urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao...
Submission: On August 22 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 7 countries across 112 domains to perform 485 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
20 74.125.24.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
19 172.67.72.16 13335 (CLOUDFLAR...)
43 142.251.12.154 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
3 104.211.156.162 8075 (MICROSOFT...)
12 142.251.10.154 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
15 142.251.10.155 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
2 13 172.217.194.155 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
3 182.161.73.136 55569 (CRITEO-AS...)
7 34.98.64.218 15169 (GOOGLE)
4 139.99.49.250 16276 (OVH)
12 52.213.181.231 16509 (AMAZON-02)
2 13 145.40.89.200 54825 (PACKET)
1 34.107.148.139 15169 (GOOGLE)
1 54.255.144.233 16509 (AMAZON-02)
1 104.83.197.63 16625 (AKAMAI-AS)
4 35.72.150.84 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 182.161.73.145 55569 (CRITEO-AS...)
3 20 104.18.18.126 13335 (CLOUDFLAR...)
4 8 104.254.150.228 29990 (ASN-APPNEX)
1 4 103.229.10.171 16509 (AMAZON-02)
2 142.251.12.97 15169 (GOOGLE)
2 54.192.150.58 16509 (AMAZON-02)
4 172.217.194.102 15169 (GOOGLE)
1 54.192.150.50 16509 (AMAZON-02)
3 172.217.194.95 15169 (GOOGLE)
36 74.125.200.132 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 12 74.125.24.147 15169 (GOOGLE)
18 23.36.252.26 16625 (AKAMAI-AS)
2 42.99.128.160 4637 (ASN-TELST...)
19 104.83.196.24 16625 (AKAMAI-AS)
4 74.125.130.156 15169 (GOOGLE)
6 74.125.24.94 15169 (GOOGLE)
12 13 35.71.131.137 16509 (AMAZON-02)
1 52.84.45.129 16509 (AMAZON-02)
3 9 35.71.178.8 16509 (AMAZON-02)
1 23.72.44.239 16625 (AKAMAI-AS)
3 11 23.15.148.136 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
11 15 69.173.158.64 26667 (RUBICONPR...)
7 7 52.74.13.196 16509 (AMAZON-02)
4 4 89.207.22.105 41041 (VCLK-EU-SE)
16 47 74.125.24.155 15169 (GOOGLE)
1 3 104.18.35.11 13335 (CLOUDFLAR...)
1 1 172.104.45.159 63949 (LINODE-AP...)
10 10 64.202.112.223 23352 (SERVERCEN...)
3 3 133.186.161.88 45974 (NHN-AS-KR...)
1 35.213.109.249 15169 (GOOGLE)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 141.95.98.67 ()
4 142.250.219.3 15169 (GOOGLE)
1 173.194.28.102 15169 (GOOGLE)
3 4 50.116.239.135 6336 (TURN-US-ASN)
2 5 35.244.159.8 15169 (GOOGLE)
3 3 202.241.208.100 4694 (IDCF IDC ...)
1 1 54.192.150.114 16509 (AMAZON-02)
4 4 54.192.150.119 16509 (AMAZON-02)
1 104.19.159.19 13335 (CLOUDFLAR...)
1 1 3.115.209.30 ()
1 34.96.105.8 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
1 159.203.145.121 ()
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 104.21.41.253 13335 (CLOUDFLAR...)
2 37.157.6.241 ()
1 1 23.106.127.38 59253 (LEASEWEB-...)
3 16 67.199.150.82 62713 (AS-PUBMATIC)
14 20 103.231.98.194 ()
1 3 67.199.150.85 ()
3 3 104.18.19.126 13335 (CLOUDFLAR...)
6 6 209.191.163.210 ()
1 103.231.98.203 ()
1 54.82.201.159 ()
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.102.194 ()
1 13.107.21.200 8068 (MICROSOFT...)
3 5 52.77.77.30 16509 (AMAZON-02)
3 6 52.46.143.56 ()
4 4 104.65.229.32 ()
2 2 198.8.71.129 ()
4 23.72.44.196 ()
8 8 74.118.186.45 ()
4 4 52.76.225.46 ()
2 2 182.161.73.146 ()
5 6 35.213.12.39 ()
2 2 18.198.190.98 ()
2 44.195.112.134 ()
3 3 151.101.2.49 ()
1 1 52.2.211.96 ()
2 2 135.125.160.77 ()
5 5 103.229.206.240 ()
1 1 202.232.238.37 ()
1 1 104.45.178.220 ()
2 3 23.106.127.53 ()
1 3.113.229.60 ()
1 2 54.174.20.147 ()
1 34.227.131.62 ()
1 1 35.190.60.146 ()
2 3 52.95.125.22 ()
1 1 185.183.112.148 ()
1 1 35.169.131.238 ()
1 104.18.13.76 ()
2 3 23.106.127.39 ()
1 18.136.32.109 ()
1 1 88.214.206.247 ()
2 2 18.178.218.220 ()
2 2 23.15.111.217 ()
1 67.199.150.81 ()
2 2 104.254.151.68 ()
16 54.238.120.71 ()
1 1 54.146.105.203 ()
1 1 54.164.39.11 ()
1 193.122.174.27 ()
2 169.197.150.8 ()
2 2 3.1.183.6 ()
1 1 74.214.196.131 ()
2 2 185.184.8.90 ()
1 1 8.43.72.97 ()
1 202.131.200.84 ()
1 1 18.138.18.111 ()
1 13.114.41.24 ()
2 2 3.1.14.27 ()
1 1 139.162.23.100 ()
1 1 35.186.193.173 ()
1 1 104.19.173.108 ()
1 195.5.165.20 ()
1 2 151.101.1.44 ()
2 2 169.45.107.147 ()
1 1 52.220.229.2 ()
1 1 34.102.253.54 ()
1 54.64.4.232 ()
485 94
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
20    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
c81b7725fb2574a4e0cac51dc1610615.safeframe.googlesyndication.com
9ae9d187ea7c7cce2a5abf32f2fd32d0.safeframe.googlesyndication.com
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
19    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
43    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
3    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
12    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
adservice.google.com
adservice.google.com.au
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
d-2610030963545689271.ampproject.net
15    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
13    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
1    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
4    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
12    52.213.181.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
ads.servenobid.com
13    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    54.255.144.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-144-233.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
4    35.72.150.84 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
20    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
4    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
2    54.192.150.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-58.sin2.r.cloudfront.net
adx.holmesmind.com
4    172.217.194.102 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f102.1e100.net
www.google-analytics.com
mts0.google.com
1    54.192.150.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-50.sin2.r.cloudfront.net
rules.quantcount.com
3    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
36    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
tpc.googlesyndication.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
12    74.125.24.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f147.1e100.net
www.google.com
18    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
2    42.99.128.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-128-160.pacnet.net
qsearch-a.akamaihd.net
19    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
4    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
www.googletagservices.com
6    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
fonts.gstatic.com
13    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    52.84.45.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-129.mrs52.r.cloudfront.net
public.servenobid.com
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    23.72.44.239 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-239.deploy.static.akamaitechnologies.com
js-sec.indexww.com
11    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
15    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
7    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    89.207.22.105 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-usadmm-ds.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
47    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
cm.g.doubleclick.net
3    104.18.35.11 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    172.104.45.159 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1625-159.members.linode.com
a.c.appier.net
10    64.202.112.223 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHN, KR)
app.cauly.co.kr
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    141.95.98.67 (None, )

ASN- ()
id5-sync.com
4    142.250.219.3 (United States)

ASN15169 (GOOGLE, US)
PTR: gru14s27-in-f3.1e100.net
csi.gstatic.com
1    173.194.28.102 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s07-in-f6.1e100.net
rr1---sn-ntqe6n7k.googlevideo.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
3    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    54.192.150.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-114.sin2.r.cloudfront.net
cr-p3.ladsp.jp
4    54.192.150.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-119.sin2.r.cloudfront.net
cr-pall.ladsp.com
cr-p1.ladsp.com
1    104.19.159.19 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
1    3.115.209.30 (None, )

ASN- ()
v9999.adv.admeme.net
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    159.203.145.121 (None, )

ASN- ()
cs.chocolateplatform.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    104.21.41.253 (None, )

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
2    37.157.6.241 (None, )

ASN- ()
cm.adform.net
1    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
16    67.199.150.82 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
20    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
3    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
3    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
6    209.191.163.210 (None, )

ASN- ()
ap.lijit.com
ce.lijit.com
1    103.231.98.203 (None, )

ASN- ()
ow.pubmatic.com
1    54.82.201.159 (None, )

ASN- ()
pbs.aniview.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.102.194 (None, )

ASN- ()
p.adsymptotic.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    52.77.77.30 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-77-30.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
4    104.65.229.32 (None, )

ASN- ()
stags.bluekai.com
2    198.8.71.129 (None, )

ASN- ()
p.rfihub.com
4    23.72.44.196 (None, )

ASN- ()
ads.pubmatic.com
8    74.118.186.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
4    52.76.225.46 (None, )

ASN- ()
pm.w55c.net
2    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
6    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
2    18.198.190.98 (None, )

ASN- ()
rtb.mfadsrvr.com
2    44.195.112.134 (None, )

ASN- ()
cs.emxdgt.com
3    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    52.2.211.96 (None, )

ASN- ()
fksnk.com
2    135.125.160.77 (None, )

ASN- ()
c.eu1.dyntrk.com
5    103.229.206.240 (None, )

ASN- ()
sync.mathtag.com
1    202.232.238.37 (None, )

ASN- ()
sync.fout.jp
1    104.45.178.220 (None, )

ASN- ()
mweb.ck.inmobi.com
3    23.106.127.53 (None, )

ASN- ()
ssbsync.smartadserver.com
1    3.113.229.60 (None, )

ASN- ()
g2.gumgum.com
2    54.174.20.147 (None, )

ASN- ()
x.yieldlift.com
1    34.227.131.62 (None, )

ASN- ()
ssp.disqus.com
1    35.190.60.146 (None, )

ASN- ()
id.rlcdn.com
3    52.95.125.22 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
1    35.169.131.238 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
1    104.18.13.76 (None, )

ASN- ()
cdn.indexww.com
3    23.106.127.39 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    18.136.32.109 (None, )

ASN- ()
match.sharethrough.com
1    88.214.206.247 (None, )

ASN- ()
cs.admanmedia.com
2    18.178.218.220 (None, )

ASN- ()
match.prod.bidr.io
2    23.15.111.217 (None, )

ASN- ()
px.owneriq.net
1    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
2    104.254.151.68 (None, )

ASN- ()
secure.adnxs.com
16    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
1    54.146.105.203 (None, )

ASN- ()
sync.srv.stackadapt.com
1    54.164.39.11 (None, )

ASN- ()
sync.ipredictive.com
1    193.122.174.27 (None, )

ASN- ()
sync.technoratimedia.com
2    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
2    3.1.183.6 (None, )

ASN- ()
ad.360yield.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    13.114.41.24 (None, )

ASN- ()
dps.jp.cinarra.com
2    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
1    139.162.23.100 (None, )

ASN- ()
gocm.c.appier.net
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    104.19.173.108 (None, )

ASN- ()
csync.loopme.me
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    151.101.1.44 (None, )

ASN- ()
trc.taboola.com
match.taboola.com
2    169.45.107.147 (None, )

ASN- ()
um.simpli.fi
1    52.220.229.2 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    54.64.4.232 (None, )

