EqYdtexs47EahS6K_PWrs4tOa8SaruYHfUlFRW-gXQm56Zd92UDd9VZZOq-x8UAZC6PzBcf_SJMVYv9T-zYVWSGEKhUcTDvMPA8aOh4OoXQEUd9AxoC0ggKrXdrI47_QLqW5KIxbl-vBbdLd7CC-iPjHFdKD4cm3mEvF0MgGKwa2XGjBbyEX-nK-f0zl39E-WvTcLmkxhN0NNbYw7Gm2-Fk4lHoWNIwvo4pgCPoFcMVtx7XJ6PfYujY6cC2aKvmgnrCq-gdueCkyUTpo8EyjYgKSifInkG5pVcGpP3eq7mDcXzPQENI-9W9WDESeLpDTAwFycfrUJIi0bneFS-JFiIYtvFBewqILNu7wxIp9aSqZT6PCbHU1QwXh-V64vp8kXwBVI_ZCs7CTKfsiv8Ro-LR8fep5Cxe6s2yuIcR3zLwY27g2rheA30JIv02OUtNMC_dzEDafa6WgvdEnFCB1n8taznyMRafR_jENebW9KnSFOs7s4eL9GpJxtfYUATQyUrJFpAUc2fbzBCsWXFcM5SfD4T7KD8PRKVg4SBXeLjLOzPhPEDZmfQweMu3iyaV8F5WodlkhxrwLwNTnGGUVhzTvdlJjjmahyBNJ0kS7nufJNFJCRh99GCqy0mm4FFdmTwhKZ_ZW6gQAHolEKs3ls-OZREEs-8RBX4PO6vzcTfGbzxIorK2O4XrZPIbJP6A2YScktHo4Q5aXJ1gsRVXZyPwbkc8B4TFeZ6UC1W-i8ZwYYr2UnQRjLfYOZVXJYfwxqE4M3lIRUGt-3xtXmWTLRcdyXb4u8x9yrOI6nRtE-kY2EM6E9jwiUs_hz_5W2duXCLeu85_hrhFaozhA7ECuTdV4fM0q5do0FmBTcfPGFBc7nVf9aXA8bfuHiG6cllNg-_R7N4Y8cujE4omU7wC-JarF8bgFfSQ6WEh1aRzYsaLJMiPLJnbYf6UmS5Q7BwuV_Moj-7MZEpajKXCsHj-77tYCQj_yo9tbWQd890KpWcR5QxZA&cid=CAASJORopddw_0Dp4jvZzhQOMCaek8-wO5Pirxqg_5SgSY98dwWETQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3899
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 20:33:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/ Frame 9B07 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfDs8m1DMx9q0QkzS-NlAEl1MHfiK0_16djOLIdNVoXvbRQgyjkHrQYZ7WN4wgavYy2FliaiYx8OKbM-hupCILtB-h0A&cry=1&dbm_d=AKAmf-BizZG36aEvJ0fJrax8nXRLfxULv8Y3ygWs89XGFVCDpWxTtYHBTSbs8x8g5yE3duBqGaBrd-6dgAOxHfsiwDlBYx1EkBHC-rXRAj1wvAW-3DLlZvLw9xeDAL9ABjKJ46-rFMiQNp7zHuB4a1CU_lxlRx8GBgaW4lI6ZVdZijt-px1YgogP803r67tLP5C-sPdfO5YlrCy4mysF-1uJ2wEqipd6aBaTSjbTm5TvK_9dtZio7Ca79GC2Ph05TDDgWBMSY3jOhFQzeeZq5EUONHrFfPa0NO7bo_1lImP0D36ClCcdohGX7fr9Rk9aWzu6ZcGD3ZzU20aVz_xaNOK5QPmlCVpISyhL60TPabgYHtk6gXtjZmIBLxj3fwtXyuD0RrXygdUcVIUm-ISkrKG54aK5SCcYn8dtk09kFnu5R3Iiz7VV2Buh9-koghM5lQMA6kNEmoMkwk_-LG_1_fUV79AaAtMx7ISZlMCnuqxStHC6efEi7KUXAwCmK77hgH3WQQlbVuqWV-I_QHPaTve3qod_K3hnB_kmAlbWjlwLLbTwkXPkTnEOD5En-fr75I1axs6GNub_1e5QwFyQHyfOL06PhhHvWO7Jt7Wv3s8Ko3_4M-vbHr2dt52cH96VQTRCWqZRLfpbOXNF7yafcROXBngVf29CZZfYxDY_jXPCbGH4gZ_PrMjpi3t3nBDY1-Qo4Xf1omSzhOpWUlVk_QTmgGpEa2zvogYKLfmh9vU6KsD-UYxs6nswcIovtK4SQWlMcfrN4Rss_ZZ3yDSIUrUxmlZQEIpHFxQurXZy7G3ryWRSln3X-cufKTJ_7XVq_FOJ32dU-fqWilBMFl7wsZdQtKOvK2L5YgeQFRkIISFLi88XLVVqbeZkER5sYoUsNbkoRAY5bVzUsGeMH-yxPRBkxV9kiMF9DYOe3gD_qy9eSRGxrC_pukDl3Tx9QbXjKIjRhz-gCuCUI88qbTmHI8xp3SqorDUFV7mdZd2Ez3KU5C08lEVi5pu-q48DXiP3oSlz8qCygik-q-Z1g54odcw8_dE8xfkDS3vAIKWwou6nfcmACLCYHxKgrP0EEFNHkhoJK7_OuN1Oi_QOnKo-4asmjwaiGUtgRrl0QVXBG7mYl644-9rNMBW5ATcrU8z_TzqSnV2wTxyNpSVGiuUbdpyYsyiOM2pymFz-9GpKWIN39REFI9oHHxnB0jWX8wWFM0shEBi_T5Qv-O0-ZUZFkNEuIXDLyuY9pNbh5FhTVuC-2UBpZyVu2TrLLw5sQz6CZoqdq-W212VhYjqTmqSeHZcvZZAWAVBa8vBctjOASCCD6xv31sOwdUirhmuqd6M2k7we0G8vZ1ZggK0hBSN6OaWdKty6-JQl_WuJTfWcMauUqpdnU_IlDmKykSNOPWgi_lkorlkl0CL__eY3kkwm1rSNsJcGPe95gnheGJfWp3dpiuScZE9mQe67SZ3MZWdXnLFoGwzduGLqC0F8i1e0I5EgHDTrffjV9xXp2hN-E6z18wHfOg1y218aqwJm4i4eCs7au3PvYTHVU4_YJlxc88eDY8CwbcnB0aZX-XFS_MPGdwxWuO5Hm8ZyIn1UZVEa65B6dJqZeDXgRUmBed1bSFoPh5NqvDPWnHJciw7neqTmG0YJuAHfeuL4BPiNvTXgfKJAuqFsSu9XV1Vd5BwagVVaQy8PhTA--evgltjPJQWU2WEprzBtUYX2-y01ixtv1kQOzGI4wIBNOSUoKdVCnP-6W0TPiKhTNa88hZQEJWud07ccvlqGjIaf0vyD84Kc780wrPbBufm1Xdl0SvvYhIuL1UX_7emoHqFmhnqSsCbspBMWV-PqGn3MPX8LJpgRNII5Au017wtvT76_WXfMPQioPc_Ozm6t3uEKHzEbUpw0IaDq_gYnENoPI7uDJFCVY-aR0fM2KRPRhdGPcK5VVnuY_lEpV0NA_7WgUq8_S4sLZEAM-33F7gZVUbybgyLxuuLKNvdprSwb6J3-rjI_ZeiDrWxoqp2dl7rRg2_qhZiMkv3TAdto7FPHHRkjh2Y1golV0aZsh2ZpyhNvlL7dUnOaM-VVbrFfiEnS1DrSPt0rCGAuo9P7r-Xa_lPdUT4ZpNgM9BkWK03OyLVr6bTm-anJxYrmp6niLqP-z7D-DVeVAUK-Sg0a_tec6Q495Tyl_v1NkA4EqYdtexs47EahS6K_PWrs4tOa8SaruYHfUlFRW-gXQm56Zd92UDd9VZZOq-x8UAZC6PzBcf_SJMVYv9T-zYVWSGEKhUcTDvMPA8aOh4OoXQEUd9AxoC0ggKrXdrI47_QLqW5KIxbl-vBbdLd7CC-iPjHFdKD4cm3mEvF0MgGKwa2XGjBbyEX-nK-f0zl39E-WvTcLmkxhN0NNbYw7Gm2-Fk4lHoWNIwvo4pgCPoFcMVtx7XJ6PfYujY6cC2aKvmgnrCq-gdueCkyUTpo8EyjYgKSifInkG5pVcGpP3eq7mDcXzPQENI-9W9WDESeLpDTAwFycfrUJIi0bneFS-JFiIYtvFBewqILNu7wxIp9aSqZT6PCbHU1QwXh-V64vp8kXwBVI_ZCs7CTKfsiv8Ro-LR8fep5Cxe6s2yuIcR3zLwY27g2rheA30JIv02OUtNMC_dzEDafa6WgvdEnFCB1n8taznyMRafR_jENebW9KnSFOs7s4eL9GpJxtfYUATQyUrJFpAUc2fbzBCsWXFcM5SfD4T7KD8PRKVg4SBXeLjLOzPhPEDZmfQweMu3iyaV8F5WodlkhxrwLwNTnGGUVhzTvdlJjjmahyBNJ0kS7nufJNFJCRh99GCqy0mm4FFdmTwhKZ_ZW6gQAHolEKs3ls-OZREEs-8RBX4PO6vzcTfGbzxIorK2O4XrZPIbJP6A2YScktHo4Q5aXJ1gsRVXZyPwbkc8B4TFeZ6UC1W-i8ZwYYr2UnQRjLfYOZVXJYfwxqE4M3lIRUGt-3xtXmWTLRcdyXb4u8x9yrOI6nRtE-kY2EM6E9jwiUs_hz_5W2duXCLeu85_hrhFaozhA7ECuTdV4fM0q5do0FmBTcfPGFBc7nVf9aXA8bfuHiG6cllNg-_R7N4Y8cujE4omU7wC-JarF8bgFfSQ6WEh1aRzYsaLJMiPLJnbYf6UmS5Q7BwuV_Moj-7MZEpajKXCsHj-77tYCQj_yo9tbWQd890KpWcR5QxZA&cid=CAASJORopddw_0Dp4jvZzhQOMCaek8-wO5Pirxqg_5SgSY98dwWETQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 19:32:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9B07 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5FKVF-eFauf6UfwDM9vdKTkLfEO5dUuMCUyycwIgOVOqrB-WA9T1Y63aTbipR78aTFdjqkDkS1IRyrHf4D2Dd4BpWgWDRbxc13A2SNAr0TT2ZKFmJ4r1w4Odt0ueDwgnig57mhg6CVfOzl8Q0_QEr9d1n4eRf-YDSIA7ywNKr0XMuI6qw_UjYnAYgRTYsX0wBcbvU41ilEy9z99gSYjv-IU1R-bsI3WplMqag0eTkdSACkglOPrz0sGDXjeHbZSfvBlgJJBgrwzVTVyZLHxGbMFqWFZdDN6WDXooBPWN5y2ZkUyqsnAEcpie6lIxU_AacBL7e7cpNyXiffesdYWaO_5m0Uw5cdsOWgNl89XqlIBvnc4LSLynHVlkYgLbnDWy5bFEEDs-CtELacuRtT2ot54Y403DyFggs4j3k5uKwmogn9EhZN3AOrtdZ6fwo0acPT7cm1sZtX7BET_K4HTs914zgMf-db7kKMbFETjrHLQn9kYgznDrellsQJP-WZsYhbi1He3y4JnK_l3W-PyBT1t4Ew0glghYuTbbh2grc91hsa8KnPAu9Yqr3beO1irRNgRcxduKCxyAMYG365jjgrZ1FaYgxnpfi6hB91LKabUkjgElgV8aWJ98s6yHEQ_uDWc6uqkqFFB_RcejUHEqRi7pKaVre0mBJck3EwOMWDAk772ZJk2DrJyfHzx6_MHXAgJOX0S4pqhQQdOYkXRnYmvO8SMuhcA_ynMbPfJnHnaMRIvLE2wo2CWOm-OP-REhs6h7cycovtgYBYG7vrj50AmOwPEMjtEtcjSTNcSMYbDJgFgG38kz-vI7tRtQTOvwDsbZFJ3S5q1kGNThABGHBHzAt3mVzpSG-Y_kwkt3Jx0c0xUIP0j6BT6T9UYlA0TqAGiGICZRY3Z7rfzqVYWxGBZEv7r_9JFAwyYhQ-dyv8R79GjaYG6Zh9jKUwxGbFAMZiAOb8rAu_pvauWNQR7oPvZ6lIZS5ulGjzwRejgjoL3y9RAfAR3INa4dSsvizGd_4x2tmuU_ld2FAd1Jv_rjuldaQRXawYL81geXET9PwUTgQdBCGurEG80koY-ZpgNsKgRUjnrhVZMOM_ggbT-3vJ9odjneAjiqZ3QDmkW4MOHcl2SBRWmUoch3_HKRJ7H1KbEMIUvVZ1gKFfFRI2ls6pI_6cznfYwNKChJ7HpIv17O6L63vbPTKgtGL66eE8NEz9xxP9vW9NsTiW4gUnCOGIeAh_8rTnRb2ePdgFw&sai=AMfl-YSxnuPFEglXbbm3Bfy3KOg6dwaNsRnfXZMQfIyBtR0P1oSCk6fukFlbzAB2dwqjRYGqfU58Itr6RGVMusM2L9S0RyOqStFDt0aDb3QCJ9cbpFaATfI76DNrs2Gb7LMbSVKlS1Y0OUkIbWQDg6ovh5SSp_647tZpxOXOO9BkT8ATFEHby3D0IO92b689J2HKi0CgfTlczUwA7V-MBzJYY6dR&sig=Cg0ArKJSzAEqODokyO0oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220927.98927&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfDs8m1DMx9q0QkzS-NlAEl1MHfiK0_16djOLIdNVoXvbRQgyjkHrQYZ7WN4wgavYy2FliaiYx8OKbM-hupCILtB-h0A&cry=1&dbm_d=AKAmf-BizZG36aEvJ0fJrax8nXRLfxULv8Y3ygWs89XGFVCDpWxTtYHBTSbs8x8g5yE3duBqGaBrd-6dgAOxHfsiwDlBYx1EkBHC-rXRAj1wvAW-3DLlZvLw9xeDAL9ABjKJ46-rFMiQNp7zHuB4a1CU_lxlRx8GBgaW4lI6ZVdZijt-px1YgogP803r67tLP5C-sPdfO5YlrCy4mysF-1uJ2wEqipd6aBaTSjbTm5TvK_9dtZio7Ca79GC2Ph05TDDgWBMSY3jOhFQzeeZq5EUONHrFfPa0NO7bo_1lImP0D36ClCcdohGX7fr9Rk9aWzu6ZcGD3ZzU20aVz_xaNOK5QPmlCVpISyhL60TPabgYHtk6gXtjZmIBLxj3fwtXyuD0RrXygdUcVIUm-ISkrKG54aK5SCcYn8dtk09kFnu5R3Iiz7VV2Buh9-koghM5lQMA6kNEmoMkwk_-LG_1_fUV79AaAtMx7ISZlMCnuqxStHC6efEi7KUXAwCmK77hgH3WQQlbVuqWV-I_QHPaTve3qod_K3hnB_kmAlbWjlwLLbTwkXPkTnEOD5En-fr75I1axs6GNub_1e5QwFyQHyfOL06PhhHvWO7Jt7Wv3s8Ko3_4M-vbHr2dt52cH96VQTRCWqZRLfpbOXNF7yafcROXBngVf29CZZfYxDY_jXPCbGH4gZ_PrMjpi3t3nBDY1-Qo4Xf1omSzhOpWUlVk_QTmgGpEa2zvogYKLfmh9vU6KsD-UYxs6nswcIovtK4SQWlMcfrN4Rss_ZZ3yDSIUrUxmlZQEIpHFxQurXZy7G3ryWRSln3X-cufKTJ_7XVq_FOJ32dU-fqWilBMFl7wsZdQtKOvK2L5YgeQFRkIISFLi88XLVVqbeZkER5sYoUsNbkoRAY5bVzUsGeMH-yxPRBkxV9kiMF9DYOe3gD_qy9eSRGxrC_pukDl3Tx9QbXjKIjRhz-gCuCUI88qbTmHI8xp3SqorDUFV7mdZd2Ez3KU5C08lEVi5pu-q48DXiP3oSlz8qCygik-q-Z1g54odcw8_dE8xfkDS3vAIKWwou6nfcmACLCYHxKgrP0EEFNHkhoJK7_OuN1Oi_QOnKo-4asmjwaiGUtgRrl0QVXBG7mYl644-9rNMBW5ATcrU8z_TzqSnV2wTxyNpSVGiuUbdpyYsyiOM2pymFz-9GpKWIN39REFI9oHHxnB0jWX8wWFM0shEBi_T5Qv-O0-ZUZFkNEuIXDLyuY9pNbh5FhTVuC-2UBpZyVu2TrLLw5sQz6CZoqdq-W212VhYjqTmqSeHZcvZZAWAVBa8vBctjOASCCD6xv31sOwdUirhmuqd6M2k7we0G8vZ1ZggK0hBSN6OaWdKty6-JQl_WuJTfWcMauUqpdnU_IlDmKykSNOPWgi_lkorlkl0CL__eY3kkwm1rSNsJcGPe95gnheGJfWp3dpiuScZE9mQe67SZ3MZWdXnLFoGwzduGLqC0F8i1e0I5EgHDTrffjV9xXp2hN-E6z18wHfOg1y218aqwJm4i4eCs7au3PvYTHVU4_YJlxc88eDY8CwbcnB0aZX-XFS_MPGdwxWuO5Hm8ZyIn1UZVEa65B6dJqZeDXgRUmBed1bSFoPh5NqvDPWnHJciw7neqTmG0YJuAHfeuL4BPiNvTXgfKJAuqFsSu9XV1Vd5BwagVVaQy8PhTA--evgltjPJQWU2WEprzBtUYX2-y01ixtv1kQOzGI4wIBNOSUoKdVCnP-6W0TPiKhTNa88hZQEJWud07ccvlqGjIaf0vyD84Kc780wrPbBufm1Xdl0SvvYhIuL1UX_7emoHqFmhnqSsCbspBMWV-PqGn3MPX8LJpgRNII5Au017wtvT76_WXfMPQioPc_Ozm6t3uEKHzEbUpw0IaDq_gYnENoPI7uDJFCVY-aR0fM2KRPRhdGPcK5VVnuY_lEpV0NA_7WgUq8_S4sLZEAM-33F7gZVUbybgyLxuuLKNvdprSwb6J3-rjI_ZeiDrWxoqp2dl7rRg2_qhZiMkv3TAdto7FPHHRkjh2Y1golV0aZsh2ZpyhNvlL7dUnOaM-VVbrFfiEnS1DrSPt0rCGAuo9P7r-Xa_lPdUT4ZpNgM9BkWK03OyLVr6bTm-anJxYrmp6niLqP-z7D-DVeVAUK-Sg0a_tec6Q495Tyl_v1NkA4EqYdtexs47EahS6K_PWrs4tOa8SaruYHfUlFRW-gXQm56Zd92UDd9VZZOq-x8UAZC6PzBcf_SJMVYv9T-zYVWSGEKhUcTDvMPA8aOh4OoXQEUd9AxoC0ggKrXdrI47_QLqW5KIxbl-vBbdLd7CC-iPjHFdKD4cm3mEvF0MgGKwa2XGjBbyEX-nK-f0zl39E-WvTcLmkxhN0NNbYw7Gm2-Fk4lHoWNIwvo4pgCPoFcMVtx7XJ6PfYujY6cC2aKvmgnrCq-gdueCkyUTpo8EyjYgKSifInkG5pVcGpP3eq7mDcXzPQENI-9W9WDESeLpDTAwFycfrUJIi0bneFS-JFiIYtvFBewqILNu7wxIp9aSqZT6PCbHU1QwXh-V64vp8kXwBVI_ZCs7CTKfsiv8Ro-LR8fep5Cxe6s2yuIcR3zLwY27g2rheA30JIv02OUtNMC_dzEDafa6WgvdEnFCB1n8taznyMRafR_jENebW9KnSFOs7s4eL9GpJxtfYUATQyUrJFpAUc2fbzBCsWXFcM5SfD4T7KD8PRKVg4SBXeLjLOzPhPEDZmfQweMu3iyaV8F5WodlkhxrwLwNTnGGUVhzTvdlJjjmahyBNJ0kS7nufJNFJCRh99GCqy0mm4FFdmTwhKZ_ZW6gQAHolEKs3ls-OZREEs-8RBX4PO6vzcTfGbzxIorK2O4XrZPIbJP6A2YScktHo4Q5aXJ1gsRVXZyPwbkc8B4TFeZ6UC1W-i8ZwYYr2UnQRjLfYOZVXJYfwxqE4M3lIRUGt-3xtXmWTLRcdyXb4u8x9yrOI6nRtE-kY2EM6E9jwiUs_hz_5W2duXCLeu85_hrhFaozhA7ECuTdV4fM0q5do0FmBTcfPGFBc7nVf9aXA8bfuHiG6cllNg-_R7N4Y8cujE4omU7wC-JarF8bgFfSQ6WEh1aRzYsaLJMiPLJnbYf6UmS5Q7BwuV_Moj-7MZEpajKXCsHj-77tYCQj_yo9tbWQd890KpWcR5QxZA&cid=CAASJORopddw_0Dp4jvZzhQOMCaek8-wO5Pirxqg_5SgSY98dwWETQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 29 Sep 2022 21:38:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9B07 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfDs8m1DMx9q0QkzS-NlAEl1MHfiK0_16djOLIdNVoXvbRQgyjkHrQYZ7WN4wgavYy2FliaiYx8OKbM-hupCILtB-h0A&cry=1&dbm_d=AKAmf-BizZG36aEvJ0fJrax8nXRLfxULv8Y3ygWs89XGFVCDpWxTtYHBTSbs8x8g5yE3duBqGaBrd-6dgAOxHfsiwDlBYx1EkBHC-rXRAj1wvAW-3DLlZvLw9xeDAL9ABjKJ46-rFMiQNp7zHuB4a1CU_lxlRx8GBgaW4lI6ZVdZijt-px1YgogP803r67tLP5C-sPdfO5YlrCy4mysF-1uJ2wEqipd6aBaTSjbTm5TvK_9dtZio7Ca79GC2Ph05TDDgWBMSY3jOhFQzeeZq5EUONHrFfPa0NO7bo_1lImP0D36ClCcdohGX7fr9Rk9aWzu6ZcGD3ZzU20aVz_xaNOK5QPmlCVpISyhL60TPabgYHtk6gXtjZmIBLxj3fwtXyuD0RrXygdUcVIUm-ISkrKG54aK5SCcYn8dtk09kFnu5R3Iiz7VV2Buh9-koghM5lQMA6kNEmoMkwk_-LG_1_fUV79AaAtMx7ISZlMCnuqxStHC6efEi7KUXAwCmK77hgH3WQQlbVuqWV-I_QHPaTve3qod_K3hnB_kmAlbWjlwLLbTwkXPkTnEOD5En-fr75I1axs6GNub_1e5QwFyQHyfOL06PhhHvWO7Jt7Wv3s8Ko3_4M-vbHr2dt52cH96VQTRCWqZRLfpbOXNF7yafcROXBngVf29CZZfYxDY_jXPCbGH4gZ_PrMjpi3t3nBDY1-Qo4Xf1omSzhOpWUlVk_QTmgGpEa2zvogYKLfmh9vU6KsD-UYxs6nswcIovtK4SQWlMcfrN4Rss_ZZ3yDSIUrUxmlZQEIpHFxQurXZy7G3ryWRSln3X-cufKTJ_7XVq_FOJ32dU-fqWilBMFl7wsZdQtKOvK2L5YgeQFRkIISFLi88XLVVqbeZkER5sYoUsNbkoRAY5bVzUsGeMH-yxPRBkxV9kiMF9DYOe3gD_qy9eSRGxrC_pukDl3Tx9QbXjKIjRhz-gCuCUI88qbTmHI8xp3SqorDUFV7mdZd2Ez3KU5C08lEVi5pu-q48DXiP3oSlz8qCygik-q-Z1g54odcw8_dE8xfkDS3vAIKWwou6nfcmACLCYHxKgrP0EEFNHkhoJK7_OuN1Oi_QOnKo-4asmjwaiGUtgRrl0QVXBG7mYl644-9rNMBW5ATcrU8z_TzqSnV2wTxyNpSVGiuUbdpyYsyiOM2pymFz-9GpKWIN39REFI9oHHxnB0jWX8wWFM0shEBi_T5Qv-O0-ZUZFkNEuIXDLyuY9pNbh5FhTVuC-2UBpZyVu2TrLLw5sQz6CZoqdq-W212VhYjqTmqSeHZcvZZAWAVBa8vBctjOASCCD6xv31sOwdUirhmuqd6M2k7we0G8vZ1ZggK0hBSN6OaWdKty6-JQl_WuJTfWcMauUqpdnU_IlDmKykSNOPWgi_lkorlkl0CL__eY3kkwm1rSNsJcGPe95gnheGJfWp3dpiuScZE9mQe67SZ3MZWdXnLFoGwzduGLqC0F8i1e0I5EgHDTrffjV9xXp2hN-E6z18wHfOg1y218aqwJm4i4eCs7au3PvYTHVU4_YJlxc88eDY8CwbcnB0aZX-XFS_MPGdwxWuO5Hm8ZyIn1UZVEa65B6dJqZeDXgRUmBed1bSFoPh5NqvDPWnHJciw7neqTmG0YJuAHfeuL4BPiNvTXgfKJAuqFsSu9XV1Vd5BwagVVaQy8PhTA--evgltjPJQWU2WEprzBtUYX2-y01ixtv1kQOzGI4wIBNOSUoKdVCnP-6W0TPiKhTNa88hZQEJWud07ccvlqGjIaf0vyD84Kc780wrPbBufm1Xdl0SvvYhIuL1UX_7emoHqFmhnqSsCbspBMWV-PqGn3MPX8LJpgRNII5Au017wtvT76_WXfMPQioPc_Ozm6t3uEKHzEbUpw0IaDq_gYnENoPI7uDJFCVY-aR0fM2KRPRhdGPcK5VVnuY_lEpV0NA_7WgUq8_S4sLZEAM-33F7gZVUbybgyLxuuLKNvdprSwb6J3-rjI_ZeiDrWxoqp2dl7rRg2_qhZiMkv3TAdto7FPHHRkjh2Y1golV0aZsh2ZpyhNvlL7dUnOaM-VVbrFfiEnS1DrSPt0rCGAuo9P7r-Xa_lPdUT4ZpNgM9BkWK03OyLVr6bTm-anJxYrmp6niLqP-z7D-DVeVAUK-Sg0a_tec6Q495Tyl_v1NkA4EqYdtexs47EahS6K_PWrs4tOa8SaruYHfUlFRW-gXQm56Zd92UDd9VZZOq-x8UAZC6PzBcf_SJMVYv9T-zYVWSGEKhUcTDvMPA8aOh4OoXQEUd9AxoC0ggKrXdrI47_QLqW5KIxbl-vBbdLd7CC-iPjHFdKD4cm3mEvF0MgGKwa2XGjBbyEX-nK-f0zl39E-WvTcLmkxhN0NNbYw7Gm2-Fk4lHoWNIwvo4pgCPoFcMVtx7XJ6PfYujY6cC2aKvmgnrCq-gdueCkyUTpo8EyjYgKSifInkG5pVcGpP3eq7mDcXzPQENI-9W9WDESeLpDTAwFycfrUJIi0bneFS-JFiIYtvFBewqILNu7wxIp9aSqZT6PCbHU1QwXh-V64vp8kXwBVI_ZCs7CTKfsiv8Ro-LR8fep5Cxe6s2yuIcR3zLwY27g2rheA30JIv02OUtNMC_dzEDafa6WgvdEnFCB1n8taznyMRafR_jENebW9KnSFOs7s4eL9GpJxtfYUATQyUrJFpAUc2fbzBCsWXFcM5SfD4T7KD8PRKVg4SBXeLjLOzPhPEDZmfQweMu3iyaV8F5WodlkhxrwLwNTnGGUVhzTvdlJjjmahyBNJ0kS7nufJNFJCRh99GCqy0mm4FFdmTwhKZ_ZW6gQAHolEKs3ls-OZREEs-8RBX4PO6vzcTfGbzxIorK2O4XrZPIbJP6A2YScktHo4Q5aXJ1gsRVXZyPwbkc8B4TFeZ6UC1W-i8ZwYYr2UnQRjLfYOZVXJYfwxqE4M3lIRUGt-3xtXmWTLRcdyXb4u8x9yrOI6nRtE-kY2EM6E9jwiUs_hz_5W2duXCLeu85_hrhFaozhA7ECuTdV4fM0q5do0FmBTcfPGFBc7nVf9aXA8bfuHiG6cllNg-_R7N4Y8cujE4omU7wC-JarF8bgFfSQ6WEh1aRzYsaLJMiPLJnbYf6UmS5Q7BwuV_Moj-7MZEpajKXCsHj-77tYCQj_yo9tbWQd890KpWcR5QxZA&cid=CAASJORopddw_0Dp4jvZzhQOMCaek8-wO5Pirxqg_5SgSY98dwWETQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 12:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Sep 2023 12:36:52 GMT
9897076750151338913
s0.2mdn.net/simgad/ Frame 9B07 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9897076750151338913
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
c263627f113003299208aa650333d2df61ddcd87bfd74368f6469569bb35d9d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 21:53:29 GMT
x-content-type-options
nosniff
age
171873
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19691
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 08:41:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Sep 2023 21:53:29 GMT
img;adv=11227250725080;ec=11227250727974;adv.a=5924564;c.a=27546839;s.a=3252202;p.a=333049277;a.a=524935766;cache=2074553155;
ad.atdmt.com/i/ Frame 9B07 		0
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=731933168054561&bg=!aWqlai7NAAYIxsuQKMY7ACkAdvg8WvaHaBF6e0GOaByYtLr8VFrcEGQRreEb2O-HIVc9ElD4gC8_rwIAAABYUgAAAAJoAQcKAFfi-zp6QHwHl-kF7eU5UjWFD-Pr0vEsZGZULpfiEXo3tuqPkLS5ScV_AhuVN-dLI0LvBX5Hvs9IBn_wM29oTwptiXPwyTnLZNWHKMBjunvc8VrOtcx_IWyZAqGn-gB4H288WyOiydeS6tDMzew0Zf7dxlSB_QQ4PMeEko81FTjVCH7-d9GgBztUB6HM2bwe8j6AySR6A1wTqDPE-SwGDZUNwR0bbEa1Ae1rX-25hbWWO0Ae-TPGvGDQYk9uxEVCBtnsPtg4NQZTBFQzRKGP3PeHgPBfQ64JzJukz5flRhCTSChu0_QjXKjgtRIbJiakZaD8EnLVFx2G0Pki2mhWNblEtQUsAUfinJK9pajtfEqcDyWUAwKB7SBZXez_M6PZ-wmvbji0y3gXuoPY8uDWwkCGmMAs4ovpYBqYlKCuWfXqyAD7BJOsiMaJaZdL-pBjnxMs0pa_dlDTStXDac-1ETfm8csOnkq_13-CmxWX3h8G2ke2MaNmXXQGNRq5VZ1VazJl9eYha7FKTmxzVns4Odj_sofcX0tvsTS-uvOSd6tOO3K-Mjh3EfR-qZHL1Wzlpv5LrYy_GRqXN7iL1Pk0mPzukD6pZAm5ZZts4yZimm0bc7BCRpTd8PON7SPzJzmgfYA0qKeCbm7kfu2IL-ZoG2ko0uZ6W912Cm3fP0KWMNAr6QzlP4LhrCDW1LJ0eqffqYuqnoSKp0igSnJJRE4HeinKQn0vOospAonsLLNvXqiniSNzEGLp9JB1Z10Partkv15F3rfr41asuRb5pa8rs0ClxoHz-T8ltl-HYf_IOKVlhlkKpelYdu_AuYmYAeOf0vqKjFf4rWQ6x_u-cT1oAk-TrOoSgLm__Juh2SUT2wON2_LtmTVx4hP-sROZNkcKFT_9iSJxCZPdQK7ovOmx5XEhQ5TD8Pr3OUNtm-CN-N1N57psYc9LmVj9aEh5-53ob0TogtyqM2v84ncRwEuGizEueb8IWJP0Z8_xcnzE5EudU_LVdId8_Fv-RHCj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CA4E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 12:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Sep 2023 12:36:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B377 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
56170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Fri, 30 Sep 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CA4E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4a3324b9281bf50b9a4e59319915def6569280b8ab9c86dcf9e6b177e1cf8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8F5D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
475269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 09:36:53 GMT
expires
Sun, 24 Sep 2023 09:36:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5F04 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
56170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Fri, 30 Sep 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9B07 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