ASN- ()
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
84 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
c81b7725fb2574a4e0cac51dc1610615.safeframe.googlesyndication.com
9ae9d187ea7c7cce2a5abf32f2fd32d0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
1 MB
70 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
582 KB
45 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 603
image2.pubmatic.com
image4.pubmatic.com
ow.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
44 KB
38 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
hblg.media.net — Cisco Umbrella Rank: 1470
contextual.media.net — Cisco Umbrella Rank: 537
warp.media.net — Cisco Umbrella Rank: 2128
lg3.media.net — Cisco Umbrella Rank: 3677
cs.media.net — Cisco Umbrella Rank: 1357
343 KB
32 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com — Cisco Umbrella Rank: 582
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
55 KB
23 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum.casalemedia.com — Cisco Umbrella Rank: 1324
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
19 KB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
mts0.google.com — Cisco Umbrella Rank: 4533
46 KB
20 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
135 KB
18 gumgum.com
g2.gumgum.com
usersync.gumgum.com
rtb.gumgum.com
6 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
325 KB
14 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
assets.a-mo.net — Cisco Umbrella Rank: 3660
19 KB
14 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
u.openx.net — Cisco Umbrella Rank: 705
us-u.openx.net — Cisco Umbrella Rank: 399
jp-u.openx.net — Cisco Umbrella Rank: 9434
rtb.openx.net — Cisco Umbrella Rank: 1517
3 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
e3.adpushup.com — Cisco Umbrella Rank: 17352
259 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
7 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
public.servenobid.com — Cisco Umbrella Rank: 3759
8 KB
12 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
7 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com — Cisco Umbrella Rank: 604
secure.adnxs.com
39 KB
10 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
6 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
138 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
4 KB
9 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
7 KB
7 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1937
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
4 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
1 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 1rx.io
sync.1rx.io
4 KB
6 lijit.com
ap.lijit.com
ce.lijit.com
4 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
bidder.criteo.com — Cisco Umbrella Rank: 759
dis.criteo.com
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
5 mathtag.com
sync.mathtag.com
3 KB
4 w55c.net
pm.w55c.net
3 KB
4 bluekai.com
stags.bluekai.com
3 KB
4 ladsp.com
cr-pall.ladsp.com — Cisco Umbrella Rank: 3699
cr-p1.ladsp.com — Cisco Umbrella Rank: 16846
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
r.turn.com
2 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2749
pubmatic-match.dotomi.com
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
173 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
cms.quantserve.com — Cisco Umbrella Rank: 1072
11 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 everesttech.net
sync-tm.everesttech.net
884 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
1 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
3 KB
3 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2202
mweb.ck.inmobi.com
2 KB
3 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 132545
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 816
s.tribalfusion.com — Cisco Umbrella Rank: 2148
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
519 B
2 simpli.fi
um.simpli.fi
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
560 B
2 adgrx.com
cm.adgrx.com
1 KB
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com
623 B
2 deepintent.com
match.deepintent.com
83 B
2 owneriq.net
px.owneriq.net
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 yieldlift.com
x.yieldlift.com
1 KB
2 dyntrk.com
c.eu1.dyntrk.com
1 KB
2 emxdgt.com
cs.emxdgt.com
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 adsymptotic.com
p.adsymptotic.com
552 B
2 adform.net
cm.adform.net
c1.adform.net Failed
211 B
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5540
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15648
gocm.c.appier.net
983 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com
2 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1614
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
57 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 369022
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
775 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
10 KB
1 playground.xyz
ads.playground.xyz
464 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com
737 B
1 iprom.net
core.iprom.net
279 B
1 loopme.me
csync.loopme.me
406 B
1 ctnsnet.com
ipac.ctnsnet.com
459 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ambientdsp.com
cm.ambientdsp.com
650 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 contextweb.com
bh.contextweb.com
664 B
1 technoratimedia.com
sync.technoratimedia.com
292 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 stackadapt.com
sync.srv.stackadapt.com
591 B
1 admanmedia.com
cs.admanmedia.com
538 B
1 sharethrough.com
match.sharethrough.com
280 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
377 B
1 adotmob.com
sync.adotmob.com
705 B
1 rlcdn.com
id.rlcdn.com
440 B
1 disqus.com
ssp.disqus.com
217 B
1 fout.jp
sync.fout.jp
704 B
1 fksnk.com
fksnk.com
611 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 204
668 B
1 aniview.com
pbs.aniview.com
472 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3877
590 B
1 adkernel.com
dsp.adkernel.com
540 B
1 chocolateplatform.com
cs.chocolateplatform.com
68 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2742
173 B
1 admeme.net
v9999.adv.admeme.net
357 B
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 22525
224 B
1 googlevideo.com
rr1---sn-ntqe6n7k.googlevideo.com — Cisco Umbrella Rank: 625769
460 KB
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2858
218 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
634 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
360 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 ampproject.net
d-2610030963545689271.ampproject.net
0 linksynergy.com Failed
tags.rd.linksynergy.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 audience73.com Failed
ad.audience73.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
visitor.omnitagjs.com Failed
0 adxpremium.services Failed
rtb.adxpremium.services Failed
485 112
Domain Requested by
47 cm.g.doubleclick.net 16 redirects www.bg3.co
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
googleads.g.doubleclick.net
ssbsync.smartadserver.com
g2.gumgum.com
43 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
www.googletagservices.com
36 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bg3.co
googleads.g.doubleclick.net
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
19 contextual.media.net googleads.g.doubleclick.net
cdn.adpushup.com
contextual.media.net
public.servenobid.com
eus.rubiconproject.com
ads.pubmatic.com
19 static.bg3.co www.bg3.co
16 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
16 image8.pubmatic.com 3 redirects ads.pubmatic.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
14 simage2.pubmatic.com 9 redirects ads.pubmatic.com
13 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
13 match.adsrvr.org 12 redirects cdn.adpushup.com
13 prebid.a-mo.net 2 redirects cdn.adpushup.com
www.bg3.co
prebid.a-mo.net
13 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
12 www.google.com 1 redirects www.bg3.co
googleads.g.doubleclick.net
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
10 b1sync.zemanta.com 10 redirects
10 pixel.rubiconproject.com 7 redirects www.bg3.co
10 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
www.bg3.co
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
9 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
8 ib.adnxs.com 4 redirects cdn.adpushup.com
acdn.adnxs.com
prebid.a-mo.net
8 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 ups.analytics.yahoo.com 7 redirects
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 x.bidswitch.net 5 redirects g2.gumgum.com
6 cs.media.net contextual.media.net
6 sync.1rx.io 6 redirects
6 s.amazon-adsystem.com 3 redirects eb2.3lift.com
ssum-sec.casalemedia.com
6 image2.pubmatic.com 5 redirects ads.pubmatic.com
6 e3.adpushup.com www.bg3.co
5 token.rubiconproject.com 4 redirects www.bg3.co
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 sync.mathtag.com 5 redirects
5 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
5 us-u.openx.net 2 redirects u.openx.net
5 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pm.w55c.net 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 stags.bluekai.com 4 redirects
4 ap.lijit.com 4 redirects
4 csi.gstatic.com www.gstatic.com
4 www.gstatic.com 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
4 www.googletagservices.com googleads.g.doubleclick.net
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
4 prebid-server.rubiconproject.com cdn.adpushup.com
prebid.a-mo.net
4 onetag-sys.com cdn.adpushup.com
www.bg3.co
public.servenobid.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 sync-tm.everesttech.net 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 ssum.casalemedia.com 3 redirects
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 tg.socdm.com 3 redirects
3 ad.turn.com 3 redirects
3 app.cauly.co.kr 3 redirects
3 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 fonts.googleapis.com client
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 aplogger.adpushup.com www.bg3.co
cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 cm.adgrx.com 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com g2.gumgum.com
ads.pubmatic.com
2 secure.adnxs.com 2 redirects
2 px.owneriq.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 ce.lijit.com 2 redirects
2 x.yieldlift.com 1 redirects public.servenobid.com
2 c.eu1.dyntrk.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 p.rfihub.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cm.adform.net prebid.a-mo.net
public.servenobid.com
2 rtb2-useast.e-volution.ai 2 redirects
2 rtb.openx.net 2 redirects
2 cr-p1.ladsp.com 2 redirects
2 cr-pall.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 dclk-match.dotomi.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 warp.media.net googleads.g.doubleclick.net
2 qsearch-a.akamaihd.net www.bg3.co
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 pixel.quantserve.com 1 redirects www.bg3.co
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 cs.admanmedia.com 1 redirects
1 match.sharethrough.com ssbsync.smartadserver.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 sync.adotmob.com 1 redirects
1 id.rlcdn.com 1 redirects
1 ssp.disqus.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 mweb.ck.inmobi.com 1 redirects
1 sync.fout.jp 1 redirects
1 fksnk.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
g2.gumgum.com
1 r.turn.com googleads.g.doubleclick.net
1 c.bing.com eb2.3lift.com
1 pbs.aniview.com prebid.a-mo.net
1 ow.pubmatic.com prebid.a-mo.net
1 ssbsync-global.smartadserver.com 1 redirects
1 id.a-mx.com prebid.a-mo.net
1 dsp.adkernel.com 1 redirects
1 cs.chocolateplatform.com 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
1 tr.blismedia.com 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
1 v9999.adv.admeme.net 1 redirects
1 assets.a-mo.net prebid.a-mo.net
1 cr-p3.ladsp.jp 1 redirects
1 rr1---sn-ntqe6n7k.googlevideo.com 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
1 y.one.impact-ad.jp 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 s.tribalfusion.com 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 mts0.google.com 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
1 9ae9d187ea7c7cce2a5abf32f2fd32d0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c81b7725fb2574a4e0cac51dc1610615.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-2610030963545689271.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 tags.rd.linksynergy.com Failed ads.pubmatic.com
0 pool.admedo.com Failed ads.pubmatic.com
0 c1.adform.net Failed ads.pubmatic.com
0 visitor.omnitagjs.com Failed ssbsync.smartadserver.com
0 ad.audience73.com Failed googleads.g.doubleclick.net
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
0 rtb.adxpremium.services Failed cdn.adpushup.com
485 176

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.adpushup.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-27 -
2022-08-29		 2 years crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.a-mo.net
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-08-09 -
2022-10-18		 2 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
cs.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2022-06-28 -
2022-09-26		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.aniview.com
Amazon		 2022-05-11 -
2023-06-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ssp.disqus.com
Amazon		 2021-12-20 -
2023-01-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 88 frames:

Primary Page: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Frame ID: 577811BADDFBEF82584AC1E48E53E8EA
Requests: 102 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: A8225BEB474FDBAD5A8C7E3EF125E358
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 8E02DF8425F501011ABE139C1A7B9094
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: ECEAABCF7E51047A8CF785F23FC8A2F7
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6585634F2E428A35DA8B4CD9C24BA0EA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-34139360532900621213&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3168&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=89005667&ga_cid=amp--QLLC_N89LTnft_ux_yrfw&ga_hid=5667&dt=1661140261494&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&bdt=2307&dtd=464&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 0844CD86D758CABB8A6EE5B22F398352
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 050B0F790A9D89486EE74225337CCE81
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: A5661C35A37EF2676380D631CB7F4248
Requests: 8 HTTP requests in this frame

Frame: https://c81b7725fb2574a4e0cac51dc1610615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2ED968790241504D3220A5A901935477
Requests: 1 HTTP requests in this frame

Frame: https://9ae9d187ea7c7cce2a5abf32f2fd32d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0066EB38DD8C1F5D5300D13777E9A229
Requests: 1 HTTP requests in this frame

Frame: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7B6450FC05AAF5E111D18B6201BC08D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Frame ID: 283EC56632D572863417AF918DC50BE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Frame ID: 4EE0CD93A91E529C541335DA4BE87DAB
Requests: 1 HTTP requests in this frame

Frame: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B5310D6BDF7648E4D8CDF9BAC787AA04
Requests: 27 HTTP requests in this frame

Frame: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 51BF45C9DAA70D7D38D5462F8BA9FDEE
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: 72F656C5D6AACBAEEDFC1C53728C663E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CrtGWKv0CY_DmO7OTssUP2YWO0Aes1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoErgFP0MXQ_J1yv15Y0TJO3eSfbfcViqPnVU0g5pFurQjU2pnylicjnZOEHWxGPY-Fi5jtb3ZumtDiZ2rPiR-GHuGKpXF_ZGXV-ThhdjawM926etJZ6xQAWmvudZ8-mrsasplGR-9SHheFBAOVjUNdI1ZmVigcRfAgmotR59TuioEmUF4NU1qY-u7V9h547kDnzTTEQDIRFJ65Jy3Yfb-1aW9GKkbzYzXj4ZqIS72OKeaABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=sd5phqRt0Rc&uach_m=[UACH]&cid=CAQSKQCsnQUxIqprJDWMNwraNuXnYXyUxglvTOZsg12bdWNmwnAMj5S808pCGAE
Frame ID: 7417725501D242307C4496F4EBF6478D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CpH3lK_0CY6rmAoWByAPWv4LoD6zX_fBktPaok-ILwI23ARABIABgpfiRgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAZX1m98DyAEJqAMBqgSuAU_QSDC0KG-DkuM3V9v4inmMjk8m1a3hiM1UHViTFv_xxqcGx3qb44aGRyGtn2sGCIDcwXfsvh7Wze176DQK35iiqGYfnTs7aeNr_EtOz_ebSUyBtXkzsAdpf5BdOTkbBLFT5k3QA84sup-Y7RIDIqRm9tpEZUIGNCJjyECJN4UgMO5kYZoNwSg-B8Pe8LHN5UyONpuFsCABtZo1tOfZBOtnQvG8KcsgihTL3Nyog4AGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=Ppe31nGDrsI&uach_m=[UACH]&cid=CAQSKQCsnQUxREYPwuFld_KidS2ExPv3vHYdftIwGGOO7bn8ZtIWnEhj0-5kGAE
Frame ID: 30006CD17C818813CE9DD214D19A1755
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD675E7CC114BE2561AD5B2294BFED5C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6BD56C8F0435862DDD53A204D86306A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 390D0AB7221CFF2AE4684143A97CFB10
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D68BAE4137D9701A575530965E6233DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E12329B4F4FD20C37F3E68E289E00622
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 15A16C128A6C5228B4A1A3504254A563
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 31377532A3F46E1C3FE503F5A4EA119F
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 3B34CDBB0ECEBD54C27243896799944E
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 69410D3EA2862FCB25F4616D25B3B3C3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9FEB5FEA948C0D7541004D7D64ED66D5
Requests: 10 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 58A70D51774627952D6607FEE874259E
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661140263334
Frame ID: 575036351C3C5C748DCEDE41AC356610
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2DF90AEE6BCB773DB94668CDA2AD46F1
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 19A5E6C2B4E750B672CC906DE926E38D
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8B84CEDBD5FF42BDBBCB48EE26C1AA1
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 024004EBEF5AD17F017A6ABD82053D7E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D6E68C9921AC7E60CD2B82C7CE3CF67E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: E22D0D1761636B8709403831961EDBB2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 6239E6ACF8664CE77DBDAC484B9519E5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E237A236F4F0E08802E04FCF0203A5BE
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 3BD5E61910ABDB323A29C3CF4EC719C8
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=rkt&refUrl=&vid=11402694373041418686833446000V10&ovsid=2018808911873235956
Frame ID: 6422DBEE10BE6801FF828AD524AD6C98
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Frame ID: 7427F7DA633B44B71B1513D2A9CCB184
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 6B43179054367D451D1B4DDB2D33E911
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 63E291DE72B6DEC9C5C2E4E0D53142CF
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 92318397BC5B89385917C6C8984AACED
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 3F92B624E51033C0F0783E733CC81E7E
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 60652C445EB3EF69E519AA78788074A2
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 2515C10DD77710C23EA0D19D1B72BB91
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 759CD6FE66436DC039FC92644257AC71
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 13A206D778FDF9E6FAF0212F55CF041A
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: ABA99F376EB36333715C4FE1AE30367F
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: BD63CCCE02E9A2F1EBD4DE8A30B6B283
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6768BE2A13FBB947F6F86382444FA035
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD822719FC914FF90C4505EEF007B1E7
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=ade56302-fd2e-4900-81b6-9408a7a8b32f&gdpr=0&gdpr_consent=
Frame ID: 309184AE4BF3945C5AF3FC129472A5C9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YwL9LQAINHkEXAAK&gdpr=0&gdpr_consent=
Frame ID: 707253186733860D513A774B8EF69797
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8yZDM4OThhNi03YzVjLTQ1YTYtYmI2OC1kMzYxNjgzOTJhZDI=&gdpr=0&gdpr_consent=
Frame ID: DF1ECBDF8639B69124A76B9BB3305799
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F94460E1EB5E0BD8B11F9D9729A89467
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Frame ID: C4C56BD01854786FB3946113630FA303
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: EDC2269AD554B112ECA30E2031A4C33D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YwL9LcCo5uYAAO49YTQAAAAA
Frame ID: 4D8823A6876B86829300C81566A17607
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YwL9Lfw24S4I4MKePM2kEQAA%26261
Frame ID: 1CE7B583ADA164D0F332390A9FBE66B0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Iex7cTtV60KFF24oASJt&pi=gumgum&tc=1
Frame ID: C0C2F34F3240D9B1281F8785FA3F2FB1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 66B4C29B89511E45B6A8EB93A0DA6BC8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6FBAD1F9A655ADD775C3730D7F61700A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C4EF441CD0DDCE9BD9B49DA99C15A276
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3777101F-7765-4B0C-8FB5-1C30678B2C23
Frame ID: 30F0C3A2D1ECEA4637BD592D1BA12B95
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 665AD2E70E8D3A2D1B68C97E056E20FE
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: BCE4BA5D365C05502412C616587565AF
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: D6E1E297B2BAD59620C251F4F446763D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: F5908055A34E540E405EABCCFCD10536
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wrmnmnrturg
Frame ID: 3AD2F4E0688DABDB5F08749792D9CEE6
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 4CDB2E7274A14DA403D0AE9E5104BE4F
Requests: 1 HTTP requests in this frame

Frame: https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ff6545ae-426f-4d00-9b6d-b32eae13e378
Frame ID: BC0C93F599BBF39F7F0E6E1A591F0183
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3777101F-7765-4B0C-8FB5-1C30678B2C23
Frame ID: 74685D7A551F915C5F692170F1CF5F08
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 393DD03694D231842F5E755CEAACB3C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hve6EEXJAXGMeVhlLf0CYw
Frame ID: F31B1EAD92510D1240A487A3432FC012
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=0be0ff3769714862a980c188680193a4
Frame ID: 0D15F6F3275C2858C8CD4EC3B31EE4E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: A8E40287BE7FBE9C38FC1F5EBA94DF8D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: DFC05C49254BD81BB861CC48BAAA3BAE
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CC413074D5C49471EA10B15C29BB69B9
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 5976D6560CD5C053D81366F37D82AE0E
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c304ba6-8c28-432b-abad-94d31487054c-tuct9fc82af&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 25AA7D427DED6AB0B547E5979EA31700
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 02E407314D163B23B852C7635F3C233F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=pba&refUrl=&vid=11402694373041418686833446000V10&ovsid=3777101F-7765-4B0C-8FB5-1C30678B2C23
Frame ID: 4BD9E2278047EAA6875AC981B7429AB1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD06FD0A7ECF8B3272A7887D4B785774
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10EE1B2E6961E82B5B2D3662B982081B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA9B1F74AE7C9061DB5D510D9DE655ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 316E00CCA6739ED63DBA7BEE881273CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

海灘驚見「半裸無頭女屍」衝上岸!遊客嚇壞報警 真相超害羞 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

485
Requests

72 %
HTTPS

0 %
IPv6

112
Domains

176
Subdomains

94
IPs

7
Countries

4012 kB
Transfer

9909 kB
Size

71
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 95
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140262001&bpp=15&bdt=1634&idt=573&shv=r20220817&mjsv=m202208180101&ptt=5&saldr=sa&correlator=2339911502484&frm=23&ife=1&pv=2&ga_vid=576828254.1661140263&ga_sid=1661140263&ga_hid=1019265380&ga_fc=0&ga_cid=amp--QLLC_N89LTnft_ux_yrfw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3816762865&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760912%2C31069050&oid=2&pvsid=1369396865685979&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.df5gn3j382rf&fsb=1&dtd=1110 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 99
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140262081&bpp=12&bdt=1693&idt=1049&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=2339911502484&frm=23&ife=1&pv=1&ga_vid=1549368744.1661140263&ga_sid=1661140263&ga_hid=1981738461&ga_fc=0&ga_cid=amp--QLLC_N89LTnft_ux_yrfw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=915729986&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763827%2C31068991&oid=2&pvsid=2744689635591038&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7firkix9bu31&btvi=1&fsb=1&dtd=1066 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 192
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 207
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 214
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L7480UET-18-BG0B&gdpr=0&us_privacy=1---
Request Chain 216
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A&gdpr=0&gdpr_consent=
Request Chain 218
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKgfXv5EIIfXEvJkQEarNnY&google_cver=1&google_push=AehlK4AKIBSy8ERHAnyZkNhcmuxK8rmfNUcueJ1fB4V0SvqsMCXFzYFJG6srwGDe6Rzk2wN8MW1HO1MVxlQY1irXS-KR3F6Evc5iIka7m6aH3728zVDwLTxznoTPCNzA3Zm7QBoPhdicNSjSKz47IUe1rQ HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5162947192df2058&is_secure=true&networkId=14000&version=1&google_gid=CAESEKgfXv5EIIfXEvJkQEarNnY&google_cver=1&google_push=AehlK4AKIBSy8ERHAnyZkNhcmuxK8rmfNUcueJ1fB4V0SvqsMCXFzYFJG6srwGDe6Rzk2wN8MW1HO1MVxlQY1irXS-KR3F6Evc5iIka7m6aH3728zVDwLTxznoTPCNzA3Zm7QBoPhdicNSjSKz47IUe1rQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJs7nOA3j76wN0TE5oAAAAAAA&expiration=1661226669&google_cver=1&is_secure=true&google_gid=CAESEKgfXv5EIIfXEvJkQEarNnY&google_push=AehlK4AKIBSy8ERHAnyZkNhcmuxK8rmfNUcueJ1fB4V0SvqsMCXFzYFJG6srwGDe6Rzk2wN8MW1HO1MVxlQY1irXS-KR3F6Evc5iIka7m6aH3728zVDwLTxznoTPCNzA3Zm7QBoPhdicNSjSKz47IUe1rQ
Request Chain 219
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELl3IxrP190rW4LgCkRCNdQ&google_cver=1&google_push=AehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd_xRfJpPj4A0Vm9BUhbwiQAo_KzUu_8pDE7xlO7AP2qRodEpus-I7T0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd_xRfJpPj4A0Vm9BUhbwiQAo_KzUu_8pDE7xlO7AP2qRodEpus-I7T0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELl3IxrP190rW4LgCkRCNdQ&google_cver=1&google_push=AehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd_xRfJpPj4A0Vm9BUhbwiQAo_KzUu_8pDE7xlO7AP2qRodEpus-I7T0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd_xRfJpPj4A0Vm9BUhbwiQAo_KzUu_8pDE7xlO7AP2qRodEpus-I7T0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 220
  • https://a.c.appier.net/gcm?google_gid=CAESED-eiZmx2sfxWXby-CS8xhI&google_cver=1&google_push=AehlK4CDuxTix2vtkexcVQG7HV24mfSdHHS2VmFc_0VYGI7hhqA2gIKme4DsEVtPyEB4WKNDxeiseuh2ZbJpq73rZNSPO-fOYn9bhaoqnm1zdD5ND9r7HRyjZUT9QTviubHIG869ws4NSEX-I8TZCMNXjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aHZlNkVFWEpBWEdNZVZobExmMENZdw%3D%3D&google_push=AehlK4CDuxTix2vtkexcVQG7HV24mfSdHHS2VmFc_0VYGI7hhqA2gIKme4DsEVtPyEB4WKNDxeiseuh2ZbJpq73rZNSPO-fOYn9bhaoqnm1zdD5ND9r7HRyjZUT9QTviubHIG869ws4NSEX-I8TZCMNXjw
Request Chain 221
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDv0LKv29WFqfz-5AeaENzI&google_cver=1&google_push=AehlK4C0Eebz1cCfxwAHRSysw7AMVcI_muVMJIwJwT65e_G7fA-fw52ZNauDxDfuU5hKcLOMErtwUdFuWYt3Gnl_2BN_DF_z_OFRzULqVlnhuJrNq5uE2bgHiYRN5f1f-46AL5OBRlUlaYZ7czWTfh39JA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDv0LKv29WFqfz-5AeaENzI&google_push=AehlK4C0Eebz1cCfxwAHRSysw7AMVcI_muVMJIwJwT65e_G7fA-fw52ZNauDxDfuU5hKcLOMErtwUdFuWYt3Gnl_2BN_DF_z_OFRzULqVlnhuJrNq5uE2bgHiYRN5f1f-46AL5OBRlUlaYZ7czWTfh39JA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C0Eebz1cCfxwAHRSysw7AMVcI_muVMJIwJwT65e_G7fA-fw52ZNauDxDfuU5hKcLOMErtwUdFuWYt3Gnl_2BN_DF_z_OFRzULqVlnhuJrNq5uE2bgHiYRN5f1f-46AL5OBRlUlaYZ7czWTfh39JA&google_hm=UlVEUHF5a2dQcVB1ZG9oRmF6Z1M=
Request Chain 222
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEC_rVkCS1vKZBw6x1ICNUeQ&google_cver=1&google_push=AehlK4AoSJZO5yA82LwmeiMDcQ6jgFSbWpeAn--15YQpbMIfN_pit8rhODkrvMvWP65zgh-NBA7lMVRsX9q6pAQq1wgSQvviYOr2Q0v2hIFIcdGJ3eROLDpQ-aLhKvamuFtr5qZC6zoOxf56ZmsMmlDY9ng HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4AoSJZO5yA82LwmeiMDcQ6jgFSbWpeAn--15YQpbMIfN_pit8rhODkrvMvWP65zgh-NBA7lMVRsX9q6pAQq1wgSQvviYOr2Q0v2hIFIcdGJ3eROLDpQ-aLhKvamuFtr5qZC6zoOxf56ZmsMmlDY9ng
Request Chain 224
  • https://sync.inmobi.com/gob?google_gid=CAESEI_ZzhxKfnEsG4JZJ8WFaow&google_cver=1&google_push=AehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5ReQs6MXLh-ivMdc1UsgVLpMlypj_PndC2QmbNdC1ffaDXguMw6C0ElPkcZv2gnmhuU HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5ReQs6MXLh-ivMdc1UsgVLpMlypj_PndC2QmbNdC1ffaDXguMw6C0ElPkcZv2gnmhuU&gdpr_consent=&gdpr= HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMO16WAmY72hN5ygbAc1TU2glnCyRPy5AbBP82OZw&google_push=AehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5ReQs6MXLh-ivMdc1UsgVLpMlypj_PndC2QmbNdC1ffaDXguMw6C0ElPkcZv2gnmhuU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=oxcyRwsggeh-5WA1Vd5c&google_push=AehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5ReQs6MXLh-ivMdc1UsgVLpMlypj_PndC2QmbNdC1ffaDXguMw6C0ElPkcZv2gnmhuU
Request Chain 236
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8146108124303731378&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 237
  • https://match.adsrvr.org/track/cmf/openx?oxid=4640c6ad-7b04-7dc6-f38e-be5f7224a97e&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a600e4e-96d4-4f57-a4f7-77818b1f684d&ttd_puid=4640c6ad-7b04-7dc6-f38e-be5f7224a97e&gdpr=0&gdpr_consent=
Request Chain 238
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwL9LcCo5uYAAO49YMUAAAAA
Request Chain 239
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQ5AiHJOugsNks8ADsaW3ae-Js8AAAGCw6z7WA
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFXbfy5rcz-JFw6t6YkYXg4&google_cver=1
Request Chain 247
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEDhBKVIPMqFQL7rncowZWuY&google_cver=1&google_push=AehlK4BbJvk5XzhUg9MEHVJSCOhAiAM31km-NvDNAmSh4PqfxXRP1-MT54UN2yTc4TWqMzGykgbIm6vKAcosGHiwgB6PscbLfnkpKgjpPBtjwYX9PfJKn0O2bbnlqkyaiVIzT2oFPyaWqlHVUvTfXBhdCQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4BbJvk5XzhUg9MEHVJSCOhAiAM31km-NvDNAmSh4PqfxXRP1-MT54UN2yTc4TWqMzGykgbIm6vKAcosGHiwgB6PscbLfnkpKgjpPBtjwYX9PfJKn0O2bbnlqkyaiVIzT2oFPyaWqlHVUvTfXBhdCQ
Request Chain 248
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4Ay0DQUQNlVWznCwMW4wP1Vau00_gjGO_1lmeKsvrcSyL2HchfxhX4ebq0gRqMF5BeSzyokiEnV8Fhepm3gT6HzfG71UhxsoXcVAn0GuzHid6Z-gMeiFk5Nc_IPuH4ngS-MKMELUrEljXhrv_1wEt4&google_gid=CAESENoAP63tp-br75GkOE5hvXk&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4Ay0DQUQNlVWznCwMW4wP1Vau00_gjGO_1lmeKsvrcSyL2HchfxhX4ebq0gRqMF5BeSzyokiEnV8Fhepm3gT6HzfG71UhxsoXcVAn0GuzHid6Z-gMeiFk5Nc_IPuH4ngS-MKMELUrEljXhrv_1wEt4&google_gid=CAESENoAP63tp-br75GkOE5hvXk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4Ay0DQUQNlVWznCwMW4wP1Vau00_gjGO_1lmeKsvrcSyL2HchfxhX4ebq0gRqMF5BeSzyokiEnV8Fhepm3gT6HzfG71UhxsoXcVAn0GuzHid6Z-gMeiFk5Nc_IPuH4ngS-MKMELUrEljXhrv_1wEt4&google_hm=Ac1hqY8psvW7ks8ADsd_skkqFsA
Request Chain 250
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMbUOWsjBuRGmikmYrVGcIY&google_cver=1&google_push=AehlK4DSgCNcdYmC0b3jnp5yY9cesuxox9JwpNilQb_NYLHyM1QDwZPJhZOtvFllUn067JQsxodx8Uz0ClIsita6mDH6WlKms7CR7lGMfhBGfcdsB4BsPUdfsIhcZcfEhR03LcY6ymYtC7gpwU9Vo6giAdI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DSgCNcdYmC0b3jnp5yY9cesuxox9JwpNilQb_NYLHyM1QDwZPJhZOtvFllUn067JQsxodx8Uz0ClIsita6mDH6WlKms7CR7lGMfhBGfcdsB4BsPUdfsIhcZcfEhR03LcY6ymYtC7gpwU9Vo6giAdI&google_hm=mRZMkdKCxOgV-vLooT2TxA==
Request Chain 251
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEC_rVkCS1vKZBw6x1ICNUeQ&google_cver=1&google_push=AehlK4BVfd3Ad3353GrKLkTcLi2KIabWn87TNHc-ThEAj7kMqIeerrLyMc7BwgeT4HYyl4w3hiBTvHVzSNh-cHJ-75ONXXO8UKWqVdgeB17vWsiwt5L4raOVI3Gl196HQyxyAk31JvqnhlyTFQCkTkXhlys HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4BVfd3Ad3353GrKLkTcLi2KIabWn87TNHc-ThEAj7kMqIeerrLyMc7BwgeT4HYyl4w3hiBTvHVzSNh-cHJ-75ONXXO8UKWqVdgeB17vWsiwt5L4raOVI3Gl196HQyxyAk31JvqnhlyTFQCkTkXhlys
Request Chain 253
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECw3qFutKKeefxlQVbOq18s&google_cver=1&google_push=AehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVqfUr0xkFaDzVTpSLTbYq6lm-Yo6qzIw_80zs__LBNUgek4QD4KjIqyCfcmmLWcVB5GCYt4BVsPnDsAK3J_KMCb3sxEMjYGXnRFulmN9A HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESECw3qFutKKeefxlQVbOq18s%26google_cver%3D1%26google_push%3DAehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVqfUr0xkFaDzVTpSLTbYq6lm-Yo6qzIw_80zs__LBNUgek4QD4KjIqyCfcmmLWcVB5GCYt4BVsPnDsAK3J_KMCb3sxEMjYGXnRFulmN9A HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A5235469453863541908&exchange=193&google_gid=CAESECw3qFutKKeefxlQVbOq18s&google_cver=1&google_push=AehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVqfUr0xkFaDzVTpSLTbYq6lm-Yo6qzIw_80zs__LBNUgek4QD4KjIqyCfcmmLWcVB5GCYt4BVsPnDsAK3J_KMCb3sxEMjYGXnRFulmN9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTUyMzU0Njk0NTM4NjM1NDE5MDg&google_push=AehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVqfUr0xkFaDzVTpSLTbYq6lm-Yo6qzIw_80zs__LBNUgek4QD4KjIqyCfcmmLWcVB5GCYt4BVsPnDsAK3J_KMCb3sxEMjYGXnRFulmN9A
Request Chain 264
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A&gdpr=0&gdpr_consent=
Request Chain 266
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L7480UET-18-BG0B&gdpr=0
Request Chain 268
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=smartadserver&uid=3775013826742675334
Request Chain 269
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzc3NzEwMUYtNzc2NS00QjBDLThGQjUtMUMzMDY3OEIyQzIz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dpubmatic%26uid%3D3777101F-7765-4B0C-8FB5-1C30678B2C23 HTTP 302
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=pubmatic&uid=3777101F-7765-4B0C-8FB5-1C30678B2C23
Request Chain 270
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_privacy=&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=index_rtb&uid=YwL9Lfw24S4I4MKePM2kEQAA%26261
Request Chain 271
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=sovrn&uid=FL7nELZHx1aT96D3TVamStyy
Request Chain 272
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=appnexus&uid=743498007902742434
Request Chain 277
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0a600e4e-96d4-4f57-a4f7-77818b1f684d&dongle=0cfd
Request Chain 278
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjIwMjg1MDU3OTEzMzk4NzEyMQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECQjX9_mK1BRmB6gVA1qm94&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 280
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjIwMjg1MDU3OTEzMzk4NzEyMQ%3D%3D
Request Chain 281
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=6202850579133987121&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=6202850579133987121&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=92782178-f6df-422b-8aa9-18da9346a5d4&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=92782178-f6df-422b-8aa9-18da9346a5d4&_noobservation=1&_expected_cookie=90b59c06050d1de568498ed9d6269078
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=6202850579133987121&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=6202850579133987121&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf841d67-8696-44ac-9943-2f52cda65d01&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=ff6545ae-426f-4d00-9b6d-b32eae13e378&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 284
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/6202850579133987121?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-4MgSoKFE2oSxRzgeNwthU0ViP_bWMBNz.ooFvo.gBQ--~A&dongle=0883
Request Chain 285
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=6202850579133987121 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=6202850579133987121&dcc=t
Request Chain 286
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ow3MlYN6133EmVaHRa-Q&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N53TGTLMLFHDMMJTGNCW2VTBJBJGCLKR&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N53TGTLMLFHDMMJTGNCW2VTBJBJGCLKR HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ow3MlYN6133EmVaHRa-Q
Request Chain 295
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 296
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Drkt%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=rkt&refUrl=&vid=11402694373041418686833446000V10&ovsid=2018808911873235956
Request Chain 298
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dapx%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=apx&refUrl=&vid=11402694373041418686833446000V10&ovsid=743498007902742434
Request Chain 299
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dopx%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=opx&refUrl=&vid=11402694373041418686833446000V10&ovsid=8e6caf32-d004-4726-90c1-c031c0cb3ba2
Request Chain 300
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dr1%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dr1%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D%5BRX_UUID%5D&cb=1661140269961 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=669392078 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0a600e4e-96d4-4f57-a4f7-77818b1f684d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dr1%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DRX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=r1&refUrl=&vid=11402694373041418686833446000V10&ovsid=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA0MTQxODY4NjgzMzQ0NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
Request Chain 302
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Ddxu%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Ddxu%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=dxu&refUrl=&vid=11402694373041418686833446000V10&ovsid=xraEYFtU1OpYt05
Request Chain 303
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=db2de2ca-e437-4e0f-a676-6495489bc2cf
Request Chain 304
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ff6545ae-426f-4d00-9b6d-b32eae13e378&google_hm=ZmY2NTQ1YWUtNDI2Zi00ZDAwLTliNmQtYjMyZWFlMTNlMzc4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDnMk2MEjwhI497kKFcoGi8&google_cver=1&ssp=medianet&bsw_param=ff6545ae-426f-4d00-9b6d-b32eae13e378 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 305
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dzem%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=sQya3yDPV94ektUWEjY_&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLTKF4WCM3ZIRIFMOJUMVVXIVKXIVVFSXZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTCNBQGI3DSNBTG4ZTANBRGQYTQNRYGY4DGMZUGQ3DAMBQKYYTAJTWONUWIPJTGA2DCNBRHA3DQNRYGMZTINBWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLTKF4WCM3ZIRIFMOJUMVVXIVKXIVVFSXZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTCNBQGI3DSNBTG4ZTANBRGQYTQNRYGY4DGMZUGQ3DAMBQKYYTAJTWONUWIPJTGA2DCNBRHA3DQNRYGMZTINBWGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=sQya3yDPV94ektUWEjY_&refUrl=&type=zem&vid=11402694373041418686833446000V10&vsid=3041418686833446000V10
Request Chain 306
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3041418686833446000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3041418686833446000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3d16715a-567b-45dd-b28a-30f7f5638b6d&cs=1
Request Chain 308
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Request Chain 310
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGQDQTw1pdLQJ5iTzjfKCeA&google_cver=1&google_push=AehlK4CxmXmtnLBiQojwbSmMhxAtanZkj6f72WSAdQeHELnzvUsJQ78fMhC9130o4bxPRn3yXT55u6ssi4pfcLody7rZyGUyz0T7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE5NzIxNjE4MzI4ODYwNTM2Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxGZjGRSaZDPTuULeheD70&google_cver=1
Request Chain 312
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEBifjLJK98l-y6fAew4E-I&google_cver=1&google_push=AehlK4Bkb1Bq04fl_p_yrsrzv7qbvyxGP8Xo_i9hLjLTvK8FHbS5HKP3b5hTJHV1YxexaYmdZTIZcMTcTHx6QAQOqQVKH8f9OWyXww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBifjLJK98l-y6fAew4E-I&google_push=AehlK4Bkb1Bq04fl_p_yrsrzv7qbvyxGP8Xo_i9hLjLTvK8FHbS5HKP3b5hTJHV1YxexaYmdZTIZcMTcTHx6QAQOqQVKH8f9OWyXww
Request Chain 313
  • https://fksnk.com/cs/google?google_gid=CAESEAJpP3L3NaLdj-Y7g4nqfHg&google_cver=1&google_push=AehlK4BwibYT-cw7YMTLEy21rjjbJ21SAuH3Qe1nWvgFKSfH9ienp3ngd3dhpLuomPMRrlDqOwkqPVpGqypI411kWRduWHic6xYnxA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDk1REI3OTZDMEE5NDQ1OA==
Request Chain 314