284b1add8ad16217b2da47594ce84375fc02575daf67009d6128ff6c0d864ff5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 66CA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
475269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 09:36:53 GMT
expires
Sun, 24 Sep 2023 09:36:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame B377
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEHwPVaoheassV8JRxTsmdSI&google_cver=1&google_push=AZmPxg94mYF5BsfiQwguX3sIp4-NRzrLmSVfO55lkKsJ75GObsVMRsPl6-qywVOa4HGH8L_LG1JzHvo_Ee73aikNU...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEHwPVaoheassV8JRxTsmdSI&google_cver=1&google_push=AZmPxg94mYF5BsfiQwguX3sIp4-NRzrLmSVfO55lkKsJ75GObsVMRsPl6-qywVOa4HGH8L_LG1JzHvo_Ee7...
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg94mYF5BsfiQwguX3sIp4-NRzrLmSVfO55lkKsJ75GObsVMRsPl6-qywVOa4HGH8L_LG1JzHvo_Ee73aikNUJAfmFW3PLFPt6jzAJMiGEm14-geuQ-iWlZpW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg94mYF5BsfiQwguX3sIp4-NRzrLmSVfO55lkKsJ75GObsVMRsPl6-qywVOa4HGH8L_LG1JzHvo_Ee73aikNUJAfmFW3PLFPt6jzAJMiGEm14-geuQ-iWlZpWK1Tsk_jH0MOP9n0G3fE2NW1I_ENlUU&google_hm=skwh2ByUSGKlAwwNwMFemg==
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg94mYF5BsfiQwguX3sIp4-NRzrLmSVfO55lkKsJ75GObsVMRsPl6-qywVOa4HGH8L_LG1JzHvo_Ee73aikNUJAfmFW3PLFPt6jzAJMiGEm14-geuQ-iWlZpWK1Tsk_jH0MOP9n0G3fE2NW1I_ENlUU&google_hm=skwh2ByUSGKlAwwNwMFemg==
Date
Thu, 29 Sep 2022 21:38:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B377
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDBq-AOLIiWp3Yy0zHd-uSk&google_cver=1&google_push=AZmPxg9HaIJmQC7EQQWHBBrRmn6NucE4OmfXcoycgvaSXRx721u6vGPlI-FIuMEJSlndgvh4cXJfcs_D...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDBq-AOLIiWp3Yy0zHd-uSk&google_cver=1&google_push=AZmPxg9HaIJmQC7EQQWHBBrRmn6NucE4OmfXcoycgvaSXRx721u6vGPlI-FIuMEJSlndgvh4cXJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIzODM2NTUwMzU2ODAyMDE4OQ&google_push=AZmPxg9HaIJmQC7EQQWHBBrRmn6NucE4OmfXcoycgvaSXRx721u6vGPlI-FIuMEJSlndgvh4cXJfcs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIzODM2NTUwMzU2ODAyMDE4OQ&google_push=AZmPxg9HaIJmQC7EQQWHBBrRmn6NucE4OmfXcoycgvaSXRx721u6vGPlI-FIuMEJSlndgvh4cXJfcs_DZctJPXglCs5fJvw9yUaKeU0B9bL6svKGnwFlCwTVL8W3Cfozihq6XeqnQzKdFuS4h8wtC9wNHPc
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIzODM2NTUwMzU2ODAyMDE4OQ&google_push=AZmPxg9HaIJmQC7EQQWHBBrRmn6NucE4OmfXcoycgvaSXRx721u6vGPlI-FIuMEJSlndgvh4cXJfcs_DZctJPXglCs5fJvw9yUaKeU0B9bL6svKGnwFlCwTVL8W3Cfozihq6XeqnQzKdFuS4h8wtC9wNHPc
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B377
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE-LhtYaTKqVV_bgPjhLL5E&google_cver=1&google_push=AZmPxg-VGa2JNJFtl5Pq9u_MYJe7-5_yvp6qWj7CYGjYJ9PCpy-AvA3CzvWwGNy_pO2vbO2QIUCTrcNIPwzyrdC...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ap3zJ-U_T9tKze5X5km0EWfR_hE&google_push=AZmPxg-VGa2JNJFtl5Pq9u_MYJe7-5_yvp6qWj7CYGjYJ9PCpy-AvA3CzvWwGNy_pO2vbO2QIUCTrcNIPwzyrd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ap3zJ-U_T9tKze5X5km0EWfR_hE&google_push=AZmPxg-VGa2JNJFtl5Pq9u_MYJe7-5_yvp6qWj7CYGjYJ9PCpy-AvA3CzvWwGNy_pO2vbO2QIUCTrcNIPwzyrdC8zGIYvUKScGFmqrHyHfW9CjNtFXurOrYOUizXqJCgzL9Lvx3h6LFcZT3sA-GgzmzYWDM
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ap3zJ-U_T9tKze5X5km0EWfR_hE&google_push=AZmPxg-VGa2JNJFtl5Pq9u_MYJe7-5_yvp6qWj7CYGjYJ9PCpy-AvA3CzvWwGNy_pO2vbO2QIUCTrcNIPwzyrdC8zGIYvUKScGFmqrHyHfW9CjNtFXurOrYOUizXqJCgzL9Lvx3h6LFcZT3sA-GgzmzYWDM
Date
Thu, 29 Sep 2022 21:38:03 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame B377
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJ02JMuz9roZUC8jSA3xhY4&google_cver=1&google_push=AZmPxg8v2n5Wf-jXw0WLMp3CVJ0BJEm842jC5laM5NZKpojaIF2zXmndgtm01iIJ2HcgPccbg-gJQ_MzMyCs55zC0G...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTc0MDk1NzI5MzA2MzU1NzE1NTM&google_push=AZmPxg8v2n5Wf-jXw0WLMp3CVJ0BJEm842jC5laM5NZKpojaIF2zXmndgtm01iIJ2HcgPccbg-gJQ_MzMyCs55zC0Ggu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTc0MDk1NzI5MzA2MzU1NzE1NTM&google_push=AZmPxg8v2n5Wf-jXw0WLMp3CVJ0BJEm842jC5laM5NZKpojaIF2zXmndgtm01iIJ2HcgPccbg-gJQ_MzMyCs55zC0GguSt8Oar-yaRr5EnR-XDE4YBt4x9BGafqv5Y4YO5JG1DBfZSCiR_hzPKaHrZTkVA
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTc0MDk1NzI5MzA2MzU1NzE1NTM&google_push=AZmPxg8v2n5Wf-jXw0WLMp3CVJ0BJEm842jC5laM5NZKpojaIF2zXmndgtm01iIJ2HcgPccbg-gJQ_MzMyCs55zC0GguSt8Oar-yaRr5EnR-XDE4YBt4x9BGafqv5Y4YO5JG1DBfZSCiR_hzPKaHrZTkVA
Date
Thu, 29 Sep 2022 21:38:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B377
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKmIzxc8i2CwT-T4HAzH0H4&google_cver=1&google_push=AZmPxg-So-8vTJfUhWMBj0--HI54nfDgQzjnWlNYLCeyhIPAXBbVlEMS-63yXzzHrEZaE3CJs6Fuu-89e_lJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg4svZNUMo_lm-bFRLiY-oRi9gKuhSik-eQ&google_push=AZmPxg-So-8vTJfUhWMBj0--HI54nfDgQzjnWlNYLCeyhIPAXBbVlEMS-63yXzzHrEZaE3CJs6Fuu-89e_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg4svZNUMo_lm-bFRLiY-oRi9gKuhSik-eQ&google_push=AZmPxg-So-8vTJfUhWMBj0--HI54nfDgQzjnWlNYLCeyhIPAXBbVlEMS-63yXzzHrEZaE3CJs6Fuu-89e_lJMH-3jMorVmn8_wrl7QbbpIME2K97xOT1BUibhT22AW2lqJ_DtdffripPqWbfHMDaZTOEA88
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg4svZNUMo_lm-bFRLiY-oRi9gKuhSik-eQ&google_push=AZmPxg-So-8vTJfUhWMBj0--HI54nfDgQzjnWlNYLCeyhIPAXBbVlEMS-63yXzzHrEZaE3CJs6Fuu-89e_lJMH-3jMorVmn8_wrl7QbbpIME2K97xOT1BUibhT22AW2lqJ_DtdffripPqWbfHMDaZTOEA88
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame B377
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEChkNonPl93JqRWhjJc2VMc&google_cver=1&google_push=AZmPxg9_kZ-myah_LteT5Ph8jPiggBAnEdX_md5mNoqYdSUiVT2XXmyV9gku7fNu7cgY5_iDpg4ExgIBJDssTi4...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9_kZ-myah_LteT5Ph8jPiggBAnEdX_md5mNoqYdSUiVT2XXmyV9gku7fNu7cgY5_iDpg4ExgIBJDssTi4auZG_J9_Ys3ZK_tndQqRFgcdx6JAXEMt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9_kZ-myah_LteT5Ph8jPiggBAnEdX_md5mNoqYdSUiVT2XXmyV9gku7fNu7cgY5_iDpg4ExgIBJDssTi4auZG_J9_Ys3ZK_tndQqRFgcdx6JAXEMtpN2SVUAizesjatHyvsTrRIXb6PkarHzbSSSU&google_hm=ZTdmMGIwZDYtOGQyNi0zZmVjLTgxMzQtODU2NzEwNzYzNjli
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9_kZ-myah_LteT5Ph8jPiggBAnEdX_md5mNoqYdSUiVT2XXmyV9gku7fNu7cgY5_iDpg4ExgIBJDssTi4auZG_J9_Ys3ZK_tndQqRFgcdx6JAXEMtpN2SVUAizesjatHyvsTrRIXb6PkarHzbSSSU&google_hm=ZTdmMGIwZDYtOGQyNi0zZmVjLTgxMzQtODU2NzEwNzYzNjli
date
Thu, 29 Sep 2022 21:38:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
1.gif
id5-sync.com/c/495/0/0/ Frame B377
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEBBpbQ9hujMXHfEsk_KD1Jc&google_cver=1&google_push=AZmPxg8PevrAJTCtpJYBFzyDsQFUPzOLNdr9JvJZlt2crPo-6LO5CyeK_MOBjQWViRnrMA9zKyxn4FVuu969Q98lcn8ZWgGhF3HvBCQ7...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg8PevrAJTCtpJYBFzyDsQFUPzOLNdr9JvJZlt2crPo-...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
0
0
attr
cm.g.doubleclick.net/pixel/ Frame B377 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ir34osAEijrpF84HhDGZlZyg5F5Koui0y4QywFVJnhRV6UGtWMYh5sUyM2-vlLSdoM6fcGCXk
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 8F5D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 23:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 23:46:32 GMT
pixel
cm.g.doubleclick.net/ Frame 5F04
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHFLk0db-ZNbFyItZSwBiFc&google_cver=1&google_push=AZmPxg-J_eY3tQQI_r9W5gWRCRYhvkzYmnOpXZP5bhBGmDY_d8XTk7C5iUKuHSqAMLR4RWjh_XK32Eyt9910VtBD3h...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEHFLk0db-ZNbFyItZSwBiFc&google_cver=1&google_push=AZmPxg-J_eY3tQQI_r9W5gWRCRYhvkzYmnOpXZP5bhBGmDY_d8XTk7C5iUKuHSqAMLR4RWjh_XK32Eyt9910VtBD3h...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MmVjMTlhNTctNWUwYi00YTllLWEyM2QtNWQwODE0YzQ1NWUz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MmVjMTlhNTctNWUwYi00YTllLWEyM2QtNWQwODE0YzQ1NWUz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MmVjMTlhNTctNWUwYi00YTllLWEyM2QtNWQwODE0YzQ1NWUz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
sync
gdn.socdm.com/rtb/ Frame 5F04
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEDG5vtWY22wYS1CzdMNcBpA&google_cver=1&google_push=AZmPxg960fprqwOHxe_Uil6mj4aB0sYUwDfXkLB5_tIYlgN7AmHI2I_Mrb_K4NGSD31y0...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXpZUU9zQ284WVFBQUVsVHZ5NEFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDG5vtWY22wYS1CzdMNcBpA&google_cver=1