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENX54z6DjN43fge-_npYpZQ&google_cver=1&google_push=AehlK4Awdxp912VO-_ypNWhHIP-9FYW6fUtRNwQ2wbrARSxj15GSBeSNEq02p-2c_ikbza4LiInbrOMhNBRYEC9MvdyUANt79RohYg HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENX54z6DjN43fge-_npYpZQ&google_cver=1&google_push=AehlK4Awdxp912VO-_ypNWhHIP-9FYW6fUtRNwQ2wbrARSxj15GSBeSNEq02p-2c_ikbza4LiInbrOMhNBRYEC9MvdyUANt79RohYg&prevuid=05030001_6302fd2e9a305&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Awdxp912VO-_ypNWhHIP-9FYW6fUtRNwQ2wbrARSxj15GSBeSNEq02p-2c_ikbza4LiInbrOMhNBRYEC9MvdyUANt79RohYg&google_hm=MDUwMzAwMDFfNjMwMmZkMmU5YTMwNQ%3D%3D
Request Chain 316
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECf8F_hLnzM1WrHCCQoK5TA&google_cver=1&google_push=AehlK4BqZPp7FwaTplsiBcWnm6Lya4Px3-gbe7ZfJXHD01xPW3dcIxre4LzuVT3x9M2dFQSNKGAjwjczFniixAWC1yxPVF3PXVNFPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0ODBVRVQtMTgtQkcwQg==&google_push=AehlK4BqZPp7FwaTplsiBcWnm6Lya4Px3-gbe7ZfJXHD01xPW3dcIxre4LzuVT3x9M2dFQSNKGAjwjczFniixAWC1yxPVF3PXVNFPg
Request Chain 320
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0MTQxODY5NjgzMzQ2OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
Request Chain 322
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEDrFxNd3Klm2WPg_pZOCVg&google_cver=1&google_push=AehlK4DR8cUuRCMaDDcU6y1LmBBw4vz_-UVdohHkJYs1_ZSLc6Cbt8vVrY-Su7fxoH7Uf8wBs9rzWkEKiGG0kNuy4lrh3_hNYOTpatvrZK_x3oHEpkmZheqSrnOUheHz5k4lJP3y0ngBx0E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DR8cUuRCMaDDcU6y1LmBBw4vz_-UVdohHkJYs1_ZSLc6Cbt8vVrY-Su7fxoH7Uf8wBs9rzWkEKiGG0kNuy4lrh3_hNYOTpatvrZK_x3oHEpkmZheqSrnOUheHz5k4lJP3y0ngBx0E
Request Chain 323
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEEN4qjJPNchR0Zyx0Pyw1mA&google_cver=1&google_push=AehlK4BSWVjtX6b10LbV8YLU221BSLmMETvHC3ul3tbG_wcQzVJBzT7LOwjJrKc6SFzNcfiT1JUD5ln4ZxG4gupYIbogRAyDQD0xBFgV3_aIQwNgBFwlCPu3xwKv6b6bykHdFG5VQPzmO30 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4BSWVjtX6b10LbV8YLU221BSLmMETvHC3ul3tbG_wcQzVJBzT7LOwjJrKc6SFzNcfiT1JUD5ln4ZxG4gupYIbogRAyDQD0xBFgV3_aIQwNgBFwlCPu3xwKv6b6bykHdFG5VQPzmO30&google_hm=d1RtY29oYXZoc1c3QTNhcS14WVM1SFJoS2lR&from_google=pc1
Request Chain 324
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELNc4LBQmEcCfnmyKZvFKtk&google_cver=1&google_push=AehlK4BBsXT_XWhASG3_WWlx2vecxsZ2_nQm_eOy7SimX24vf1ZpcXbzgt2KoHnJ0NjIOdyW_WXRiymoVXWSiaUxZ4RyR9iTXxRbn0UbjbBlLmwR8v48sjayAzUNUK3rl4-A0ImWCSGxdDI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZDA2ZjQ3ZTQtNDdmOS00MmU3LWJiMjgtZmM5MWM5MmUyMWIw&google_gid=CAESELNc4LBQmEcCfnmyKZvFKtk&google_cver=1&google_push=AehlK4BBsXT_XWhASG3_WWlx2vecxsZ2_nQm_eOy7SimX24vf1ZpcXbzgt2KoHnJ0NjIOdyW_WXRiymoVXWSiaUxZ4RyR9iTXxRbn0UbjbBlLmwR8v48sjayAzUNUK3rl4-A0ImWCSGxdDI
Request Chain 325
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDskhYMxTHYa-rVIcmcYXcg&google_cver=1&google_push=AehlK4AxpTOJOLDlP7VN6iRbxXD420NPptytbKAj45s0pNZW9n3f76XE2362FQ03J6Qdbm-NklWs7jcZCA_EF1ZD0hckStf0w_KFGNur0Y8NlqrZvjGJqhm63v7RfQZGyaoAT8fBKFZJqu8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AxpTOJOLDlP7VN6iRbxXD420NPptytbKAj45s0pNZW9n3f76XE2362FQ03J6Qdbm-NklWs7jcZCA_EF1ZD0hckStf0w_KFGNur0Y8NlqrZvjGJqhm63v7RfQZGyaoAT8fBKFZJqu8&google_hm=mRZMkdKCxOgV-vLooT2TxA==
Request Chain 326
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEF_tCdwCjDZR_S1_8LaDaso&google_cver=1&google_push=AehlK4AdFk_SqNmwbbJ0SypqhVRpLOrLka7V-F7F9Mx8Qzu7ekHZqS5UemI5TgzTJ2bhlzt1upzTspRiXWoqZiXLKxwFaeBAapYV4p5bQb9wzSoScpeAfHnJXEOqrscioWZJx-M6rehJQjg HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4AdFk_SqNmwbbJ0SypqhVRpLOrLka7V-F7F9Mx8Qzu7ekHZqS5UemI5TgzTJ2bhlzt1upzTspRiXWoqZiXLKxwFaeBAapYV4p5bQb9wzSoScpeAfHnJXEOqrscioWZJx-M6rehJQjg
Request Chain 327
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJpzvSHP-ll6_n8dj8fIzNM&google_cver=1&google_push=AehlK4DbdhjvDlR5PPC2f-1arMLyZM_Hwfv_Zli7_MfCAcUcTepZvkTpAdmlbvNKOPZCfdxI0i94-iMyDkdb8lOjbez4KiUvHInIkgjlSFZOdOlJTjpTnS7PRLCqc-rMqvkTeh89CSqhUUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4DbdhjvDlR5PPC2f-1arMLyZM_Hwfv_Zli7_MfCAcUcTepZvkTpAdmlbvNKOPZCfdxI0i94-iMyDkdb8lOjbez4KiUvHInIkgjlSFZOdOlJTjpTnS7PRLCqc-rMqvkTeh89CSqhUUw&google_hm=NjgxNjEzNDQ3OTQ1NDYyNzY0Ng%3D%3D
Request Chain 328
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEcHUAOHzWYZGUPpeik_xu4&google_cver=1&google_push=AehlK4B0kHivZp6l--8eota6VTorGCJfVOqgeT-GUnowsgsfelkFMqZkT7oLHQWZEh8SO_PlfuVBXK_RNpwfo63ZezY090iGbhRaHDe-gz0giuKHHXMIac5KDgnPLneAe3Z8hOKNO4WPLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4B0kHivZp6l--8eota6VTorGCJfVOqgeT-GUnowsgsfelkFMqZkT7oLHQWZEh8SO_PlfuVBXK_RNpwfo63ZezY090iGbhRaHDe-gz0giuKHHXMIac5KDgnPLneAe3Z8hOKNO4WPLg&google_hm=WXdMOUxjQ281dVlBQU80OVlUUUFBQUFB
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0MTQxODY5NjgzMzQ2OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
Request Chain 333
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Request Chain 340
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 341
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7480UET-18-BG0B&gdpr=0&us_privacy=1YN-
Request Chain 342
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=743498007902742434
Request Chain 343
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FL7nERZHRGZKQrQKRBGHvI1c
Request Chain 344
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FL7nELZHw7UJ2wN3SvmlBBmc
Request Chain 345
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZWFkOGYxOTktNDE1Zi00MThkLTgxZjYtNjE2MTU5ZDBmNDI2IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMlQwMzo1MToxMC45MjgwODVaIn0=
Request Chain 346
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661140269962 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5779072630 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0a600e4e-96d4-4f57-a4f7-77818b1f684d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dr1%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DRX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=r1&refUrl=&vid=11402694373041418686833446000V10&ovsid=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004
Request Chain 347
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1920574144146992952
Request Chain 348
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=e9bf7a9c-6383-4c34-8e35-06c74d088111
Request Chain 349
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F331%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/331?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=YwL9Lfw24S4I4MKePM2kEQAA%26261 HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F331%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A
Request Chain 353
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0a600e4e-96d4-4f57-a4f7-77818b1f684d&gdpr=0&gdpr_consent=&expires=30
Request Chain 354
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uG8P7pNeSHPoAVBRo1aCfsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2488849446806238951
Request Chain 355
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI1YjY1OGMxNzc5ZTJjZTg2ZmZhMDBjMmQwOTk5NjA2ZTFlMzA2NQ
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPHlLEl9nmuyMXqsaXV4hBw&google_cver=1
Request Chain 357
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0ODBVRVQtMTgtQkcwQg==
Request Chain 358
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7480UET-18-BG0B
Request Chain 359
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 360
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uBksZwFRT5OON-sauWS4Rw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uBksZwFRT5OON-sauWS4Rw
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2EztTdRhhc8-urxPELj7M&google_cver=1
Request Chain 376
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&dcc=t
Request Chain 377
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwL9Lfw24S4I4MKePM2kEQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjKvqW4fa0RHtr6OewWbOE&google_cver=1
Request Chain 378
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a600e4e-96d4-4f57-a4f7-77818b1f684d&expiration=1663732270&gdpr=0&gdpr_consent=
Request Chain 379
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB
Request Chain 380
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=080b22040766854161166544&expiration=[EXPIRATION]
Request Chain 381
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3a526302-fd2e-4a00-91d4-f8a0faba426f
Request Chain 382
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8d87488b-238f-4cef-91af-47e27e7ece1a&expiration=1692676271
Request Chain 386
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6816134479454627646&gdpr=0&gdpr_consent=
Request Chain 387
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=15783f8e5de7c519122148bf1c3d0f966862c442&gdpr=0&gdpr_consent=
Request Chain 388
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjgxNjEzNDQ3OTQ1NDYyNzY0Ng==&gdpr=0&gdpr_consent=
Request Chain 389
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&dcc=t
Request Chain 390
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a600e4e-96d4-4f57-a4f7-77818b1f684d&expiration=1663732270&gdpr=0&gdpr_consent=
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2EztTdRhhc8-urxPELj7M&google_cver=1
Request Chain 392
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwL9Lfw24S4I4MKePM2kEQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjKvqW4fa0RHtr6OewWbOE&google_cver=1
Request Chain 393
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD5Fk7GBfoAABASpwHsrw&expiration=1662349871
Request Chain 394
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=RUDPqykgPqPudohFazgS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2USVIRIHC6LLM5IHCUDVMRXWQRTBPJTVG HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2USVIRIHC6LLM5IHCUDVMRXWQRTBPJTVG HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=RUDPqykgPqPudohFazgS
Request Chain 395
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xraEYFtU1OpYt05
Request Chain 396
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7144266711334741122&uid=Q7144266711334741122&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7144266711334741122
Request Chain 409
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=743498007902742434
Request Chain 411
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28oXy9cG7Si7zVbXPN0H2oN-VzjuALjGekZzHktgU3rbzg6ECcPM5DKZHTY9VIVLvt%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oXy9cG7Si7zVbXPN0H2oN-VzjuALjGekZzHktgU3rbzg6ECcPM5DKZHTY9VIVLvt%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_2d3898a6-7c5c-45a6-bb68-d36168392ad2&obuid=ENC(oXy9cG7Si7zVbXPN0H2oN-VzjuALjGekZzHktgU3rbzg6ECcPM5DKZHTY9VIVLvt) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DoXy9cG7Si7zVbXPN0H2oN-VzjuALjGekZzHktgU3rbzg6ECcPM5DKZHTY9VIVLvt
Request Chain 412
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=b17d62dd-5311-4590-94f5-aeb2ba74a838
Request Chain 413
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f5dd8de1-fc33-4d32-49ef-4d59fe7fc6b7$ip$173.245.209.142
Request Chain 414
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-OxUwPMhE2pe0ZPcpr6JqOmppNkLHqP0xDiUt~A
Request Chain 415
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=eb17feaf-c124-44c4-9a97-3572bdcc5d63
Request Chain 418
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_2d3898a6-7c5c-45a6-bb68-d36168392ad2&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=RUDPqykgPqPudohFazgS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2USVIRIHC6LLM5IHCUDVMRXWQRTBPJTVGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2USVIRIHC6LLM5IHCUDVMRXWQRTBPJTVGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RUDPqykgPqPudohFazgS&us_privacy=1---
Request Chain 419
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=aa77fb1f-820b-49ef-bd60-dafebd8e21f9
Request Chain 420
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004&rndcb=3276895532 HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b757c3aa-bc9c-4905-b1e8-3e6e1215d4dc&expires=1&user_group=5&ssp=adconductor&bsw_param=ff6545ae-426f-4d00-9b6d-b32eae13e378
Request Chain 421
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=eTo29C6La86X&ev=1&pid=558355
Request Chain 422
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6816134479454627646
Request Chain 424
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=ade56302-fd2e-4900-81b6-9408a7a8b32f&gdpr=0&gdpr_consent=
Request Chain 425
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YwL9LQAINHkEXAAK&gdpr=0&gdpr_consent=
Request Chain 428
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Request Chain 430
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YwL9LcCo5uYAAO49YTQAAAAA
Request Chain 431
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YwL9Lfw24S4I4MKePM2kEQAA%26261
Request Chain 432
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Iex7cTtV60KFF24oASJt&pi=gumgum&tc=1
Request Chain 433
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 442
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L7480UET-18-BG0B HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L7480UET-18-BG0B
Request Chain 444
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L7480UET-18-BG0B HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L7480UET-18-BG0B
Request Chain 445
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3777101F-7765-4B0C-8FB5-1C30678B2C23 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3777101F-7765-4B0C-8FB5-1C30678B2C23
Request Chain 446
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a526302-fd2e-4a00-91d4-f8a0faba426f&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 447
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwL9LQAINHkEXAAK&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 449
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 450
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wrmnmnrturg
Request Chain 451
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:xraEYFtU1OpYt05&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 452
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004&rndcb=1709143089 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ff6545ae-426f-4d00-9b6d-b32eae13e378 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ff6545ae-426f-4d00-9b6d-b32eae13e378
Request Chain 454
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=a9a93a8a-21cd-11ed-82d0-b1eae87d11f8 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 455
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hve6EEXJAXGMeVhlLf0CYw
Request Chain 456
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=0be0ff3769714862a980c188680193a4
Request Chain 457
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 461
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c304ba6-8c28-432b-abad-94d31487054c-tuct9fc82af&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 462
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E021DABD8BD74A878C3186B77A86F3C2 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N3cQH3dlSwyPtRwwZ4ssIw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 465
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3777101F-7765-4B0C-8FB5-1C30678B2C23 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=40264f97c37ade9d1f33f3a2ab11413d862159bef9941fff3329a811be860412791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0MDI2NGY5N2MzN2FkZTlkMWYzM2YzYTJhYjExNDEzZDg2MjE1OWJlZjk5NDFmZmYzMzI5YTgxMWJlODYwNDEyNzkxNDI2YjU0MTdkY2UyMRAAGgwIr_qLmAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0MDI2NGY5N2MzN2FkZTlkMWYzM2YzYTJhYjExNDEzZDg2MjE1OWJlZjk5NDFmZmYzMzI5YTgxMWJlODYwNDEyNzkxNDI2YjU0MTdkY2UyMRAAGgwIr_qLmAYSBAgCEABCAEoA&google_gid=CAESEJEs8y-JZRbt2wrRPruErO0&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
Request Chain 466
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3a526302-fd2e-4a00-91d4-f8a0faba426f
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFzOAfCxAAJIjRJGUjbrhfc&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 468
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:42C8EC6DBB384582B75D15A1CBB036AC HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 470
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0a600e4e-96d4-4f57-a4f7-77818b1f684d HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 471
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=743498007902742434&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 472
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uimxgup-s4ihK7LV6Cmshb4i4NahL-OGui9O7oK_ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 473
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=433&user_id=1g65rrddzq5d&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 474
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3777101F-7765-4B0C-8FB5-1C30678B2C23&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-n6XWatVE2uXsU7pMvLzk.ExuhEi2ruM-~A&gdpr=0&gdpr_consent=
Request Chain 475
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Request Chain 476
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3197216183288605362&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 477
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3777101F-7765-4B0C-8FB5-1C30678B2C23&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=64342b9d91932045&is_secure=true&networkId=17100&version=1&nuid=3777101F-7765-4B0C-8FB5-1C30678B2C23&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALduuhvPwOcwNuC_AAAAAAAAA&expiration=1661226671&nuid=3777101F-7765-4B0C-8FB5-1C30678B2C23&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 478
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=743498007902742434 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 492
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L7480UET-18-BG0B HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L7480UET-18-BG0B

485 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
www.bg3.co/a/ 		52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5c9d0358c8ebee35ba7f6eede940efb4172460a76ed1838fdbe23ebc9f73a780

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 22 Aug 2022 03:50:58 GMT
ETag
"ce7e-YTU7cE+boin9Ctjq+GkriN1RzXY"
Expires
Mon, 22 Aug 2022 04:50:58 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72499
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 03:50:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"566a4cf199592f12"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 22 Aug 2022 03:50:59 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 03:51:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d1fae90a9114f57d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 22 Aug 2022 03:51:02 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7576
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 03:50:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"df45f464576212d8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 22 Aug 2022 03:50:59 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31989
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 03:51:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"a1b1c4bb043ec9da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 22 Aug 2022 03:51:02 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3490
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcFeN3VKv6ypKSQi94S3weQLYV%2FDW4LEpKnMuDVwglujEwHJtq2Xfg2s85CREt995Xs748lS4q9CUiak2CNfpOSRUgAwvzRyYK14VUTcXQxKzmtCjIhkPchuU1vFA03hvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
73e8a5c2da01aaf5-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:50:59 GMT
content-encoding
br
last-modified
Sun, 21 Aug 2022 07:00:09 GMT
server
nginx/1.18.0
etag
W/"6301d7f9-8ea7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
9533
expires
Mon, 22 Aug 2022 04:50:59 GMT
adpushup.js
cdn.adpushup.com/42753/ 		513 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
a51abdc945bd68a425eddc829372fe5380aff8fe0343c7246784db121f65f994

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 22 Aug 2022 03:50:59 GMT
content-encoding
br
last-modified
Fri, 19 Aug 2022 10:07:01 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-type
application/javascript
content-length
120666
expires
Mon, 22 Aug 2022 04:50:59 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:00 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1661140260.dop203.la3.t,1661140260.cds215.la3.hn,1661140260.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
b737c3e8b6cf0eb771256b6b0a387e0d.jpg
static.bg3.co/imgs/202111/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/b737c3e8b6cf0eb771256b6b0a387e0d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887fc46f3b4b9f5b4976c9eb04622c1c1fefccffb52ea9011afde8a175df5af5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Mon, 08 Nov 2021 06:29:44 GMT
server
cloudflare
etag
"B737C3E8B6CF0EB771256B6B0A387E0D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjNqUxbySr0TOIuuukD0ThMhp80G9jMxQ0DnLlNxGJrEqRQ9tqDhsLqbWQ1Eu8rWaMm9PbADO532RWVn%2FJJQVlclm1W7CNXl0SpPCNhoFavONZb4GaW%2Bc5aeQcHEcpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c46caaa943-SYD
content-length
8286
expires
Mon, 29 Aug 2022 03:51:01 GMT
6f369c55e78d446bee393d2cbdd0a702.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6f369c55e78d446bee393d2cbdd0a702.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a98a520d51adb642123bc61ed5da6c39eca72b1d48d286948b9865db9c7f5044

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 04:14:50 GMT
server
cloudflare
etag
"6F369C55E78D446BEE393D2CBDD0A702"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9hgAhznMwDjQxeCcge6M1jGliMZ4qpQnrtnLABK3eMto57B2Mh6tUpgZBjWz3qLGp6m1edQpUULF%2B5VYD2%2B6wcoJ9aOxwiJcq7PgEeZYqWQDdPRYxuYvRoo7NHpC3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c46caba943-SYD
content-length
4259
expires
Mon, 29 Aug 2022 03:51:00 GMT
1c8b85796c9e28365ecdffdac5a3dea5.jpg
static.bg3.co/imgs/202202/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202202/1c8b85796c9e28365ecdffdac5a3dea5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f07801cc1c660edd15eb7528fae7d8ce94244c80a29e81da1ae04669b84e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Feb 2022 10:32:36 GMT
server
cloudflare
etag
"1C8B85796C9E28365ECDFFDAC5A3DEA5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjS3b1zm2XANTofRylDd%2FkFpeUG0M3Jka8PGEwFdl0z98tiJ4dWeLCvp%2FjMJIS8i2VRvUUTiWwSQWpnlghU97WG3OC3SsuDs5KaqfnR3hFUB0RdnhHPvleH2j380qSI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c50d56a943-SYD
content-length
2043
expires
Mon, 29 Aug 2022 03:51:01 GMT
9cedb2540835c0140178bbb6cdb8bffc.jpg
static.bg3.co/imgs/202106/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9cedb2540835c0140178bbb6cdb8bffc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a1855fc9973ebd70d89e8598df49ad2b4515e72e3eb157add2727f06cd9dd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 10:33:34 GMT
server
cloudflare
etag
"9CEDB2540835C0140178BBB6CDB8BFFC"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDCi38MMdChMLi5WOnJWo0jGVBs9AOuFcrt8FskXNEOumBtd8Ztg%2FYVxBmFr2Aylc%2Fd9E8wxoYCeqZyMIN%2FSZiFkB0fJd0JXvRaejgJvLxpoDbEM%2FqRJt4LWJxvWxro%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c46cada943-SYD
content-length
2420
expires
Mon, 29 Aug 2022 03:51:00 GMT
f8a68d9107e3586e6627ed755a861fec.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f8a68d9107e3586e6627ed755a861fec.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5658d2f4a61c3d6ea2b10b42f1503899eb68d0a2551d37ae41cecf530f32ed45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 17:30:26 GMT
server
cloudflare
etag
"F8A68D9107E3586E6627ED755A861FEC"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iSTLCgd9U%2Bs8XOtoLEKquQK3S%2FcBuzp1RP7uWS%2BUWX3s7o8XHI66pI%2Bto8IjK9eL0cwH9MOwkCqGmlwYxognce2t88v0B%2BCxpkz2RXMBcMoUbovMEMadXyq1d3Dtoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c46cafa943-SYD
content-length
8874
expires
Mon, 29 Aug 2022 03:51:01 GMT
6aa20f5f48814856a39af212cc79e202.jpg
static.bg3.co/imgs/202106/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6aa20f5f48814856a39af212cc79e202.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52147dd3104e8f66d771bdfee1be4e1c0bcdd2d8d82f4c9f26285bfbbe1d2d39

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 00:19:22 GMT
server
cloudflare
etag
"6AA20F5F48814856A39AF212CC79E202"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mu6zQ8k3naGIoF2s6Wb%2FBumf9576zhNSBUzQy%2FQteAmLQ9BCtSl3yipWchrMRNHzciSoFBu%2BR7ckuFB2O1fbhmCIVNdds5XOz9XpAX0MxHpPASAP7FYzcMz%2FWmqYsiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c46ca9a943-SYD
content-length
4544
expires
Mon, 29 Aug 2022 03:51:00 GMT
e3e204e2df568d21342c8ac944491b75.jpg
static.bg3.co/imgs/202105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e3e204e2df568d21342c8ac944491b75.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597d97e1b73655fc8ab70cb95344b5878ab8142c1f5353cf9427deee83ff35dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 18:43:28 GMT
server
cloudflare
etag
"E3E204E2DF568D21342C8AC944491B75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jGs7xNZTOLnXVl2LUFDQfqug4UwPm4srUi59RN8zQcqyw1gT5E93Mdaewf8ARMeiLvTQntF4LhrnBcFPOUKiO74PZPyGM0JiP2zus9gFESY84xaoAa33%2FW0QPL%2FClQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c46ca5a943-SYD
content-length
3430
expires
Mon, 29 Aug 2022 03:51:00 GMT
0f7cf71ddd91c6cbd05803b4f65e950e.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/0f7cf71ddd91c6cbd05803b4f65e950e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
117b1f9ce8440b0896d528a4172bfa4d94616993534f5b9cb277b0eea4c50c43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 18:25:44 GMT
server
cloudflare
etag
"0F7CF71DDD91C6CBD05803B4F65E950E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ysn1NeZ8BXmZeS1L%2F4%2BKBSchC7%2FBT1HfWFrbi9B2gD7ic0%2FRsVXBb90y%2FOnneVPeqRvRfWTiyadyOrvVJV0TUKg3tr3XbkoyPIo%2B1j9CqXdNrvpp1j8gNslA4QDP1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c46ca8a943-SYD
content-length
7774
expires
Mon, 29 Aug 2022 03:51:00 GMT
6c94e2c3d9722fd963fa1c932ee4fe38.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6c94e2c3d9722fd963fa1c932ee4fe38.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb2d96ed6f3ffb08ba686606bb2f27865ec19eadb376d359e4bfffb267d20cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 02:37:01 GMT
server
cloudflare
etag
"6C94E2C3D9722FD963FA1C932EE4FE38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KujIWiGc%2FCP%2B7IvXYFSSvcHfZIkT%2B0y5WQ5ojQl6WQEcSoxXxci760iti0IkKBJQY9jWF673rA0jSMNeeDuRnM3Q5a23rmu3aPGEjEGqyu9aOZXOkQI6mZxQLCAj0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c46ca7a943-SYD
content-length
9052
expires
Mon, 29 Aug 2022 03:51:00 GMT
657272f8dc2a21dcd929f210eb431f6f.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/657272f8dc2a21dcd929f210eb431f6f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705fb8ab56fbf24a043e6d91c0a24284a4a3c6fff2011ec5e51c4cabfb872923

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 21:51:33 GMT
server
cloudflare
etag
"657272F8DC2A21DCD929F210EB431F6F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1iRE1Yc%2FIGy1PMgO4DKt7icAAieiOJj%2BGVvRHyPw6xmaGQEnWccoXE4I7iCRIBHX0HH5%2BXwjwlf95gGOpx6eYZMLbO9mqLuD5C96ErM4NBUJatXBc4vuTm%2BG%2FJwJ1c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df49a943-SYD
content-length
9268
expires
Mon, 29 Aug 2022 03:51:01 GMT
70675d4e6fab11afdf92f161bdd737f4.jpg
static.bg3.co/imgs/202111/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/70675d4e6fab11afdf92f161bdd737f4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4942982e3e43d32668431a1025248255e5d7ae732890f9ce86c4aba29e762d52

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Tue, 02 Nov 2021 23:13:26 GMT
server
cloudflare
etag
"70675D4E6FAB11AFDF92F161BDD737F4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9mcyy0Ge10cixargZqgN%2FfGT2cmTJrZGHzcyxxzcHzRLgjtl0kiHumXp%2F9ezkMStnOCcgtiLBe3KMGDqifrD2I6KevRQUI2xnkZMERBUbFasQ92YYe9LrB%2FTZGbi9s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df4ca943-SYD
content-length
4665
expires
Mon, 29 Aug 2022 03:51:01 GMT
6e60edf8625f266716538714a3f7aef5.jpg
static.bg3.co/imgs/202206/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202206/6e60edf8625f266716538714a3f7aef5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354bf21bfb9d61843e2f6b0def0edd63b3c2dc9299aa78484259089dc69be819