43 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDG5vtWY22wYS1CzdMNcBpA&google_cver=1
Protocol
HTTP/1.1
Server
124.146.153.150 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:38:03 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEDG5vtWY22wYS1CzdMNcBpA&google_cver=1","cluster_id":61,"gdpr":false,"ipv4":"103.209.254.17","key":"YzYQOsCo8YQAAElTvy4AAAAA","privacy_sensitive":false,"uid":"YzYQOsCo8YQAAElTvy4AAAAA","upstream_id":"a-ad40089"}
X-SO-Key
YzYQOsCo8YQAAElTvy4AAAAA
X-SO-Upstream-ID
a-ad40089
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40089.dc2p.scaleout.jp
X-SO-UID
YzYQOsCo8YQAAElTvy4AAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
103.209.254.17
X-SO-Cluster-ID
61
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
1
X-SO-LB-Hostname
m-ng15.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDG5vtWY22wYS1CzdMNcBpA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 5F04
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHwPVaoheassV8JRxTsmdSI&google_cver=1&google_push=AZmPxg-nFxP9wkdXRzDPY85ukccBWqscmaQMPJCeP4-ulHtfllf_Lj_pTLcUykmPRBvZtWgXvwvds7bpA6ZZ3Iux9SFi...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHwPVaoheassV8JRxTsmdSI&google_cver=1&google_push=AZmPxg-nFxP9wkdXRzDPY85ukccBWqscmaQMPJCeP4-ulHtfllf_Lj_pTLcUykmPRBvZtWgXvwvds7bpA6ZZ3I...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b24c21d8-1c94-4862-a503-0c0dc0c15e9a&ssp=google&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525897493458701898&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525897493458701898&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
0
0
asr
aid.send.microad.jp/g/ Frame 5F04 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEFftXjtnMKpq5FN-jiTG7cw&google_cver=1&google_push=AZmPxg_g0wjifv1Ivp7_m1nuM1XTBiTB_nhtjkMh96u2hFyKSz3oTV47EqDcIXqbnCt_LJf_n3qqLgnQP5AkZXpvbMSbhE94gFIK6AQUX7s83MlDBcV3zr70XtX_XrHtoAlGKC1KnCWJ0zhTmMZtuKSib3s
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.233.84.1 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:38:02 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 5F04
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDBq-AOLIiWp3Yy0zHd-uSk&google_cver=1&google_push=AZmPxg-F75g0gajtUB7_eEHTwwPejiujip42VTqgrVVUcBLXZFgW0nWn729mP46cE6U6DV-C2eQa2juM...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDBq-AOLIiWp3Yy0zHd-uSk&google_cver=1&google_push=AZmPxg-F75g0gajtUB7_eEHTwwPejiujip42VTqgrVVUcBLXZFgW0nWn729mP46cE6U6DV-C2eQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5NzMzNTQwMTA4Njk3MzQ4OQ&google_push=AZmPxg-F75g0gajtUB7_eEHTwwPejiujip42VTqgrVVUcBLXZFgW0nWn729mP46cE6U6DV-C2eQa2j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5NzMzNTQwMTA4Njk3MzQ4OQ&google_push=AZmPxg-F75g0gajtUB7_eEHTwwPejiujip42VTqgrVVUcBLXZFgW0nWn729mP46cE6U6DV-C2eQa2juM_wMUEh35-CIms8sjnfyKpM3eUCSItwciN12D8jJh0S3rvNHaoRJ5oLemToPbhKSAM9hLGI_omOY
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5NzMzNTQwMTA4Njk3MzQ4OQ&google_push=AZmPxg-F75g0gajtUB7_eEHTwwPejiujip42VTqgrVVUcBLXZFgW0nWn729mP46cE6U6DV-C2eQa2juM_wMUEh35-CIms8sjnfyKpM3eUCSItwciN12D8jJh0S3rvNHaoRJ5oLemToPbhKSAM9hLGI_omOY
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5F04
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESELIu0_aNP8bD57GnjJgDWpU&google_cver=1&google_push=AZmPxg-ruWFqGbsz8ujus816t7QFafdpz_uFznIMUF_K70T46_ib0WckJ1gj4nkaESVdTdzxj8ffk-nF2Ar5Tf9KTRjFl9eS_qIj_...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-ruWFqGbsz8ujus816t7QFafdpz_uFznIMUF_K70T46_ib0WckJ1gj4nkaESVdTdzxj8ffk-nF2Ar5Tf9KTRjFl9eS_qIj_Zq_ncQliZ_0UUicnW6EAvzbgyvCiDe5Sm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-ruWFqGbsz8ujus816t7QFafdpz_uFznIMUF_K70T46_ib0WckJ1gj4nkaESVdTdzxj8ffk-nF2Ar5Tf9KTRjFl9eS_qIj_Zq_ncQliZ_0UUicnW6EAvzbgyvCiDe5SmNuLY3Ln15d55JOeGQk22c&google_hm=svzCLR3qy-oSi-7LQOu_2g==
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-ruWFqGbsz8ujus816t7QFafdpz_uFznIMUF_K70T46_ib0WckJ1gj4nkaESVdTdzxj8ffk-nF2Ar5Tf9KTRjFl9eS_qIj_Zq_ncQliZ_0UUicnW6EAvzbgyvCiDe5SmNuLY3Ln15d55JOeGQk22c&google_hm=svzCLR3qy-oSi-7LQOu_2g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
9d5ji632c5s6ra6j21pn09mtsnkcel3j
pixel
cm.g.doubleclick.net/ Frame 5F04
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEXIIfrnF4uw_SmcWofdoeM&google_cver=1&google_push=AZmPxg-7wrSE_ltDxQEoSZmlE8loj6BEdYaaWRHd77qnMwunEkGkVNm7LDq1EQpSAkeRuu5CNkoe0yXwA8dwl-6Pv...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NmZmNzNkY2QtMThmMy00ZDk2LWIyMjctMjhhZWFjYzdjNDgx&google_push=AZmPxg-7wrSE_ltDxQEoSZmlE8loj6BEdYaaWRHd77qnMwunEkGkVNm7LDq1EQpS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NmZmNzNkY2QtMThmMy00ZDk2LWIyMjctMjhhZWFjYzdjNDgx&google_push=AZmPxg-7wrSE_ltDxQEoSZmlE8loj6BEdYaaWRHd77qnMwunEkGkVNm7LDq1EQpSAkeRuu5CNkoe0yXwA8dwl-6PvrVCkQVRbhUl8r8JJ-VYnn_lIEeHGycl0ARw2SDwi_ly0kL6W1fDAbNeylZYnf5x5Tk0
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NmZmNzNkY2QtMThmMy00ZDk2LWIyMjctMjhhZWFjYzdjNDgx&google_push=AZmPxg-7wrSE_ltDxQEoSZmlE8loj6BEdYaaWRHd77qnMwunEkGkVNm7LDq1EQpSAkeRuu5CNkoe0yXwA8dwl-6PvrVCkQVRbhUl8r8JJ-VYnn_lIEeHGycl0ARw2SDwi_ly0kL6W1fDAbNeylZYnf5x5Tk0
date
Thu, 29 Sep 2022 21:38:02 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 5F04 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSwJccnwBg_x_HxTQs_9OPpFIZyQCjHyBdEQW2DLzRuKxj0JOR20oSz1vxCPxmVH0mf0KlfQ
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 9B07 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5FKVF-eFauf6UfwDM9vdKTkLfEO5dUuMCUyycwIgOVOqrB-WA9T1Y63aTbipR78aTFdjqkDkS1IRyrHf4D2Dd4BpWgWDRbxc13A2SNAr0TT2ZKFmJ4r1w4Odt0ueDwgnig57mhg6CVfOzl8Q0_QEr9d1n4eRf-YDSIA7ywNKr0XMuI6qw_UjYnAYgRTYsX0wBcbvU41ilEy9z99gSYjv-IU1R-bsI3WplMqag0eTkdSACkglOPrz0sGDXjeHbZSfvBlgJJBgrwzVTVyZLHxGbMFqWFZdDN6WDXooBPWN5y2ZkUyqsnAEcpie6lIxU_AacBL7e7cpNyXiffesdYWaO_5m0Uw5cdsOWgNl89XqlIBvnc4LSLynHVlkYgLbnDWy5bFEEDs-CtELacuRtT2ot54Y403DyFggs4j3k5uKwmogn9EhZN3AOrtdZ6fwo0acPT7cm1sZtX7BET_K4HTs914zgMf-db7kKMbFETjrHLQn9kYgznDrellsQJP-WZsYhbi1He3y4JnK_l3W-PyBT1t4Ew0glghYuTbbh2grc91hsa8KnPAu9Yqr3beO1irRNgRcxduKCxyAMYG365jjgrZ1FaYgxnpfi6hB91LKabUkjgElgV8aWJ98s6yHEQ_uDWc6uqkqFFB_RcejUHEqRi7pKaVre0mBJck3EwOMWDAk772ZJk2DrJyfHzx6_MHXAgJOX0S4pqhQQdOYkXRnYmvO8SMuhcA_ynMbPfJnHnaMRIvLE2wo2CWOm-OP-REhs6h7cycovtgYBYG7vrj50AmOwPEMjtEtcjSTNcSMYbDJgFgG38kz-vI7tRtQTOvwDsbZFJ3S5q1kGNThABGHBHzAt3mVzpSG-Y_kwkt3Jx0c0xUIP0j6BT6T9UYlA0TqAGiGICZRY3Z7rfzqVYWxGBZEv7r_9JFAwyYhQ-dyv8R79GjaYG6Zh9jKUwxGbFAMZiAOb8rAu_pvauWNQR7oPvZ6lIZS5ulGjzwRejgjoL3y9RAfAR3INa4dSsvizGd_4x2tmuU_ld2FAd1Jv_rjuldaQRXawYL81geXET9PwUTgQdBCGurEG80koY-ZpgNsKgRUjnrhVZMOM_ggbT-3vJ9odjneAjiqZ3QDmkW4MOHcl2SBRWmUoch3_HKRJ7H1KbEMIUvVZ1gKFfFRI2ls6pI_6cznfYwNKChJ7HpIv17O6L63vbPTKgtGL66eE8NEz9xxP9vW9NsTiW4gUnCOGIeAh_8rTnRb2ePdgFw&sai=AMfl-YSxnuPFEglXbbm3Bfy3KOg6dwaNsRnfXZMQfIyBtR0P1oSCk6fukFlbzAB2dwqjRYGqfU58Itr6RGVMusM2L9S0RyOqStFDt0aDb3QCJ9cbpFaATfI76DNrs2Gb7LMbSVKlS1Y0OUkIbWQDg6ovh5SSp_647tZpxOXOO9BkT8ATFEHby3D0IO92b689J2HKi0CgfTlczUwA7V-MBzJYY6dR&sig=Cg0ArKJSzAEqODokyO0oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=504&vt=11&dtpt=503&dett=2&cstd=0&cisv=r20220927.98927&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfDs8m1DMx9q0QkzS-NlAEl1MHfiK0_16djOLIdNVoXvbRQgyjkHrQYZ7WN4wgavYy2FliaiYx8OKbM-hupCILtB-h0A&cry=1&dbm_d=AKAmf-BizZG36aEvJ0fJrax8nXRLfxULv8Y3ygWs89XGFVCDpWxTtYHBTSbs8x8g5yE3duBqGaBrd-6dgAOxHfsiwDlBYx1EkBHC-rXRAj1wvAW-3DLlZvLw9xeDAL9ABjKJ46-rFMiQNp7zHuB4a1CU_lxlRx8GBgaW4lI6ZVdZijt-px1YgogP803r67tLP5C-sPdfO5YlrCy4mysF-1uJ2wEqipd6aBaTSjbTm5TvK_9dtZio7Ca79GC2Ph05TDDgWBMSY3jOhFQzeeZq5EUONHrFfPa0NO7bo_1lImP0D36ClCcdohGX7fr9Rk9aWzu6ZcGD3ZzU20aVz_xaNOK5QPmlCVpISyhL60TPabgYHtk6gXtjZmIBLxj3fwtXyuD0RrXygdUcVIUm-ISkrKG54aK5SCcYn8dtk09kFnu5R3Iiz7VV2Buh9-koghM5lQMA6kNEmoMkwk_-LG_1_fUV79AaAtMx7ISZlMCnuqxStHC6efEi7KUXAwCmK77hgH3WQQlbVuqWV-I_QHPaTve3qod_K3hnB_kmAlbWjlwLLbTwkXPkTnEOD5En-fr75I1axs6GNub_1e5QwFyQHyfOL06PhhHvWO7Jt7Wv3s8Ko3_4M-vbHr2dt52cH96VQTRCWqZRLfpbOXNF7yafcROXBngVf29CZZfYxDY_jXPCbGH4gZ_PrMjpi3t3nBDY1-Qo4Xf1omSzhOpWUlVk_QTmgGpEa2zvogYKLfmh9vU6KsD-UYxs6nswcIovtK4SQWlMcfrN4Rss_ZZ3yDSIUrUxmlZQEIpHFxQurXZy7G3ryWRSln3X-cufKTJ_7XVq_FOJ32dU-fqWilBMFl7wsZdQtKOvK2L5YgeQFRkIISFLi88XLVVqbeZkER5sYoUsNbkoRAY5bVzUsGeMH-yxPRBkxV9kiMF9DYOe3gD_qy9eSRGxrC_pukDl3Tx9QbXjKIjRhz-gCuCUI88qbTmHI8xp3SqorDUFV7mdZd2Ez3KU5C08lEVi5pu-q48DXiP3oSlz8qCygik-q-Z1g54odcw8_dE8xfkDS3vAIKWwou6nfcmACLCYHxKgrP0EEFNHkhoJK7_OuN1Oi_QOnKo-4asmjwaiGUtgRrl0QVXBG7mYl644-9rNMBW5ATcrU8z_TzqSnV2wTxyNpSVGiuUbdpyYsyiOM2pymFz-9GpKWIN39REFI9oHHxnB0jWX8wWFM0shEBi_T5Qv-O0-ZUZFkNEuIXDLyuY9pNbh5FhTVuC-2UBpZyVu2TrLLw5sQz6CZoqdq-W212VhYjqTmqSeHZcvZZAWAVBa8vBctjOASCCD6xv31sOwdUirhmuqd6M2k7we0G8vZ1ZggK0hBSN6OaWdKty6-JQl_WuJTfWcMauUqpdnU_IlDmKykSNOPWgi_lkorlkl0CL__eY3kkwm1rSNsJcGPe95gnheGJfWp3dpiuScZE9mQe67SZ3MZWdXnLFoGwzduGLqC0F8i1e0I5EgHDTrffjV9xXp2hN-E6z18wHfOg1y218aqwJm4i4eCs7au3PvYTHVU4_YJlxc88eDY8CwbcnB0aZX-XFS_MPGdwxWuO5Hm8ZyIn1UZVEa65B6dJqZeDXgRUmBed1bSFoPh5NqvDPWnHJciw7neqTmG0YJuAHfeuL4BPiNvTXgfKJAuqFsSu9XV1Vd5BwagVVaQy8PhTA--evgltjPJQWU2WEprzBtUYX2-y01ixtv1kQOzGI4wIBNOSUoKdVCnP-6W0TPiKhTNa88hZQEJWud07ccvlqGjIaf0vyD84Kc780wrPbBufm1Xdl0SvvYhIuL1UX_7emoHqFmhnqSsCbspBMWV-PqGn3MPX8LJpgRNII5Au017wtvT76_WXfMPQioPc_Ozm6t3uEKHzEbUpw0IaDq_gYnENoPI7uDJFCVY-aR0fM2KRPRhdGPcK5VVnuY_lEpV0NA_7WgUq8_S4sLZEAM-33F7gZVUbybgyLxuuLKNvdprSwb6J3-rjI_ZeiDrWxoqp2dl7rRg2_qhZiMkv3TAdto7FPHHRkjh2Y1golV0aZsh2ZpyhNvlL7dUnOaM-VVbrFfiEnS1DrSPt0rCGAuo9P7r-Xa_lPdUT4ZpNgM9BkWK03OyLVr6bTm-anJxYrmp6niLqP-z7D-DVeVAUK-Sg0a_tec6Q495Tyl_v1NkA4EqYdtexs47EahS6K_PWrs4tOa8SaruYHfUlFRW-gXQm56Zd92UDd9VZZOq-x8UAZC6PzBcf_SJMVYv9T-zYVWSGEKhUcTDvMPA8aOh4OoXQEUd9AxoC0ggKrXdrI47_QLqW5KIxbl-vBbdLd7CC-iPjHFdKD4cm3mEvF0MgGKwa2XGjBbyEX-nK-f0zl39E-WvTcLmkxhN0NNbYw7Gm2-Fk4lHoWNIwvo4pgCPoFcMVtx7XJ6PfYujY6cC2aKvmgnrCq-gdueCkyUTpo8EyjYgKSifInkG5pVcGpP3eq7mDcXzPQENI-9W9WDESeLpDTAwFycfrUJIi0bneFS-JFiIYtvFBewqILNu7wxIp9aSqZT6PCbHU1QwXh-V64vp8kXwBVI_ZCs7CTKfsiv8Ro-LR8fep5Cxe6s2yuIcR3zLwY27g2rheA30JIv02OUtNMC_dzEDafa6WgvdEnFCB1n8taznyMRafR_jENebW9KnSFOs7s4eL9GpJxtfYUATQyUrJFpAUc2fbzBCsWXFcM5SfD4T7KD8PRKVg4SBXeLjLOzPhPEDZmfQweMu3iyaV8F5WodlkhxrwLwNTnGGUVhzTvdlJjjmahyBNJ0kS7nufJNFJCRh99GCqy0mm4FFdmTwhKZ_ZW6gQAHolEKs3ls-OZREEs-8RBX4PO6vzcTfGbzxIorK2O4XrZPIbJP6A2YScktHo4Q5aXJ1gsRVXZyPwbkc8B4TFeZ6UC1W-i8ZwYYr2UnQRjLfYOZVXJYfwxqE4M3lIRUGt-3xtXmWTLRcdyXb4u8x9yrOI6nRtE-kY2EM6E9jwiUs_hz_5W2duXCLeu85_hrhFaozhA7ECuTdV4fM0q5do0FmBTcfPGFBc7nVf9aXA8bfuHiG6cllNg-_R7N4Y8cujE4omU7wC-JarF8bgFfSQ6WEh1aRzYsaLJMiPLJnbYf6UmS5Q7BwuV_Moj-7MZEpajKXCsHj-77tYCQj_yo9tbWQd890KpWcR5QxZA&cid=CAASJORopddw_0Dp4jvZzhQOMCaek8-wO5Pirxqg_5SgSY98dwWETQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 66CA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 23:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 23:46:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CA4E 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_WKcnQ9UdqA2sXQ815KS8DQQMElbH_HTgKf1oX0J4ekcDUcUzfSULduMzbmpRwWtQGg7At4znCPq8Uj_C1pHi3eB4re4qSkCMRvBjxnwai8_bfXlAM5jUoV0_7-q9GwlS_qClhPtgTjZyb8Lao3U6_xHDYMcc3ozcVWJbIFuDjZYzWcjHyvZWYGzxIAnjtSuHFTLUMmzU5RiwHKoEYYZ32tmyNnIb2JRKf-PVOJ58-rNhrZ8-qZpjFaOmz11z7bVbsnlGEWFZNOFgycHG9tp-V7Vgkag9u8zXRg0XNoIbwV-lvDJlxCNPr9T3Y0svRF0yP_HKQ1cLfSDz2ST2wgfSFKeQgVEjtFme6lCS7H8eRm0Yr0dSop3_bKHi-Qkb0fiWYaTgQTZ8H3z_NMhSlns6Wc_XDOWlarGHzALgGGey2d6unIIgyHsMbWai4zqlw5MsACbIjfMXFQGQAQlGXPAACIHWiYeZBfkUFHG0r2jq5hU21xREOAFvEeGas_OPN9JTGAK2QLPEFQBFROMM1DayaXiTngscvp4wZ23dPT70ty0Le1W8640n-Qe5cR2DEPO1UCCXyfTlV_2R5k0FnpVDIelh5z_r36z7FFAaokoAAxeUBYrfBZL7Q5Jn4oi7Dj5lQvBygM8v9ttECdre6FT-O_GVZarBLFRbAXMgw9NurNpUWmjkDxoImBwQXMH02L_m6AM9EiOqqAAS5_qr2hyAdMWLCFVlfPENjyZZNFSUIvMIvQ8QYx4TaIIpdHmajh1ZAJMTn7ThqpEZz7q9EBN0wgQZUrwJIG6QroMjVnniFdvPDyKCfTAxoViGsFDACI7nRApqdhOvoqUcmR71rxzYGxxq152GdROX2E6M4Zq22Bh7X0yNE5XjAJKHoitldrLIOa-BVRHgghYNqulPRiggDUNr_yjwt_1scLk9-8r2eXi6yRkNtFYNDJmWOYZF6_dliZ_6kPhr0RWVXuYxtoCc6ufmTpJYPzAhVA_r82FqdNFZFDJLJZ1-wL33JzatMujglUZh8MkAgLA1U-KLNnc4q7VWry0NXFl9igRkTJHznC-Etq_U4LN7pH-46h_2FiNPtbghn6xK4wzia_-Est5_bpZAJ2bU_tVPvCA713U53rP9kKB6BYQYttHKRfw3zC3nYHnfhuDSakJSSrRE_Uf6jVj6Qxj5njelAgYm8SY5bwQJFg&sai=AMfl-YTDIthIaFOXoFnbwHsiHJv9OcLFjv71L30bv_srSQbzZZg_k0-nM8KlWjK3DHuVGBv9hd822X8VZZCkJxDLcsStLl4p1aCN84LX8K9Q9pOxMdHwZg95eGa8wm4RsYj0_7x1w-wQ56HQ4q33zI-OKSPWT6P-MYkbKxXweMNFflFjRz3WfAVV8LJ_9So-GlVLuUo_apBvgdMSiqvld8mDV_Yx&sig=Cg0ArKJSzCxHLFE9wNHNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=666&cbvp=1&cisv=r20220927.72877&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 29 Sep 2022 21:38:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
2044084477896642726
s0.2mdn.net/simgad/ Frame CA4E 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2044084477896642726
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
0233e2cbb9b3d99b5d53978de12374d199c907b24a3eab9ab26cf1237ef72264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 22:32:25 GMT
x-content-type-options
nosniff
age
255937
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68264
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 01:41:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Sep 2023 22:32:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F5D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuYk2ORA2Y6P9KpS84t4P7amygAgAAAAAOAHgBAI&bg=!NzSlNHDNAAYIxsuQKMY7ACkAdvg8WltcK5my_RJas0V-euBdYllAZLArwp7sspKvLgeOBhKKFihVigIAAABXUgAAAAJoAQeZAuZTbGE2h5KCjAOAbkT1YJ8Y6s02ts9kzc65o3KLlbCzU_CfNh-LW1kSDbKax3fTKXQxwcXP2U4fIWfchVLChWHXsBSHuAY2GKTbLTRwrcyeo1ho3Wtw4EPCZMGxSFM9kxiuOgGdtgj7Ezb47DNPNORF49jMBiE523ilBd2qGwK7rS4dMgTukYB3lZz7_22vf5kPwsJlHsTQjyEu3rhuPrmp--tSV9o52zdt0603S3385uKOpV1d6Bz90ZaQ6Xn_xPykrL9m9pzrknnI9_HYDnUrzM0i8bH3BvsGP3iIHpvY9ISUatbDrfGBbpSebGp50RrpfNOiyvSXRtvTq4DX4OE89rnoBS5_rlQFfPzotu08Qty7LhYTvaJKFt0WHRdvarHjjafXoizkOiPVvHPBfQ2zpedK0AjJL-UUgK3lux2m8XGFrKlmUEiV9FHYkQlOo-WagAhD7QSkpMrJcEMNRR-BwrR5U9UXymOJvOQtbWnDf7towuiJQt-Vdh-t5HxXi9ZGIp0GfChqcFszvd8b22f18521JnNwfzHqn7EiQ0nvH15wvUWXgH6SZSl-bPfpD1aIt2Esu-HLMzjbJ0bz_ZbDk2R2Jc_WSlSn85hP4XHTf33txNuXgfX9W6yZ-HokzcbuKQmvErfheOe_fS9VTaM0jWRd-4jtIhuIml2zY2Zup8IvSJEVWHWfODYSnhcwqeUEwesqLGGZGvRIZLNrYZ7ZrVovZkAcd6asQMWs-2hSPpy6oTeO2EBJYvTE5P0-LygSGntxFhH3CRZO7khuSmr9tWa8aVdhoBROsL54AXS8tyTHRCxgNZ5V8Db5ai30Ulw0PtLqOiyjinTBes7uRLJaRpyhaF8EzpEbFZwTX5O_7l6ZK98wSkqEc_tvQHwm29xRcjnJNoTn2D3Dpq8ULPtCPAj5rKrEwZmPZ2ixXV14XB-H5SIgLOl_DlhZAAY8kOdm5TvAB12p0xo67FAgCYZLZyYqUASs
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66CA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQSRBORA2Y4b5KfunrtoP4oOP6AwAAAAAOAHgBAI&bg=!U1ClUBTNAAYIxsuQKMY7ACkAdvg8Wn1qPWk273UgVWiB5qnb3EmVk3_BbfbkHyp1zfi9lGtMvl5XMQIAAABKUgAAAAJoAQcKAGtVMM-haM5JgORUHOtYvxLDQYvVvDN-O-lEWc1bKf1D5E6M3E5y6r_FiVaHaBy2tlsHNVFB3pKLPrKwlTHzoen0ABLNVjUdQKBjgELqYi5RHcP3ND1oIEHKxH3BG556ihJiB5MTckNaxfXwY5kC9KsFZLqGoEAFdqXHfxoME7faAlzJH5GhBew7yEqFXat4Mo4S6z8WL6lNTJNqyaT0JvvRsmiYue18_l0y7RjMAgBK4QeuQOfOenQykFeg2h8eTWrbw1g53RLvtQB8ZGGjmBfR3UdSPT25Wd67mNHF0IkbRMom7FyX0Hv4KIJsi-A-ge1f1XiMmKAJFMGndsZAFwL3cbsoUP4cWwPUb8gcsh7aUu-xaKzcjaLMImPiSL6vLYxusIhXDV0Yde28tLEwZKGEDgiP2dACfEvwwxMQzbwWZQqZZwEpq333CD-v2_QWxs_suiS_Yj0V0-Cu6yw_fydLhyhSAyR4OqZqxc2arR_y999kIcStLW67lPk8i1wl5rjZlVnyJ-GJbKf_7SjiCzT1X9Ls8Pwg9aCykY8HEEg2-swnUm5XjtNFc2JlSOBGT9nbQueeigpKlWwg90sbh8GFJZXLxcAQvJsfxl669f5KpKmqTmaKvlssArOzNxme_3driq6ntZRM-9zJfB32KEYKzyo_O_kyhuO3m3dfBqiEeY7yl7y-IFJlxXxQQ0UUBZ_N7irlfIm-lFNJPSMs_t4ZsCsuY3VbvIxdsXGY56Km-yippjn3dHXwq0hf-Ump67dBS3J6zcIB8b5xuFo_fkuuI1HBEhS_cICYCH8DzmM3cmDfZ9kGnHlY_OTxNaqmmz-gYvV7XcpxTTAmnZ-LRVCUWOX1O0mX_UqXB7SNPPff7RAg3Appq5DMoJsgxl5lwSgXP97VrKDw51WG-MYFpfM7hapaLFt60aTPyJjR2plwH6kTGHUr4dW7zyWIk5I9pHBYiZeskfE_3vO3W4DCUiUCG9gPbMdMD0M2tFrgiUKTOm4MR5mp3HTco4XwOZ67WxvirendRRULyDnGv6Jj-sHfRcweqgJOgdYRiQXbW_X_LWoTx1NV9xxZkxY2oGmJEqCo7iP9Dx3laAN40rifMY_wh4ES0Q0C-R74K5TCgpplqj9NrdaAGISFnBzDk4_o0YvOrQ
Requested by
Host: c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
URL: https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 71D8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCoGwzAdEO0DVXhMiXzxIMCBdn14KZwooyXV8WoB9NqNKR8kkwVof2IGyzJ15E48em6dHtDSeKcovc2_KpdUpnnfBEUjtRLAD0F6stary01LATQ0TOJCUHRO4hZKOnPgKfDzI&sai=AMfl-YQ-3evEV5I7njiblHc9K2LJkpJAZ1eM9ltAp2VaJUoRbq02lTAziiO1wiTwA6ai_5lrnJyqj6Tb4Vs0NmcvZa6dybzJH8lToazVOtv5jHWmWbv4tGeWswBpQhhC-w&sig=Cg0ArKJSzGryS-M9iYU3EAE&cid=CAASFeRoA0xeBnxHffDXNbJVFU6e8ICeHQ&id=ampim&o=5,300&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=623&tls=1623&g=100&h=100&tt=1623&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B07 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.1083,e2e.2465,fs.603,reqs.904,ress.1083,rese.1092&srt=480&e=&id=csi_pagead&gqid=&qqid=CIXwkIj7uvoCFfuHZgIdmoYGig&rt=lb.605,ol.1382