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 07:04:14 GMT
server
cloudflare
etag
"6E60EDF8625F266716538714A3F7AEF5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlPNk%2FbKAlBPNj0%2F2hHOVu2VJhpXxEXkOLIlBWSKCDy3Sf6y%2BYibS8Su33zigof%2Faz4Fnu3xpZ%2FdTJWb1M%2BmWuY61sWGqMyU2PbmdYeXGhRf%2FehFbSaznDVzHu5m2LA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df4da943-SYD
content-length
3525
expires
Mon, 29 Aug 2022 03:51:01 GMT
208fbe4a960983704af250555de8e225.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/208fbe4a960983704af250555de8e225.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e868b68ba4e38b08bbdd3e4270ccb126982f8e2cc67c1e6a5649c584a45ed43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Tue, 18 May 2021 20:08:11 GMT
server
cloudflare
etag
"208FBE4A960983704AF250555DE8E225"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miNDaxvrLft63zQxYrP9n22o9HgrlsXITVHBkyWF3ENpCKPw2vY5yZkDq8hsA0MqDb3UvzbEbPhJ9Izkfp06%2BNsJoiyxDx5rqfLbtVa0QTJY6onaVFsMQcLCfB1GL%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df4ea943-SYD
content-length
7092
expires
Mon, 29 Aug 2022 03:51:01 GMT
d9cfeb1f019e829c03f90cdccf35d07d.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d9cfeb1f019e829c03f90cdccf35d07d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ffa1e4fb948fdd96c9e8822ec5e8022eb3fa6e752ae04582b46f99eaa6766a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Jun 2021 01:48:37 GMT
server
cloudflare
etag
"D9CFEB1F019E829C03F90CDCCF35D07D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBcl3yRgt1SuQj4P3Lzzm5MELgb8xuGK7tbLSL945DMrCJXlV8d411tH0P5N4hf2xtc3zBz5Imgw8VU3fB%2FZVqJxdiA5Ief5az1wH1ThUKavUiVDy3hhmnJqZ1f5E8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df50a943-SYD
content-length
8317
expires
Mon, 29 Aug 2022 03:51:01 GMT
484e8d96449a258e2ac1b7518c424fe9.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/484e8d96449a258e2ac1b7518c424fe9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c378be2146055cc28a4798a39e9f59d013dd556a1d11842ce4a59e8aa38ec8a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 19:34:32 GMT
server
cloudflare
etag
"484E8D96449A258E2AC1B7518C424FE9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCaKyAMRCqh8ZctLs3o9LI%2F2WQFa5Uo9eVtAome%2F2K%2FEr0cQnVj%2F1u7MMB8t4GB1lq8AEhoOE50NZhfjEAaO1CqtvPG9UESGtD8d1YijVwLBmWV%2BQkqhgi%2B2bHncMIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df52a943-SYD
content-length
4975
expires
Mon, 29 Aug 2022 03:51:01 GMT
667f1570ee67a040f9fff82382367afc.jpg
static.bg3.co/imgs/202106/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/667f1570ee67a040f9fff82382367afc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66290306acdce22c511f270b9a157c5a2f4f5a75e4a685d7e6e1ade3679d2f3f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 00:13:50 GMT
server
cloudflare
etag
"667F1570EE67A040F9FFF82382367AFC"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6TuFUYEd%2FeBI2LvR1uBFM5u0aq49t%2BuBglxmbmLvwdzRrIJwiVPwwcT4RS0OVPFeH7kBMrxMKXbHfdDTN6PmPZv9YQZSJdXcMVPjk4xKmuSNuyFzL2RJtU82tbBcAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df53a943-SYD
content-length
10925
expires
Mon, 29 Aug 2022 03:51:01 GMT
098ecfaa401cf76b0126947c144fe9fc.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/098ecfaa401cf76b0126947c144fe9fc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d817c1a430a822a314276c5b5e8460ce60b8e32e0631931e2c3ef42d492557

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 02:21:35 GMT
server
cloudflare
etag
"098ECFAA401CF76B0126947C144FE9FC"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUR5JB3vABjcUM3Y821Fygg5n0PeXaPBJ37ZeXGv3pV45kNhicPi3zPTdjhpSPf9G3drCwZvtnBz40BTrJPFeANydRqJpMxJ5KKM8HoyJJ2q9CfB4HgYaZYRZt4%2FMVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df54a943-SYD
content-length
4446
expires
Mon, 29 Aug 2022 03:51:01 GMT
519eadd931e25d9584842fa835b80331.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/519eadd931e25d9584842fa835b80331.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7129b13e1fc5ac8ce5576efc8a114388c22d144c36f778bb481a8a3e48435449

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 09:37:10 GMT
server
cloudflare
etag
"519EADD931E25D9584842FA835B80331"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huoy7LaEp9Vy4wqFtdpZJV47AQM%2Fu48RbuyXG%2BcY3xvhe2fYfvJZixltqDxvPzlE6nEq8CodF4UdZpU3rjExyuoFEB%2Fg3b8PCas8r6TVqbwjg30A%2BhEb5pP3zt9muF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df55a943-SYD
content-length
9095
expires
Mon, 29 Aug 2022 03:51:01 GMT
d963f2715eb605f6e0bab3ac9775d587.jpg
static.bg3.co/imgs/202107/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/d963f2715eb605f6e0bab3ac9775d587.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6a8b95c8ccbd093e86f2fef21a8e0517f1c6951c764aca6a6746d7cef2aaf2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Jul 2021 00:04:53 GMT
server
cloudflare
etag
"D963F2715EB605F6E0BAB3AC9775D587"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJ%2F6%2FTovJYlP6whAi%2B3BWUVkKuI5SiaaOAOeUIDSO33ulbfy1GLIW6m7ZmHIW9eQTgaIk4JRhVy%2BR2%2FmKa2Qa2JDok1nPURk8fEwVtfFZxl2TShqar5a1IjUaF%2F6jr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e8a5c6df58a943-SYD
content-length
3294
expires
Mon, 29 Aug 2022 03:51:01 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2977
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 02:45:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ab22edc768bc2763"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 02:45:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
261061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3843
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 03:19:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e1102914dcffd250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 03:19:59 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
159664
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23035
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 07:29:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"65c480cb2d2a17eb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 20 Aug 2023 07:29:56 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
1013 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
c53f4706b6959f19ff2d7b6ac019b91cb3eb325d8e5024c6613e226506d6d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2895
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eR59JBD9DltdhP%2FHGpcar5LdvSysx%2BOid6%2BoXK4s2lr%2BxjYnCHorAuTACz9OIi9YXGJy%2F8xJoo9hmLygTGjgG0s7whUuZHkEayGIQ%2BXYwmop%2BuuZz6A8SoVwMwE8oFcY9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73e8a5c39b15aaf5-SYD
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
0a9906e691335ab30f64396b06cf01d4ffe4dc7b431a545a3e534c31bf3255bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:01 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
0a9906e691335ab30f64396b06cf01d4ffe4dc7b431a545a3e534c31bf3255bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:01 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5596685100481291&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:01 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.15885046232426459&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:01 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:00 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1661140260.dop203.la3.t,1661140260.cds215.la3.hn,1661140260.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
447453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10239
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:33:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"62cdf4b1a7a2ae40"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:33:27 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221420
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57907
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 14:20:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"900caa8e3e134c7a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 14:20:41 GMT
block.jpg
delivery.adrecover.com/ 		631 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1661140261093
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Mon, 22 Aug 2022 04:51:01 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A822 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
3260174f0103f75b0b825a531cbf4431c9700ec73271d56945d3e4564e9426f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40315
x-xss-protection
0
server
cafe
etag
17804839627416395112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 03:51:01 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8E02 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
20bae632845403fa004243570edc3bbbfc17fe6b771816bf13c7b52f7d043d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40303
x-xss-protection
0
server
cafe
etag
14654646104423209812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 03:51:01 GMT
pb.42753.1660729490688.js
cdn.adpushup.com/prebid/ 		327 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 22 Aug 2022 03:51:02 GMT
content-encoding
br
last-modified
Wed, 17 Aug 2022 09:45:26 GMT
server
nginx/1.18.0
etag
W/"62fcb8b6-51a96"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-type
application/javascript
content-length
93943
expires
Tue, 22 Aug 2023 03:51:02 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?event=PAGE_VIEW&data=eyJzaXRlSWQiOjQyNzUzfQ%3D%3D&pxRes=false
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:01 GMT
server
nginx/1.14.0 (Ubuntu)
a26df2d2-fc07-466c-8015-73515a612763
https://www.bg3.co/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/a26df2d2-fc07-466c-8015-73515a612763
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-2610030963545689271.ampproject.net/2208051912001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-2610030963545689271.ampproject.net/2208051912001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame ECEA 		714 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3999
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73e8a5ca58baa7e9-SYD
content-encoding
br
content-type
text/html
date
Mon, 22 Aug 2022 03:51:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df4WdVLe0jfI7LRGEwWh1nJRA1%2FBFCtzTDdRZS9V0xV64q9Ya5r6S0DGLpdwG%2B6%2BHpdUbR5zykfa6AQEexlrykBosIiKTTfB5M4NjFvhUTLgAi%2F2zzg6YWoaxjmkndGenA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:01 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6585 		714 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3999
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73e8a5caf9c1a7e9-SYD
content-encoding
br
content-type
text/html
date
Mon, 22 Aug 2022 03:51:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZweMnuXJpcfl1x244W0sW7r5Dntn9Eicl2s08Irk0fT%2FXpLzBUiHuRfoN4UzO%2FZoeZupP%2FLItilzvcD3xoyUPQo5WtqDJH7edi2%2FbKA%2BUKhx1sCQHnHhXS1GlZeexCh8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame ECEA 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
72a07994c057f2624a5677259e731b7bbf3ae4feb4ac3539aa8bfb294b03a388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28556
x-xss-protection
0
server
sffe
etag
"1310 / 164 of 1000 / last-modified: 1660946906"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Aug 2022 03:51:02 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6585 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
163bfb71e678051ec4084f1b780bc6f561a55b923d335b4450a76223fe0ad819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28560
x-xss-protection
0
server
sffe
etag
"1310 / 257 of 1000 / last-modified: 1660946906"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Aug 2022 03:51:02 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/ Frame A822 		342 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
320d35a22bcea4c087fb12d90f8ec4e080f7ddb5cad2c7f45e0fcaa024f03bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122966
x-xss-protection
0
server
cafe
etag
8574755242649730773
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 03:51:02 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ Frame 8E02 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
5a40d49932c7a63adc7f684b46332ae923c8e0148b3ed3b2e777004eb4c9f3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122628
x-xss-protection
0
server
cafe
etag
8376913495948537891
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 03:51:02 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 22 Aug 2022 03:51:02 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-type
application/javascript
content-length
211
expires
Tue, 22 Aug 2023 03:51:02 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 22 Aug 2022 03:51:02 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-type
application/javascript
content-length
17440
expires
Mon, 22 Aug 2022 04:51:02 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
7aa5aed44c586034cb5f6807292dbb5b2a23a5d1c24c43383e2884e446c93fd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28491
x-xss-protection
0
server
sffe
etag
"1310 / 648 of 1000 / last-modified: 1660946906"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Aug 2022 03:51:05 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:02 GMT
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjExNDAyNjIyODksInBhY2tldElkIjoiMDAwMEE3MDEtMjU3YTJmOTMtOThiYy00MTk1LTg2NDUtMmM1ZTQ1YzEzMjI0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS10YW4tbGlhbmctamlhbi1iYW4tbHVvLXd1LXRvdS1udS1zaGktY2hvbmctc2hhbmctYW4teW91LWtlLXhpYS1waS1iYW8tamluZy16aGVuLXhpYW5nLWNoYW8taGFpLXhpdS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:02 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjExNDAyNjIyOTAsInBhY2tldElkIjoiMDAwMEE3MDEtMjU3YTJmOTMtOThiYy00MTk1LTg2NDUtMmM1ZTQ1YzEzMjI0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS10YW4tbGlhbmctamlhbi1iYW4tbHVvLXd1LXRvdS1udS1zaGktY2hvbmctc2hhbmctYW4teW91LWtlLXhpYS1waS1iYW8tamluZy16aGVuLXhpYW5nLWNoYW8taGFpLXhpdS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:02 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjExNDAyNjIyOTAsInBhY2tldElkIjoiMDAwMEE3MDEtMjU3YTJmOTMtOThiYy00MTk1LTg2NDUtMmM1ZTQ1YzEzMjI0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS10YW4tbGlhbmctamlhbi1iYW4tbHVvLXd1LXRvdS1udS1zaGktY2hvbmctc2hhbmctYW4teW91LWtlLXhpYS1waS1iYW8tamluZy16aGVuLXhpYW5nLWNoYW8taGFpLXhpdS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:02 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjExNDAyNjIyOTUsInBhY2tldElkIjoiMDAwMEE3MDEtMjU3YTJmOTMtOThiYy00MTk1LTg2NDUtMmM1ZTQ1YzEzMjI0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS10YW4tbGlhbmctamlhbi1iYW4tbHVvLXd1LXRvdS1udS1zaGktY2hvbmctc2hhbmctYW4teW91LWtlLXhpYS1waS1iYW8tamluZy16aGVuLXhpYW5nLWNoYW8taGFpLXhpdS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:02 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjExNDAyNjIyOTcsInBhY2tldElkIjoiMDAwMEE3MDEtMjU3YTJmOTMtOThiYy00MTk1LTg2NDUtMmM1ZTQ1YzEzMjI0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS10YW4tbGlhbmctamlhbi1iYW4tbHVvLXd1LXRvdS1udS1zaGktY2hvbmctc2hhbmctYW4teW91LWtlLXhpYS1waS1iYW8tamluZy16aGVuLXhpYW5nLWNoYW8taGFpLXhpdS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:02 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0844 		603 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-34139360532900621213&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3168&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=89005667&ga_cid=amp--QLLC_N89LTnft_ux_yrfw&ga_hid=5667&dt=1661140261494&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&bdt=2307&dtd=464&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:03 GMT
expires
Mon, 22 Aug 2022 03:51:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gtag.json
cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
447299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:36:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d737f3c89b0705df"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:36:03 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame ECEA 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069059
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Aug 2023 11:33:51 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220822
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2956
x-jsd-version
1.0.1439
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19129-FRA, cache-cdg20752-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"669-U3xo+2ctiPtvj8ftIPnQBFf1f4E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPNOoIWdvty8YJqgFpNlkizDqzOZLhJ%2FSseHhoQjeE9ehqtys3D%2FaskMq0AUgFC%2FjC5HwuDRBKc8QNRiaDSCEiZsLLzsnITacYfeJ6IiTXkKnR1EQv003XypcOApWKWfOzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73e8a5d4c9eda889-SYD
access-control-expose-headers
*
json
gum.criteo.com/sid/ 		321 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
190cf577c0c3529de7368d8660aa30c625a7bf5c5e724c2eb6309b535cf25e5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:02 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2148
strict-transport-security
max-age=31536000; preload;
expires
0
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3177e776-7ed2-480c-a2ff-6863dcced0f9%2Ce8b284b1-a95b-4a18-be3c-ec1cef07b56f%2C700db6a4-167b-4956-9a91-c0ad9179d24b&nocache=1661140262440&pubcid=95ecf9f4-d283-4231-a958-76b716039a83&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5569fd3d29f4d2c5e1a0d42879aedcacd5be91c7499915cca274c3d5f9485065

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=903b5f77-43fc-4229-9b07-32fe2736fa3a&nocache=1661140262441&pubcid=95ecf9f4-d283-4231-a958-76b716039a83&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:03 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c55959a7-252e-4d80-8469-61bde943a528&nocache=1661140262441&pubcid=95ecf9f4-d283-4231-a958-76b716039a83&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:03 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b61e08a6-d9ca-4078-9037-39ba50d7fdec&nocache=1661140262441&pubcid=95ecf9f4-d283-4231-a958-76b716039a83&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:03 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
adreq
ads.servenobid.com/ 		818 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6874
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		24 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
06480b7e3810bc630cb0db02a74888ff10148c202127c703b3da4ca93d48d4d9

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
147
content-length
12326
prebid
prebid.media.net/rtb/ 		1 KB
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e0a8e6c28f25fe5d3a02350c2dd08f8d1a4a73bb7d898d2cd2abbc5ab1d1013

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
170
alt-svc
clear
via
1.1 google
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.144.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-144-233.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:03 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 22 Aug 2022 03:51:03 GMT
auction
rtb.adxpremium.services/openrtb2/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
165e52d852a9caed593ba5954f40f0de261bd91c42b9de944f3c09f9dd4a7e5d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
33af763fd0ebc3726beaa69cce9c895aff120e5c7108fe3aab5fd534520abfe3