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CA4E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_WKcnQ9UdqA2sXQ815KS8DQQMElbH_HTgKf1oX0J4ekcDUcUzfSULduMzbmpRwWtQGg7At4znCPq8Uj_C1pHi3eB4re4qSkCMRvBjxnwai8_bfXlAM5jUoV0_7-q9GwlS_qClhPtgTjZyb8Lao3U6_xHDYMcc3ozcVWJbIFuDjZYzWcjHyvZWYGzxIAnjtSuHFTLUMmzU5RiwHKoEYYZ32tmyNnIb2JRKf-PVOJ58-rNhrZ8-qZpjFaOmz11z7bVbsnlGEWFZNOFgycHG9tp-V7Vgkag9u8zXRg0XNoIbwV-lvDJlxCNPr9T3Y0svRF0yP_HKQ1cLfSDz2ST2wgfSFKeQgVEjtFme6lCS7H8eRm0Yr0dSop3_bKHi-Qkb0fiWYaTgQTZ8H3z_NMhSlns6Wc_XDOWlarGHzALgGGey2d6unIIgyHsMbWai4zqlw5MsACbIjfMXFQGQAQlGXPAACIHWiYeZBfkUFHG0r2jq5hU21xREOAFvEeGas_OPN9JTGAK2QLPEFQBFROMM1DayaXiTngscvp4wZ23dPT70ty0Le1W8640n-Qe5cR2DEPO1UCCXyfTlV_2R5k0FnpVDIelh5z_r36z7FFAaokoAAxeUBYrfBZL7Q5Jn4oi7Dj5lQvBygM8v9ttECdre6FT-O_GVZarBLFRbAXMgw9NurNpUWmjkDxoImBwQXMH02L_m6AM9EiOqqAAS5_qr2hyAdMWLCFVlfPENjyZZNFSUIvMIvQ8QYx4TaIIpdHmajh1ZAJMTn7ThqpEZz7q9EBN0wgQZUrwJIG6QroMjVnniFdvPDyKCfTAxoViGsFDACI7nRApqdhOvoqUcmR71rxzYGxxq152GdROX2E6M4Zq22Bh7X0yNE5XjAJKHoitldrLIOa-BVRHgghYNqulPRiggDUNr_yjwt_1scLk9-8r2eXi6yRkNtFYNDJmWOYZF6_dliZ_6kPhr0RWVXuYxtoCc6ufmTpJYPzAhVA_r82FqdNFZFDJLJZ1-wL33JzatMujglUZh8MkAgLA1U-KLNnc4q7VWry0NXFl9igRkTJHznC-Etq_U4LN7pH-46h_2FiNPtbghn6xK4wzia_-Est5_bpZAJ2bU_tVPvCA713U53rP9kKB6BYQYttHKRfw3zC3nYHnfhuDSakJSSrRE_Uf6jVj6Qxj5njelAgYm8SY5bwQJFg&sai=AMfl-YTDIthIaFOXoFnbwHsiHJv9OcLFjv71L30bv_srSQbzZZg_k0-nM8KlWjK3DHuVGBv9hd822X8VZZCkJxDLcsStLl4p1aCN84LX8K9Q9pOxMdHwZg95eGa8wm4RsYj0_7x1w-wQ56HQ4q33zI-OKSPWT6P-MYkbKxXweMNFflFjRz3WfAVV8LJ_9So-GlVLuUo_apBvgdMSiqvld8mDV_Yx&sig=Cg0ArKJSzCxHLFE9wNHNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1140&vt=11&dtpt=474&dett=3&cstd=1140&cisv=r20220927.72877&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
300x250.html
s0.2mdn.net/sadbundle/16707801479196189636/ Frame A4B3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16707801479196189636/300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
ebeb92a658184a4245e7e46aa96c43011d1a111ecad54fd7d5af8a115d39c070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
244399
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2396
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 01:44:44 GMT
expires
Wed, 27 Sep 2023 01:44:44 GMT
last-modified
Wed, 21 Sep 2022 01:41:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA4E 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.1072,e2e.2481,fs.599,reqs.901,ress.1072,rese.1076&srt=473&e=&id=csi_pagead&gqid=&qqid=CITwkIj7uvoCFfuHZgIdmoYGig&rt=lb.570,ol.1409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CA4E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvp4UJHmhujZqAWqe3Faj0kT39QlyQt9U1PKEnflT4QZ9560aB4iKui68Q2KHg3sE0xM08kV-uYRCDxFgsOSUFoQnldrYzzFc4mF1wIhWqbbcFig9zGuYUR9g&sai=AMfl-YSWIQ8QZ7DFFm046QldWg65mm4Ashxo_1sr7004JXrOiEh8_H1CaojKjhKbHjOrXOSTzvSrk9CqiR1HWiacO_L56Yakpb8097-uJ0A3DBP1IlPJcfHahLMNqYRb9A&sig=Cg0ArKJSzPVvZw1G1zLmEAE&cid=CAASJORoyJxbzT4Hsp2x6YnoymAguovVHVxPc3cSH1nfHeWip9n9Mg&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664487481093&rpt=1037&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B07 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZyP9ocPMfdNOseYPLtxhLizLBJIl3B7aKfTY6iSPn3vZ1iBC1pmpajxtNvWQZzeVhb5v3vhdWbTDPBDv5vWe-TYsGSXmFeKYFMcLeV8Sul0qwGwr1gV4kZuGTjVJfcY521c4&sai=AMfl-YS-9fOP78bou2CCMlWCojTqsb39r0_SL0PdrbXBIpZAiOho3vOQ9cjrf9n-5dj6Fd-Tf-7mPpxf5tQAE3-r0q1vJGBTVDA8SNczI794BJJJRTS2fJEFaLZeFG3rBg&sig=Cg0ArKJSzA160n1v4W7-EAE&cid=CAASJORopddw_0Dp4jvZzhQOMCaek8-wO5Pirxqg_5SgSY98dwWETQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664487481097&rpt=1272&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A4B3 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16707801479196189636/300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16707801479196189636/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Sep 2022 21:38:03 GMT
300x250.js
s0.2mdn.net/sadbundle/16707801479196189636/ Frame A4B3 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16707801479196189636/300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16707801479196189636/300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
a7332047f19dba16eac79b10a4029a43f8cde0389df43a307a9a7eb4eea60cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16707801479196189636/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11280
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 01:41:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Sep 2023 01:44:44 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 29 Sep 2022 21:38:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
244369
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		429 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
137f9d3dc90c8c28967dc0d16a7c5f71f40482125bb2e136f0e36483f5a192d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
979702
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
170a70d8c358f68b6a14bb9c8f0a7a78a35f034c94bd0a3acf57f9172b70e43d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Sep 2022 21:38:03 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 29 Oct 2022 21:38:03 GMT
/
onetag-sys.com/usync/ Frame FA26 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664487478321
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
12c67a56d67aab21db4364d52b95b2212be080c29cacde8c71e49f4c7fb060a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1338
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2933 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
57223
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 29 Sep 2022 21:38:03 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 41559
X-Served-By
cache-lga21981-LGA, cache-mel11221-MEL
X-Timer
S1664487484.709653,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame E564 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 21:38:04 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 109E 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame 7B43 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.240 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 21:38:04 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 2F82 		533 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
def9cf4127f52ad9fc4db30d3943a45cffb72fda7a9c93b606f2bade3d39485b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Thu, 29 Sep 2022 21:38:03 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame CA60
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef359d1ad68412e8573fe4c10bfa019b50931dbc82cb67e559f47c6f82671ff8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
458
content-type
text/html; charset=utf-8
date
Thu, 29 Sep 2022 21:38:04 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 29 Sep 2022 21:38:03 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame 22DB 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
bd4c3fc3dc5fbd84294dce7b22a2d2ee819b9bda60b3307cc13c3a75424e241f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 21:38:03 GMT
expires
Sat, 01 Oct 2022 21:38:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L8NKV9UL-11-8VHU&gdpr=0&us_privacy=1---
0
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=44995d8f-0ded-4e86-a0b7-fee033942bb3
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=44995d8f-0ded-4e86-a0b7-fee033942bb3&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-lU41c_VE2uFDnroxAaXjMCkSEY5.tdZzitnhMkA-~A&gdpr=0&gdpr_consent=
0
0
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=44995d8f-0ded-4e86-a0b7-fee033942bb3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b24c21d8-1c94-4862-a503-0c0dc0c15e9a&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523716063242021849&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523716063242021849&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
0
0
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D44995d8f-0ded-4e86-a0b7-fee033942bb3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4397%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D44995d8f-0ded-4e86-a0b7-fee03...
0
0
cs
ad.turn.com/r/ Frame 2F82 		0
0
sd
us-u.openx.net/w/1.0/ Frame 2F82
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6daa4811-b46c-72c4-f4ff-a27c93f28560&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3&ttd_puid=6daa4811-b46c-72c4-f4ff-a27c93f28560&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3&ttd_puid=6daa4811-b46c-72c4-f4ff-a27c93f28560&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3&ttd_puid=6daa4811-b46c-72c4-f4ff-a27c93f28560&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 2F82
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzYQOsCo8YQAAElTvy4AAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzYQOsCo8YQAAElTvy4AAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 29 Sep 2022 21:38:03 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":61,"gdpr":false,"ipv4":"103.209.254.17","key":"YzYQOsCo8YQAAElTvy4AAAAA","privacy_sensitive":false,"uid":"YzYQOsCo8YQAAElTvy4AAAAA","upstream_id":"a-ad40089"}
X-SO-Key
YzYQOsCo8YQAAElTvy4AAAAA
X-SO-Upstream-ID
a-ad40089
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40089.dc2p.scaleout.jp
X-SO-UID
YzYQOsCo8YQAAElTvy4AAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
103.209.254.17
X-SO-Cluster-ID
61
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzYQOsCo8YQAAElTvy4AAAAA
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
3
cr-p3.ladsp.com/cookiesender/ Frame 2F82 		0
0
pixel
cm.g.doubleclick.net/ Frame 2F82 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDFjNTliZGItN2QxYi0yYzYwLWUxMWYtZjhjNTU5MTA0YjAw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2F82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4ReWFP9PXWoNjsImVN8GY&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4ReWFP9PXWoNjsImVN8GY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4ReWFP9PXWoNjsImVN8GY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x250_atlas_1.jpg
s0.2mdn.net/sadbundle/16707801479196189636/images/ Frame A4B3 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16707801479196189636/images/300x250_atlas_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
02afa8295964d794160f6bebb95501ffd058eff1bd5ed500c25ba1091f7bfaeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16707801479196189636/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 15:26:09 GMT
x-content-type-options
nosniff
age
108714
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104339
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 01:41:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Sep 2023 15:26:09 GMT
async_usersync
ib.adnxs.com/ Frame 2933 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 21:38:03 GMT
AN-X-Request-Uuid
926c755b-e36c-43b9-b7aa-e1e689a77618
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.17; 103.209.254.17; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
sync.mathtag.com/sync/ Frame FA26 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame FA26 		0
0
/
onetag-sys.com/match/ Frame FA26
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7576552041308880809
0
0
tap.php
pixel.rubiconproject.com/ Frame FA26 		0
0
pixel
cm.g.doubleclick.net/ Frame FA26
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg4svaljpBg0Zh7uPHy0dAdjnnUHP3UT6Mg
0
0
sync
ssbsync-global.smartadserver.com/api/ Frame FA26 		0
0
711916.gif
id.rlcdn.com/ Frame FA26 		0
0
ecm3
s.amazon-adsystem.com/ Frame FA26
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=L4oQEmeERfXu8STZQZLRvZrT5cNo1qFcW1MtaNX_0JU
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame FA26 		0
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame FA26 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664487478321
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:38:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame FA26
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664487478321
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 21:38:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame FA26 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664487478321
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:38:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
gum.criteo.com/ Frame 22DB 		0
0
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame CB55 		0
0
cm
p.rfihub.com/ Frame B5B9 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 519F 		0
0
getuid
ib.adnxs.com/ Frame 22DB 		0
0
cm
us-u.openx.net/w/1.0/ Frame 22DB 		0
0
rmp1r1
sync.1rx.io/usersync2/ Frame 22DB 		0
0
pixel
cm.g.doubleclick.net/ Frame 22DB 		0
0
ping_match.gif
pm.w55c.net/ Frame 22DB 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 22DB 		0
0
sync
x.bidswitch.net/ Frame 22DB 		0
0
/
b1sync.zemanta.com/usersync/medianet/ Frame 22DB 		0
0
sync
rtb.mfadsrvr.com/ Frame 22DB 		0
0
um
cs.emxdgt.com/ Frame 22DB 		0
0
cksync
cs.media.net/ Frame 22DB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3
0
0
usync.js
eus.rubiconproject.com/ Frame E564 		0
0
generic
match.adsrvr.org/track/cmf/ Frame CA60 		0
0
ebda
eb2.3lift.com/ Frame CA60 		0
0
pixel
cm.g.doubleclick.net/ Frame CA60 		0
0
demand
eb2.3lift.com/sync/google/ Frame CA60 		0
0
setuid
px.ads.linkedin.com/ Frame CA60 		0
0
sync
x.bidswitch.net/ Frame CA60 		0
0
1121978219697122928566
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame CA60 		0
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame CA60 		0
0
c.gif
c.bing.com/ Frame CA60 		0
0
triplelift
b1sync.zemanta.com/usersync/ Frame CA60 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame EB6C 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.servenobid.com
URL
https://ads.servenobid.com/adreq?cb=931
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11227250725080;ec=11227250727974;adv.a=5924564;c.a=27546839;s.a=3252202;p.a=333049277;a.a=524935766;cache=2074553155;
Domain
id5-sync.com
URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525897493458701898&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid/magnite?uid=L8NKV9UL-11-8VHU&gdpr=0&us_privacy=1---
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-lU41c_VE2uFDnroxAaXjMCkSEY5.tdZzitnhMkA-~A&gdpr=0&gdpr_consent=
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523716063242021849&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4397%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D44995d8f-0ded-4e86-a0b7-fee033942bb3%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00NDk5NWQ4Zi0wZGVkLTRlODYtYTBiNy1mZWUwMzM5NDJiYjM%253D%26uid%3D%24UID
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=9&gdpr=0
Domain
cr-p3.ladsp.com
URL
https://cr-p3.ladsp.com/cookiesender/3
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7576552041308880809
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=g3GxV5TUzXwbMJeI4uzBg3n34gaqP3jkUug2TqhPXlM
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg4svaljpBg0Zh7uPHy0dAdjnnUHP3UT6Mg
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=L4oQEmeERfXu8STZQZLRvZrT5cNo1qFcW1MtaNX_0JU
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Drkt%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3D%7Buserid%7D
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Dpba%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3DPM_UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Dapx%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3D%24UID
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Dopx%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Dr1%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3D%5BRX_UUID%5D
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA3NDg5MDgzMTUzMTM0MjAwMFYxMA%3D%3D&google_sc=1
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Ddxu%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3D_wfivefivec_
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Dzem%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3D__ZUID__
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3074890831531342000V10
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3074890831531342000V10%26type%3Demx%26refUrl%3D%26vid%3D44874841093074890831531342000V10%26ovsid%3D%24UID
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=2ec19a57-5e0b-4a9e-a23d-5d0814c455e3
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1121978219697122928566&dbredirect=true&gdpr=0&consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1121978219697122928566&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/1121978219697122928566?gdpr=0&gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1121978219697122928566
Domain
c.bing.com
URL
https://c.bing.com/c.gif?xid=1121978219697122928566&Red3=TLMS_pd
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| ucf object| request string| paramsString object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover function| setImmediate function| clearImmediate number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

38 Cookies

Domain/Path Name / Value
.aralego.com/ Name: sspid
Value: 95611ed8-b499-3bf3-98ba-358fca1a3d99
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 505dc21f-8402-4cca-a7ba-5cbbc42e4cef
.adpushup.com/ Name: ap_uid
Value: fb2af581-403e-11ed-8c80-000d3aa3c7d4
.adpushup.com/ Name: ap_usid
Value: fb2af582-403e-11ed-8c80-000d3aa3c7d4
.bg3.co/ Name: __gpi
Value: UID=00000a106f5f41b5:T=1664487476:RT=1664487476:S=ALNI_MZOH6cxvAt9qK8o2LZduiniH65o6g
.doubleclick.net/ Name: IDE
Value: AHWqTUlN8OooSQ9MCairu2vTsZ1RSw122XH-mykW2vOKbERwEyr3ZBwwM3arTXDfKo0
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: be067748-1deb-4d33-ae29-6a94f7d5b69d
.openx.net/ Name: i
Value: be067748-1deb-4d33-ae29-6a94f7d5b69d|1664487477
.onetag-sys.com/ Name: OTP
Value: g3GxV5TUzXwbMJeI4uzBg3n34gaqP3jkUug2TqhPXlM
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwtqDYmQY4AUABSAEQtqDYmQYYAA..
.adnxs.com/ Name: uuid2
Value: 7576552041308880809
.rubiconproject.com/ Name: khaos
Value: L8NKV9UL-11-8VHU
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLIWOeNSki36yKB0+A8/5Oa8XALOT2m4svvzzeB4rp5ES5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.teads.tv/ Name: tt_viewer
Value: 44db2ac5-0677-4867-a4c5-82f2e6357716
.omnitagjs.com/ Name: ayl_visitor
Value: 3d939bf5cf2a00bbf6b5fd21f8a0e365
www.bg3.co/ Name: qcSxc
Value: 1664487478609
.quantserve.com/ Name: mc
Value: 63361036-aa606-017d7-ce53a
.bg3.co/ Name: __qca
Value: P0-342885189-1664487478606
.prebid.a-mo.net/ Name: __amc
Value: 1_1664487478_1664487478
.a-mo.net/ Name: amuid2
Value: 44995d8f-0ded-4e86-a0b7-fee033942bb3
.prebid.a-mo.net/ Name: sd_amuid2
Value: 44995d8f-0ded-4e86-a0b7-fee033942bb3
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1664487479.1.0.1664487479.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.418387068.1664487480
.bg3.co/ Name: __gads
Value: ID=58708309ca693b57:T=1664487476:S=ALNI_MZGBdoguCy2BGUqY51RPAJ9Lfon9g
.criteo.com/ Name: uid
Value: 548ef1e4-9ce1-4725-9d0f-038b62ace924
.bg3.co/ Name: cto_bundle
Value: CnWt4V9PaXlkJTJGN0llZHFySnQ0eVQ0V0N1Y1VpVXFMMUhQYmpGcG4wNXpza1o5UElSaWI1TEdoYXBLQUVpNk9FN0xWMXJpME9xQU43TWV3UXI4Um5wY2o2eUxab1lRUEtZakV5VG9WTGtiUHVNSm5LdU1sUSUyRkh3ZGE3U0xkaVFxVU96c3k2S05DbjlDdUxyJTJCcTh4U0ZUeDBjN2clM0QlM0Q
.casalemedia.com/ Name: CMPS
Value: 5315
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In6cpY+w!]tbPl1M>e)ZlrFUfJ+tGXxoeIK=ePUb%I=DXbVh_Yd%PFqa_VYZS$=5jOCj3If)y3KL9D3I?+I1Qf61
.casalemedia.com/ Name: CMID
Value: YzYQOox.bcsiXBubj4mJaQAA
.casalemedia.com/ Name: CMTS
Value: 4682
.casalemedia.com/ Name: CMPRO
Value: 4689
.adsrvr.org/ Name: TDID
Value: 2ec19a57-5e0b-4a9e-a23d-5d0814c455e3
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIrKGTtZ2bkTsQBRgFIAEoAjILCJr0j-Gzm5E7EAU4AQ..