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cfa670a6f80b6f904228dd50d55f885bf6595b202c716d10fa1e2087b2fc71e5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=95ecf9f4-d283-4231-a958-76b716039a83%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&tk_flint=pbjs_lite_v4.43.0&x_source.tid=34f3077b-570f-4cc5-9e8c-c6b6d24cee21%3B623ea714-8fa5-40d8-99db-ef0f0f268c28%3Bb0bf21f5-4e60-47e3-b1f1-55a1280eeffe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.7485753202595407
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1959448826d3dca4f7710e7c47fd548f199b393888f879e0c788c208f4085ad5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:03 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=88491723072
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cygnus
htlb.casalemedia.com/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2260a274091ab9eca%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22619cbc7ed3173fb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226369d74de16a27e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2265001e25588b6be%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22663b24d1fd6c3a7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22685e8c6aeba0f1d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22702c7872f1c56d5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227134e5d84eccc21%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22619cbc7ed3173fb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22685e8c6aeba0f1d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf491029ae855be81c5c4a9f3cccf53f63bc9b276f45d52f0f8c0520eb3c531f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVV2eZUEZbn6lzpXPHQ3Y1SRF0fDbchMHhw3OBSlPRgCErHK9px79%2FW0s8QPx%2BL%2B6nLDOoVHYurBXeFLra9ujmoPwRLX%2FSaEuHKcuYplKrL5RyiiEgux%2B8xF1PhBawHaiINIaole"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73e8a5d4db68a947-SYD
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2260a274091ab9eca%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22685e8c6aeba0f1d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%227134e5d84eccc21%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf491029ae855be81c5c4a9f3cccf53f63bc9b276f45d52f0f8c0520eb3c531f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9Bp2iVW74ZNVPy3FlUCqj1VqYEoSbaYKARuHDIGEXQWHBgii0mzfuh5X9O7oxaty%2BXVnqpe6FS3r4bGT9c7Dg30Csevf89zD28iUu6QmqIs4rcbENwpEBjPFIJZ2S%2BtRYhkCAgG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73e8a5d4db6aa947-SYD
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		50 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5ccd15f4d57172a883f1e07947fcc76efa0d81819b2c72b80032446c824f2b51
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 Aug 2022 03:51:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
118bcdc6-dee7-48e6-9d33-e27ecb8f4ccd
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
etag
"gV5iHc/sd8Rde4C/i53H5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 29 Aug 2022 03:51:03 GMT
pubads_impl_2022081801.js
securepubads.g.doubleclick.net/gpt/ Frame 6585 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133681
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 08:36:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Aug 2023 11:32:06 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 22 Aug 2022 03:51:03 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1232
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie.js
partner.googleadservices.com/gampad/ Frame A822 		379 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
6055603d3e8af8889eae1bf7e3c345d9643ffa5ab9413b7068f1f24431e93b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame A822 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A822 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 050B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-58.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1185
content-length
673
content-type
text/html
date
Mon, 22 Aug 2022 03:31:20 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
x-amz-cf-id
bG8jfwKXqyAhNWNwlRD4pL6xs-86-jp7l3HgeUE6JE-eJYksj5RBWQ==
x-amz-cf-pop
SIN2-C1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:03 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 8E02 		379 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
56368d49f4817b9887057f7f88a7b70edf279bccec0acf04f046763f96ec8f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 8E02 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8E02 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame A566
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-58.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1185
content-length
673
content-type
text/html
date
Mon, 22 Aug 2022 03:31:20 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
x-amz-cf-id
JgDDW-9050DBV7AnKv4pMuH3kG1g8i-qex8AkOncRjecWdbqM6N9Mg==
x-amz-cf-pop
SIN2-C1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:03 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%B5%B7%E7%81%98%E9%A9%9A%E8%A6%8B%E3%80%8C%E5%8D%8A%E8%A3%B8%E7%84%A1%E9%A0%AD%E5%A5%B3%E5%B1%8D%E3%80%8D%E8%A1%9D%E4%B8%8A%E5%B2%B8%EF%BC%81%E9%81%8A%E5%AE%A2%E5%9A%87%E5%A3%9E%E5%A0%B1%E8%AD%A6%E3%80%80%E7%9C%9F%E7%9B%B8%E8%B6%85%E5%AE%B3%E7%BE%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp--QLLC_N89LTnft_ux_yrfw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.5344124836340236&gjid=0.5615765925138083&_r=1&a=5667&z=0.14408339743135556&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-50.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:04:48 GMT
via
1.1 40346f3f2e6491f9dd0c511645b5834c.cloudfront.net (CloudFront)
age
2776
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 28 Jul 2022 16:54:54 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
x-amz-cf-id
EzxfUGVBbjdm1UBfqnihGz_MQK4fSrUqWG-nKr50l6lXO8KlMP-QLw==
integrator.js
adservice.google.com.au/adsid/ Frame 6585 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6585 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6585 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=220821798207521&correlator=4166806915669511&eid=31068500%2C31068830%2C31068929%2C31069060%2C44742768%2C31067826&output=ldjh&gdfp_req=1&vrg=2022081801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661140263485&lmt=1644386353&dlt=1661140261658&idt=1794&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=rwz9t3wwvzxg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1313523302.1661140263&ga_sid=1661140263&ga_hid=706250560&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ee1b361d4e867f92f0a603315c565725a7ceb394d621ba6b804e280d95d043fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c81b7725fb2574a4e0cac51dc1610615.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2ED9 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c81b7725fb2574a4e0cac51dc1610615.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:04 GMT
expires
Tue, 22 Aug 2023 03:51:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame ECEA 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069059
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ECEA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069059
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ECEA 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3634049988791698&correlator=3166002662264740&eid=31068985%2C31069059%2C44764001%2C31062931&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661140263537&lmt=1644386353&dlt=1661140261555&idt=1957&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=3snyxc7jrh17&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1533077574.1661140264&ga_sid=1661140264&ga_hid=1152188012&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069059
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
b13574f0328525ad255ce5eadb2aae1169eaadaa2dc0bd2127666463ebe1e8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9ae9d187ea7c7cce2a5abf32f2fd32d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0066 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ae9d187ea7c7cce2a5abf32f2fd32d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069059
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:04 GMT
expires
Tue, 22 Aug 2023 03:51:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIyNDg3NzlfMTY2MTE0MDI2MzYyMSIsInVzZXJJZCI6IjE0MzIyMF8xNjYxMTQwMjYzNjIxIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMjkyMjUwXzE2NjExNDAyNjM2MjEiLCJwYWdlUGF0aCI6IiUyRmElMkZoYWktdGFuLWxpYW5nLWppYW4tYmFuLWx1by13dS10b3UtbnUtc2hpLWNob25nLXNoYW5nLWFuLXlvdS1rZS14aWEtcGktYmFvLWppbmctemhlbi14aWFuZy1jaGFvLWhhaS14aXUuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZoYWktdGFuLWxpYW5nLWppYW4tYmFuLWx1by13dS10b3UtbnUtc2hpLWNob25nLXNoYW5nLWFuLXlvdS1rZS14aWEtcGktYmFvLWppbmctemhlbi14aWFuZy1jaGFvLWhhaS14aXUuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjExNDAyNjM2MjJ9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:03 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvaGFpLXRhbi1saWFuZy1qaWFuLWJhbi1sdW8td3UtdG91LW51LXNoaS1jaG9uZy1zaGFuZy1hbi15b3Uta2UteGlhLXBpLWJhby1qaW5nLXpoZW4teGlhbmctY2hhby1oYWkteGl1Lmh0bWw=.json
cdn.adpushup.com/42753/ 		65 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvaGFpLXRhbi1saWFuZy1qaWFuLWJhbi1sdW8td3UtdG91LW51LXNoaS1jaG9uZy1zaGFuZy1hbi15b3Uta2UteGlhLXBpLWJhby1qaW5nLXpoZW4teGlhbmctY2hhby1oYWkteGl1Lmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
a0281357fd67062678e0f94adc9cb3317b327c7c0bcdb9cd825e871fef23cee0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
gzip
last-modified
Sat, 20 Aug 2022 10:42:39 GMT
server
nginx/1.18.0
etag
"6300ba9f-10299"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=225, origin; dur=433
accept-ranges
bytes
content-type
application/json
content-length
29221
expires
Mon, 22 Aug 2022 04:51:04 GMT
pixel;r=1753645547;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html;uh=e51ed67df...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1753645547;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-375065468-1661140263977;pbc=95ecf9f4-d283-4231-a958-76b716039a83;ns=0;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1661140263977;tzo=0;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6585 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
374584442f82c03dea97d056c31939debcf62f80deabae4053cf3b226c5afb66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11132
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 050B 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
3057368a96c56c12aeeb96ba4bc5700265696e2e69ce3c1672d063118f91f99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40299
x-xss-protection
0
server
cafe
etag
7030364858260221325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 03:51:04 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A566 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
f0e6285f4491c162ed31a117d85f162c73f32bd2fcdac55de82bc4e3282cf99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40299
x-xss-protection
0
server
cafe
etag
1553376494537943629
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 03:51:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame ECEA 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069059
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4190b9c5f8a1bcd3b415017bd8b7695bb316c9792ae2bd7d8a9bd4067e8e5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11045
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bfbd8c3deb99d7413bd307b503c1b8be39194efa874920283eda9d57a696b5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72478
x-xss-protection
0
expires
Mon, 22 Aug 2022 03:51:04 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageVisited&data=eyJzZXNzaW9uSWQiOiIyNDg3NzlfMTY2MTE0MDI2MzYyMSIsInVzZXJJZCI6IjE0MzIyMF8xNjYxMTQwMjYzNjIxIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMjkyMjUwXzE2NjExNDAyNjM2MjEiLCJwYWdlUGF0aCI6IiUyRmElMkZoYWktdGFuLWxpYW5nLWppYW4tYmFuLWx1by13dS10b3UtbnUtc2hpLWNob25nLXNoYW5nLWFuLXlvdS1rZS14aWEtcGktYmFvLWppbmctemhlbi14aWFuZy1jaGFvLWhhaS14aXUuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZoYWktdGFuLWxpYW5nLWppYW4tYmFuLWx1by13dS10b3UtbnUtc2hpLWNob25nLXNoYW5nLWFuLXlvdS1rZS14aWEtcGktYmFvLWppbmctemhlbi14aWFuZy1jaGFvLWhhaS14aXUuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjExNDAyNjQ1MTR9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:04 GMT
server
nginx/1.14.0 (Ubuntu)
css2
fonts.googleapis.com/ 		3 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 02:58:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Aug 2022 03:51:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Aug 2022 03:51:05 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ Frame 050B 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
07911f80d027f5d10a099a849cadfec5d9b62cc21897b8d6688a587642d43e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
978636821533596774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 03:51:06 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ Frame A566 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
cdd4c9c54a988c06e93f9c7d5a1c825f2d696b5c82c1c2cb931c0d0e6087ed40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
6155813563772443961
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 03:51:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6585 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ECEA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069059
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:08 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8h0&_p=5667&cid=806427578.1661140265&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661140265&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&dt=%E6%B5%B7%E7%81%98%E9%A9%9A%E8%A6%8B%E3%80%8C%E5%8D%8A%E8%A3%B8%E7%84%A1%E9%A0%AD%E5%A5%B3%E5%B1%8D%E3%80%8D%E8%A1%9D%E4%B8%8A%E5%B2%B8%EF%BC%81%E9%81%8A%E5%AE%A2%E5%9A%87%E5%A3%9E%E5%A0%B1%E8%AD%A6%E3%80%80%E7%9C%9F%E7%9B%B8%E8%B6%85%E5%AE%B3%E7%BE%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview_to_pub_ga_failed_unique&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:05 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 Aug 2022 03:51:05 GMT
pubads_impl_2022081601.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 13:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398976
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133485
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 13:01:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Mon, 22 Aug 2022 03:51:06 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		318 KB
67 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1330090257321306&correlator=1907857087865835&eid=31069030%2C44764001%2C31067826%2C31064019&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D82f1250c0c6bee%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D838517e94f81a5c%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D84d4afd9413a0c7%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue%26link_preview%3DnoPreviewPage%26link_preview_custom%3DnoPreviewPage-DESKTOP-NEW&sc=1&cookie=ID%3De392b00f4598d0c6-2255e39dbbd500e8%3AT%3D1661140263%3ART%3D1661140263%3AS%3DALNI_Mbjnt_T6naJKCxgUEU02JUkitSC3w&gpic=UID%3D000008dec8ac2ceb%3AT%3D1661140263%3ART%3D1661140263%3AS%3DALNI_Mb0Q3maZMcwdrYC10dcZG6nRWCQ5Q&arp=1&abxe=1&dt=1661140266119&lmt=1661140266&dlt=1661140259187&idt=6601&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=806427578.1661140265&ga_sid=1661140266&ga_hid=5667&ga_fc=true&ga_cid=amp--QLLC_N89LTnft_ux_yrfw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
b82bf2f25434a76e0d9bc08f1101d9b89c52bd9d122eb7707bdf70b6aae29346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68363
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B64 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:06 GMT
expires
Tue, 22 Aug 2023 03:51:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 Aug 2022 03:51:06 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 050B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 050B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 283E 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
42d0048eb4f1646f6ad14db53b18c50d4c0b62ac90f71627037bd40e39bbc755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
15656
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:07 GMT
expires
Mon, 22 Aug 2022 03:51:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame A566 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A566 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4EE0 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
1e44b74464c41833096dc8da6bd29299e868fabb9fef4c4f5ce9036cbbc9e905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
15868
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:07 GMT
expires
Mon, 22 Aug 2022 03:51:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B531 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:07 GMT
expires
Tue, 22 Aug 2023 03:51:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 51BF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:07 GMT
expires
Tue, 22 Aug 2023 03:51:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame 72F6 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
21290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Sun, 21 Aug 2022 21:56:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 21 Aug 2023 21:56:17 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 72F6 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
48410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Sun, 21 Aug 2022 14:24:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 21 Aug 2023 14:24:17 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 72F6 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
265953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 01:58:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 01:58:34 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 72F6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
243342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 08:15:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 08:15:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 72F6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
265953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 01:58:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 01:58:34 GMT
truncated
/ Frame 72F6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10259d1ed95c13540a25ed7b7ca4d75294b8f69c7c4ec32832efa9954bbbb97d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
14125457104300219170
tpc.googlesyndication.com/daca_images/simgad/ Frame 72F6 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14125457104300219170
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
0aa98ae796b11e97f2fa0e1e6489cecb276df9b7a0496b3f242ca43fa80d2edb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:07 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76492
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 23:03:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Aug 2023 03:51:07 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 72F6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 16:43:29 GMT
x-content-type-options
nosniff
server
cafe
age
40058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7688947696963022458
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Mon, 22 Aug 2022 16:43:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 72F6 		344 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 13:52:43 GMT
x-content-type-options
nosniff
server
cafe
age
50304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 22 Aug 2022 13:52:43 GMT
l
www.google.com/ads/measurement/ Frame 72F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSy8Bb5Eh9nBBiq5lvqnGJaeuINdaj6jFr4OTh-7-T3dJaFCRGma3OCzQhhBoEXl9tBg4s72tsJOtkOVr9cywDPWRO7pw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 72F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6ri6Kv0CY4TKEYKArtoP_JG7YNb1hd1ris_8_ssQuI2FngsQASC6hMAzYKWAgICQAaAB3uPt5AHIAQKpAgCdhMOPEac-4AIAqAMByAMIqgTWAk_QFhhty7ApUA7OB4kAeOcl4wGGzEoiow0NppLxJWkVuOMD9910jfeZWKs5vQ2aUGEBHb_H2m1fJFUhJO6HiRLdEa_opYksXdO0TJopYYKrQl41rAGnWHhEn24r9A4_755jax1l-vQkEnkuMBv5q7zD_ti_7dJay5hplylJFA3U7U5ZBVKk0CqlGN90-RwGnSzUO2XrftmkZP84i9aGej4je6wa-FymvfmGfwRv3o6s8d3mnmhJ2ZIXX_M5ncnYisfz2FS_lyckQQPQZIbP6wgYICCBVA5dcVil6sn1vD-_jCUDrd-ozEo2T1En5yajM7OFJJbSmcY1DGLTrJr4y3vLv3U_1XwmTbsvsj-xnVcG0i-NjtjCOM8oAz3MRD_9qoEmeNQ8al4zVTfQkPqDeesSipJsapl8SEqNl0BBTKC38tApk7iJhQeQx5_3ImkpgerqQPLlcMAErOC6pIwE4AQBkgUECAQYAZIFBAgFGASgBgKAB4GQ25sCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQirkF0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMK0BUBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=cJZGOcvAp2Q&uach_m=[UACH]
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 7417 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CrtGWKv0CY_DmO7OTssUP2YWO0Aes1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoErgFP0MXQ_J1yv15Y0TJO3eSfbfcViqPnVU0g5pFurQjU2pnylicjnZOEHWxGPY-Fi5jtb3ZumtDiZ2rPiR-GHuGKpXF_ZGXV-ThhdjawM926etJZ6xQAWmvudZ8-mrsasplGR-9SHheFBAOVjUNdI1ZmVigcRfAgmotR59TuioEmUF4NU1qY-u7V9h547kDnzTTEQDIRFJ65Jy3Yfb-1aW9GKkbzYzXj4ZqIS72OKeaABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=sd5phqRt0Rc&uach_m=[UACH]&cid=CAQSKQCsnQUxIqprJDWMNwraNuXnYXyUxglvTOZsg12bdWNmwnAMj5S808pCGAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 22 Aug 2022 03:51:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 7417 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.9962764E-4&viewability=-1&device_id=4&cbdp=0.015&slotVisibility=2&dn=bg3.co&acid=b9000a01cb4749d981266d91c9c05480&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-7c75f56789-dfpz6.SG&ogbdp=0.02&prvReqId=17135287233592_794619512_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1661140267089&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:08 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 22 Aug 2022 03:51:08 GMT
log
qsearch-a.akamaihd.net/ Frame 7417 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=1.0&adtyp=0&req_id=Dnj0fD-qtk2KaPKTWwC09Q&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=66.6783&exp=&fdbk_id=&second_bidder=*&search_res=36&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0147&ogcbdp=0.0200&dfpbd=0.0147&server=1&ogerpm_wd_bkt=0-1&model_version=202208212144_generic_adx_1-cid_1&viewability=-0.0100&dmm_r=0.0000&cut=26&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=AU-NSW&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=1.1500&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1661140267089&cc=AU&strg=harmony&ss=&current_hour=3&time_stamp=2022-08-22+03%3A51%3A07&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=default&dc=apac_sg&splid=&dim4=ogerpm_multiplier_used&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=b9000a01cb4749d981266d91c9c05480&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=2&totalTime=2834990&dmm_m1=2022-08-22+03%3A51%3A07.091656398&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7c75f56789-dfpz6.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:08 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 22 Aug 2022 03:51:08 GMT
nmedianet.js
contextual.media.net/ Frame 7417 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d163dcbc56957d75348b361ca89d3c1a214d38eb3968031387dc6d96f568d02f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"342d730a9a231e5f31372a11fd0ad3fc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 22 Aug 2022 03:51:08 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-20
expires
Mon, 22 Aug 2022 03:56:08 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 7417 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Mon, 22 Aug 2022 03:51:08 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=15032
access-control-allow-credentials
true
content-length
62892
expires
Mon, 22 Aug 2022 08:01:40 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 7417 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 03:36:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7417 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 7417 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 00:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10876
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 00:49:51 GMT
l
www.google.com/ads/measurement/ Frame 7417 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGmW0lL69sZnKaLxriZCnGyLJ6rOgeed6WsZ8lEmtyu46u1Si0aCuDtlX8CXJcZ5nWcC7Lqg_3tIVHrZvoT2ucUWIqFQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 3000 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpH3lK_0CY6rmAoWByAPWv4LoD6zX_fBktPaok-ILwI23ARABIABgpfiRgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAZX1m98DyAEJqAMBqgSuAU_QSDC0KG-DkuM3V9v4inmMjk8m1a3hiM1UHViTFv_xxqcGx3qb44aGRyGtn2sGCIDcwXfsvh7Wze176DQK35iiqGYfnTs7aeNr_EtOz_ebSUyBtXkzsAdpf5BdOTkbBLFT5k3QA84sup-Y7RIDIqRm9tpEZUIGNCJjyECJN4UgMO5kYZoNwSg-B8Pe8LHN5UyONpuFsCABtZo1tOfZBOtnQvG8KcsgihTL3Nyog4AGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=Ppe31nGDrsI&uach_m=[UACH]&cid=CAQSKQCsnQUxREYPwuFld_KidS2ExPv3vHYdftIwGGOO7bn8ZtIWnEhj0-5kGAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 22 Aug 2022 03:51:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 3000 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.9962764E-4&viewability=-1&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=a7200ee529094df29e900f205f80fca8&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-7c75f56789-9xxtf.SG&ogbdp=0.02&prvReqId=22788394563487_1341944493_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1661140267145&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:08 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 22 Aug 2022 03:51:08 GMT
log
qsearch-a.akamaihd.net/ Frame 3000 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=1.0&adtyp=0&req_id=j4Cpgfn6wyWR879oiFdniw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=-0.0100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1661140267145&cc=AU&strg=no_strategy&ss=&current_hour=3&time_stamp=2022-08-22+03%3A51%3A07&rvshhon=&bdp=0.0200&ct=Sydney&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=a7200ee529094df29e900f205f80fca8&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=3&visibility=2&totalTime=3281390&dmm_m1=2022-08-22+03%3A51%3A07.148143227&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7c75f56789-9xxtf.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:08 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 22 Aug 2022 03:51:08 GMT
nmedianet.js
contextual.media.net/ Frame 3000 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cace5323af14053509cfa0a23c408f10b7d83fd978a149fb76f011db3c09aef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"342d730a9a231e5f31372a11fd0ad3fc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 22 Aug 2022 03:51:08 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-20
expires
Mon, 22 Aug 2022 03:56:08 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 3000 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Mon, 22 Aug 2022 03:51:08 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=15032
access-control-allow-credentials
true
content-length
62892
expires
Mon, 22 Aug 2022 08:01:40 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3000 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 03:36:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3000 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3000 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 00:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10876
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 00:49:51 GMT
l
www.google.com/ads/measurement/ Frame 3000 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTN8C9dYZKU-FnpT94z--U1U4deskT6H9atqrHaGoWpdiN2M87hM1zy0kdLfCimeKQd_K8a_-39xP8L20L2gmGSpMmRxA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
11ba241b9597ec96a8a9e01db4cce1e1.js
www.gstatic.com/mysidia/ Frame B531 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 00:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4562
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 22:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 00:01:02 GMT
d7370b68e0b418395bf4335bf6e1f209.js
www.gstatic.com/mysidia/ Frame B531 		135 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d7370b68e0b418395bf4335bf6e1f209.js?tag=video_location/web_och
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
01d28732fdbf3287703d5342fd4c3c0187682033c9978c4b0fa3ea8fe41ceb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 07:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51154
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 13:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 07:30:09 GMT
css
fonts.googleapis.com/ Frame B531 		8 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 03:37:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Aug 2022 03:51:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Aug 2022 03:51:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B531 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 02:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 02:36:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame B531 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 02:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 02:41:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B531 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 03:36:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B531 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 03:04:37 GMT
l
www.google.com/ads/measurement/ Frame B531 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpi5Bu3pANLeZGmJ_ThbQuKGRexiqeqYPW1VSAfME9tqxoKbNmCzHugcMil32fXmb3uSrRwRKeQ7Jl7OKgbDwn01JKpg
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B531 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:07 GMT
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame B531 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 13:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 03:48:15 GMT
css
fonts.googleapis.com/ Frame 51BF 		8 KB
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 03:48:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 22 Aug 2022 03:51:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Aug 2022 03:51:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 51BF 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 02:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 02:36:36 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 51BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsGpZKv0CY4PKEYKArtoP_JG7YPrNhcJnvq2Z4-MPoJaA7JACEAEguoTAM2ClgICAkAGgAZzquPsDyAEJqQIAnYTDjxGnPuACAKgDAcgDywSqBOwCT9A7FFoFF8LyBRyFB8y68htIPGaWELuXC4t7z5xLmlC171kuDY5d7JwYGk-V3JVr2KQpSd6aYgbBq3fDgMSqd0wF_fo5MsPaEac7covGQBuEe7vgadovLOjDg7TvNrsQFwUmvvYiKB6CD1RJeuWGIO9-w4ja5su6cr4NX2Ry308Vpu6jDR_2rFTxZOYTbxLazL1igjtTr2odLVj_TvsDUgleHzswB38jR-XB8O1B_XiVuUK2XseHlgadc0G8qdFbg_50Lg7D0XAQyihfIHf0xbxFWndzePGEDxlPH-AdSkb_uoq_OyS8IGQu1YDCj44pPgiudSLEezknZdLw4YegX1ITtMEcgCNalCzeWHSQChMYEKe8eQPqdzNSp_UQAAJMJAI8dZBGBgpNWDutBNuLzzHVNMpgVmR6-Wf4uWoSjjQOQN-HhJ5u-8AZs-05Dw__6O3afrQkFo3OYVMkObH_RZvLuGGmwPXwlkP_uMAEq6fbwvsD4AQBkgUECAQYAZIFBAgFGASgBi6AB8yVxwSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDRiAvSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwGYDMq11IvyA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=kCvc0b9duJk&uach_m=[UACH]&template_id=515
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 51BF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 02:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 02:41:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 51BF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 03:36:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 51BF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Sep 2022 03:04:37 GMT
l
www.google.com/ads/measurement/ Frame 51BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpJRdzvtAs8aZPOByz0zc2gjEL9s933lZO_Vba-cOqxGPqdMtVnvfQ1j-I-ioFLVIVRHVSO9QUm-K6Os4PZaRD-wNzaA
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51BF 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:07 GMT
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame 51BF 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 13:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 03:48:15 GMT
9601297064202836687
tpc.googlesyndication.com/simgad/ Frame 51BF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9601297064202836687?w=100&h=100
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
37c4de34d63a769957d7baa0840538ad77025bd63c2b78766519b89699f90c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2835
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 23:59:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Aug 2023 03:51:08 GMT
truncated
/ Frame 51BF 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 51BF 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
si
googleads.g.doubleclick.net/pagead/drt/ Frame 72F6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 22 Aug 2022 03:51:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AD67 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
28167
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 20:01:41 GMT
etag
48472445140208031
expires
Mon, 22 Aug 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 51BF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6b79d0d39982b00857d3eb6e62a48d1dc07b2c86682d8c7ae79f9800d502924