.sharethrough.com/ Name: stx_user_id
Value: 6ff73dcd-18f3-4d96-b227-28aeacc7c481

4 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664487476&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyan-xi-huo-shan-dao-you-ren-ru-zhi-hai-shi-huo-shan-yan-feng-guang-qi-li.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664487475652&bpp=13&bdt=1408&idt=735&shv=r20220927&mjsv=m202209280101&ptt=5&saldr=sa&correlator=5198934008025&frm=23&ife=1&pv=2&ga_vid=1165728026.1664487476&ga_sid=1664487476&ga_hid=343950385&ga_fc=0&ga_cid=amp-haSPzcRDfeR9fc3DqNhFig&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2525578799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069959%2C42531706%2C31070010%2C44774605&oid=2&pvsid=2874003683732458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5oaipgf7r6u8&fsb=1&dtd=752
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EveWFuLXhpLWh1by1zaGFuLWRhby15b3UtcmVuLXJ1LXpoaS1oYWktc2hpLWh1by1zaGFuLXlhbi1mZW5nLWd1YW5nLXFpLWxpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ad.atdmt.com/i/img;adv=11227250725080;ec=11227250727974;adv.a=5924564;c.a=27546839;s.a=3252202;p.a=333049277;a.a=524935766;cache=2074553155;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
ad.atdmt.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
aid.send.microad.jp
aplogger.adpushup.com
b1sync.zemanta.com
b432474d6bcd0a9da4547a8302d158f9.safeframe.googlesyndication.com
bidder.criteo.com
c.bing.com
c1.adform.net
c711428a3652fe5a25438e752cc0599b.safeframe.googlesyndication.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csm.as.criteo.net
d-20007048061093706366.ampproject.net
delivery.adrecover.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fafa59765d81ca88780b84bf059c6146.safeframe.googlesyndication.com
fastlane.rubiconproject.com
gdn.socdm.com
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image8.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.srv.stackadapt.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.atdmt.com
ad.turn.com
ads.pubmatic.com
ads.servenobid.com
b1sync.zemanta.com
c.bing.com
cm.adform.net
cm.g.doubleclick.net
cr-p3.ladsp.com
cs.emxdgt.com
cs.media.net
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image8.pubmatic.com
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.servenobid.com
px.ads.linkedin.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.mathtag.com
us-u.openx.net
x.bidswitch.net
103.229.10.192
104.16.86.20
104.18.19.126
104.211.156.162
104.254.148.251
124.146.153.150
124.146.215.51
13.33.33.58
13.33.33.78
13.76.45.37
139.99.49.250
142.250.4.155
142.250.66.227
142.251.10.148
142.251.10.154
142.251.12.132
142.251.12.154
142.251.12.155
145.40.89.200
151.101.193.108
172.217.194.105
172.217.194.132
172.217.194.154
172.67.71.254
172.67.72.16
174.137.133.49
18.179.72.109
182.161.73.129
182.161.73.132
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.148
182.161.74.19
185.84.60.30
202.233.84.1
209.58.171.197
216.239.38.178
23.207.36.20
23.207.36.240
23.207.37.41
23.75.85.227
34.107.148.139
35.213.12.39
35.213.124.31
35.227.252.103
35.244.159.8
35.71.131.137
35.71.178.8
42.99.140.144
42.99.140.200
44.230.111.82
52.196.248.191
52.2.255.108
52.220.40.119
52.74.13.196
54.169.199.37
64.120.88.131
69.16.175.42
69.173.158.65
69.174.120.107
74.125.130.94
74.125.130.97
74.125.24.154
84.17.37.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0155a5a3f05be5c150468a5130b4ed9aae34fe963c387bc50263614f659149ce
0233e2cbb9b3d99b5d53978de12374d199c907b24a3eab9ab26cf1237ef72264
02afa8295964d794160f6bebb95501ffd058eff1bd5ed500c25ba1091f7bfaeb
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
067d20fac4083b7d51e6f4313eec1c579cba7959c0465c58d1ebb86409fa4b41
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b951c6f01c3f4d03e5cc99b8e1c4815314ec0f3855597b40697f9f14c1d7bc7
0bdee6f00b9a245c30a26fb278c242f91f2f5c074d47cd8d7dd22f8c6cbc5ecb
0f4c8b81f1d4ae7ac1b75a73516050fced14535c5ced088078b27d7528ed08a7
10c007df5ff83f3f314238ca5399f563f2d97f25853fd8cc641a23796c38ba0e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c67a56d67aab21db4364d52b95b2212be080c29cacde8c71e49f4c7fb060a2
137f9d3dc90c8c28967dc0d16a7c5f71f40482125bb2e136f0e36483f5a192d1
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
170a70d8c358f68b6a14bb9c8f0a7a78a35f034c94bd0a3acf57f9172b70e43d
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
2058128279d74eb5fda6ce21db2ea4467373fe70f34cafa2cc42e13d4b8d6292
22baebf9ee236c538f59eb4e6dac10aba76c6edd892bce543a8afd9960199e2f
22f0fbacffde9c833cfede6746bac541a812e86565afe4e8557c48c6d1130e65
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26f7f2c20742d63068b59c8f42d7cad213c27ab02c1641c73d03d580e649bb0b
284b1add8ad16217b2da47594ce84375fc02575daf67009d6128ff6c0d864ff5
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
29218b7d804201ebe3b309b401a6ef23c562909a0f59e9af333d6781ab694d8c
2adb24e71fe40bf6c217e3e30ea7d4969dc89d99096b6ea556ed83c849c721f6
2ae1d09e3e3ba08fbfd1ef4defffda3bec432f55b89ea7529276db3048f4d9d1
2bb603093a2e8c87fd9955a9687191ef64f16b618e2501aef6de3c1f5dbf56cd
2e2fee741a72d1c636e3173caf6e2ef9b219353fef464f2e6346da79e0612ff6
2ee5b74078697198e58a8983bea3486978bbb61ff42185acf5ad21dcdfba637b
2fdcc086c66d6d46161cc9e2566e3f5d9e33e2abb9c07126383d50931b4751fc
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ab1e1b441b16936d593640005e472948a6f4170527c02708ba56d5222932db
40acc9836ba9fb798b624b3be19ea27058477bad94a91ccd8b60bd2bc95cdf10
41d0df64699d28f8560adc3fddebefa9674313ae77cbad92d0f2481737433e88
43c9bbaabecce53b78baa6ae56fc0c4400bb85aa9d0e20c97135e393c60f6ce4
44ac02ea07c96f24633262e18f47593e30f22442377f4a8bee84adf02e01b4ae
469b5e0a744f809071294a40c665f29a42a73381490dbe10ca6eabc125567fb2
48b324fcaaf59a205fbc675ada39c7f0a9c6d360824b367ac3afbe3eae9ec095
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c41da38a3c89ccef7763348498f4b16a85cd5e942213202c52114e5185b352f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50acfcbf8e0b2866589b3603c2f28b3b86c974680d1fe007bed108e2f8205288
517c70d04c490d373559fc82e7d043cd9d6639f6607d4a098b3e86c1caefcc71
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c3ed8a0c360ba1465ed43bf7d8cfd401a23d65ce20283a5a2ba3d733e3118a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5e3f2bcd9990588f5cfa4771f22f8d2a89f417f490e7480ef100cda4f95932fd
5ee961e81e187f26e1d2f61cb5c5be0b3b70e532cbb844b5d91d1ed1b809beee
5f1a47066aa85e63d75098c4453749fc4a185a2dcb3f1631f038e55257dbb897
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6579a6c375c7e47cbc073b0a913cf48704c9ee8d5219c1ac6121ce59bb4dee84
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b93b384ba34761613cd707cafcfddf2730bbb3d59e7153c84c301c69084d5d0
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73a645c098f0a0b001424560d5b87df68b5b97998ec91ed54f375f50a73a94da
7800cef2c62af22a675d2c16dd92d47707be5a30e36963ca5247585f1f7660bd
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
8187754c0fe154f71b1505675239ee1928b0cd65159205abbe1fae052ca3b4d1
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
87e88d636eedbb1732cb8dee8a245c70b5bfdff8447754976b3e5bf41c0640e1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e84fa22928cbf7cc9d74c62a6e793cca5a1caf59746bcc0fdf589eba589a114
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f72ee4a067838299be02176e75277e91c92bea87988e23404e084079b272664
8ff2214c2181bf22151fe76b4cf649a61de7465d3c197f8139516a9d1ee81667
9074c976631ad867fe02029b46fa4ea30d7b46433a965f3f2aeeaa60d2f46084
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
934167ca23b26b8898e0f2735c9b2e41657dc7f8376fadc258c87746b297c7e4
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbf6825e0e585b05922d1c610bc18d7180b71affe23fe01edf234e8dd5a36db
9cc157bffd0b09af9bb7da04660e3334e5c2d85be27d2296605a73d10e983cc4
9e1c718b2348895b07cfe690810bf4ce9afe3577ab7f023f4d04d95a628f4a3c
9fb6a34b437449b9e1f9bb8f4ac7126ef62c741d5be12286334fe173d2f7d023
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a253a9822bcb217a9087aaaa4a7729b7d5bfb97194e1562be15a2121072a8e54
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a3d45e54ebfce8c133a529d908e48b3af9ae46683e13edafd807731cd4edafc7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66b738895cdc64c71ff4f986fc01e49e0728d87049a176f2f74b30bf3a7c1ef
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7332047f19dba16eac79b10a4029a43f8cde0389df43a307a9a7eb4eea60cfc
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a8c58ade1cbf551321e1fffbb24de8def0120d65801b8396e39b044239136715
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ab9bc4008aead16838e97f0479b050e38c090578a268a6b9457981021f70a10d
ac093e7935d69e497236201bebb39dce3d42fed0ef8b88a0851936caf76dbf78
ac4d9f8c068e2fab8850332cbda29999343839f495dc3065f2b137ff49799a5e
acb00756558449eb036c4ffa99c52e7230c4d2e7655c9946dc6595b84cea4f94
aed462cd4e2607331627efa7f5597626f899356a0a05a92443298b9261840db5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4c3fc3dc5fbd84294dce7b22a2d2ee819b9bda60b3307cc13c3a75424e241f
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c09793c2f014918f9c4452ad67e812a10b17ec0c0231917b16930421adb891f9
c1442b31a9fefb0ad2e7737a2618c702cbb6c86bd364103a4b4126e832953e3e
c263627f113003299208aa650333d2df61ddcd87bfd74368f6469569bb35d9d2
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c4a3324b9281bf50b9a4e59319915def6569280b8ab9c86dcf9e6b177e1cf8d4
c4d03f22431ef5a5ac30ea28a95e15420a70b84ad8b1123b1a84356c55d4b747
c9225b49f97bcab9a2c897b1241671d98ea2c7a3e2232dcb21797b4d26997be0
c9d39b0c6fd30f79e7feea1a01d35fbfdeeeeeda6a7b33a2f2f26375b9aa5d51
caf8304b05657563c0301cd1acaf4e38eec9ba99e3796e54fe852cc6cc2606b7
d2cdaa1d7602f9c3d804b0f8e461f4b035dcae48b9a4e6f5e8d0ebdfa7bdcc33
d745a428bd193d2b28edd4fa5b52a35e209df48780a4dc9d020d28b88712822b
d7d7e9938d26a27c9f40902bbcbae7060bd05296736a878c9287ca2b0c64eb94
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
d931013fa15069a793bee14a65e3a9b8e4bce2adff28ae4905e62bf52b296d08
d9b19ef4c68b85c93da5e0ca1196a1b66df7b607c24b57ded31335ab29227280
da02e7041f6b6dc7aa4c956b6266341a2a9e13e1d1a0179eecc977049ceb38f8
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
def9cf4127f52ad9fc4db30d3943a45cffb72fda7a9c93b606f2bade3d39485b
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e916f381680f0ebdd3985f5731765c85407c3106ec564522c134e64b6b223ec5
ebeb92a658184a4245e7e46aa96c43011d1a111ecad54fd7d5af8a115d39c070
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef359d1ad68412e8573fe4c10bfa019b50931dbc82cb67e559f47c6f82671ff8
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
f1c21a3e4eda803a2a21503813c15a46e86a9ca59b235d25816b24905d0c92e2
f4cb89e2f249047e06c9281608753f7458af020c2c86b884f5dac4d005622eb8
f8826ee78746ed779b98dd9d258784fc4fe492ee7a11bd68a07129acf4e41f93
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1