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6BD5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
144966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 11:35:02 GMT
expires
Sun, 20 Aug 2023 11:35:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 390D 		783 B
966 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
c03cead1566dc6b3d2b5c7839fd5348ec5d3b06afb477f04848edb16184a69be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y0i2plwUp2H-Fb12XDnMvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-Y0i2plwUp2H-Fb12XDnMvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:08 GMT
expires
Mon, 22 Aug 2022 03:51:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D68B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
144966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 11:35:02 GMT
expires
Sun, 20 Aug 2023 11:35:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E123 		783 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
377cb99bdd97fa07bd52eb67b3f1af94539d08b75264ad82f5cbaab2887c9b14
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D0YauiaQLHoE0aEa6K-8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-D0YauiaQLHoE0aEa6K-8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:08 GMT
expires
Mon, 22 Aug 2022 03:51:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
11550981755661312942
tpc.googlesyndication.com/simgad/ Frame B531 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11550981755661312942
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
0f641a5823444423b64704a1510ca5a9221a7cd12d85b759ecc7fd41a86826c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53389
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 01:12:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Aug 2023 03:51:08 GMT
9601297064202836687
tpc.googlesyndication.com/simgad/ Frame B531 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9601297064202836687?w=100&h=100
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
37c4de34d63a769957d7baa0840538ad77025bd63c2b78766519b89699f90c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2835
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 23:59:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Aug 2023 03:51:08 GMT
data=mjKZE54OyleMS3MJwdntZ3ymhkpr3QOyFtxMaDDOdDY2yxwNbg9JtI8EHe174T9jZ2oSdEnIKR3uJWJ1l3I
mts0.google.com/vt/ Frame B531 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=mjKZE54OyleMS3MJwdntZ3ymhkpr3QOyFtxMaDDOdDY2yxwNbg9JtI8EHe174T9jZ2oSdEnIKR3uJWJ1l3I
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
a28cc4ae9eec1c120a648c49d45fe5d7234c6a9b22067112472cbd1fc09e26b1
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
age
0
date
Mon, 22 Aug 2022 03:51:08 GMT
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40947
x-xss-protection
0
x-server-version-bin
CggIBBDWs/KXBg==
server
scaffolding on HTTPServer2
etag
06571be501671546f
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3122
expires
Mon, 22 Aug 2022 04:43:10 GMT
truncated
/ Frame B531 		301 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B531 		418 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
657465b80b6b28e3bd6f7d1d2ff420208a7021f7ab49decfd4b1b87b9ec41c88

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Aug 2022 03:51:08 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 21 Sep 2022 03:51:08 GMT
pd
u.openx.net/w/1.0/ Frame 15A1 		532 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9635bb0b603b2bae789d9b8147be13d1c967a04afdab2301f0bdbebd6a07499e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Mon, 22 Aug 2022 03:51:08 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame 3137 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-129.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
16012
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 23:24:18 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
x-amz-cf-id
TTNGLUliOCHecvnF8FhFBiCP6WE4FwaKxzH9d0zE7ZuQxLMNGMYFDA==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 3B34
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
0d10a2de2936c6a653e97da68fdb2f222ea25243772a4db309afa06b4f0bfa18

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
453
content-type
text/html; charset=utf-8
date
Mon, 22 Aug 2022 03:51:09 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 22 Aug 2022 03:51:08 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 6941 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.239 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Aug 2022 03:51:09 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9FEB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Aug 2022 03:51:09 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 58A7 		2 KB
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
1e69fc7f240d5cc0fdc344374a19e4fcd46c9dd22e86437900d25e26a6f43574

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
615
content-type
text/html; charset=utf-8
date
Mon, 22 Aug 2022 03:51:08 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame 5750 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1661140263334
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2DF9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
82979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 22 Aug 2022 03:51:08 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 87388
X-Served-By
cache-lga13622-LGA, cache-syd10153-SYD
X-Timer
S1661140269.863831,VS0,VE0
checksync.php
contextual.media.net/ Frame 19A5 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a32f145ebce429e33c7295b9ee1f383ae8b8cf476bd137924c2f26636003087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=119265
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Mon, 22 Aug 2022 03:51:08 GMT
expires
Tue, 23 Aug 2022 12:58:53 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L7480UET-18-BG0B&gdpr=0&us_privacy=1---
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L7480UET-18-BG0B&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L7480UET-18-BG0B&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
/
onetag-sys.com/usync/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A&gdpr=0&gdpr_consent=
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:09 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 51BF 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 05:22:19 GMT
x-content-type-options
nosniff
age
253729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Aug 2023 05:22:19 GMT
pixel
cm.g.doubleclick.net/ Frame AD67
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKgfXv5EIIfXEvJkQEarNnY&google_cver=1&google_push=AehlK4AKIBSy8ERHAnyZkNhcmuxK8rmfNUcueJ1fB4V0SvqsMCXFzYF...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5162947192df2058&is_secure=true&networkId=14000&version=1&google_gid=CAESEKgfXv5EIIfXEvJkQEarNnY&google_cver=1&google_push=AehlK4AKIBSy...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJs7nOA3j76wN0TE5oAAAAAAA&expiration=1661226669&google_cver=1&is_secure=true&google_gid=CAESEKgfXv5EIIfXEvJkQEarN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJs7nOA3j76wN0TE5oAAAAAAA&expiration=1661226669&google_cver=1&is_secure=true&google_gid=CAESEKgfXv5EIIfXEvJkQEarNnY&google_push=AehlK4AKIBSy8ERHAnyZkNhcmuxK8rmfNUcueJ1fB4V0SvqsMCXFzYFJG6srwGDe6Rzk2wN8MW1HO1MVxlQY1irXS-KR3F6Evc5iIka7m6aH3728zVDwLTxznoTPCNzA3Zm7QBoPhdicNSjSKz47IUe1rQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJs7nOA3j76wN0TE5oAAAAAAA&expiration=1661226669&google_cver=1&is_secure=true&google_gid=CAESEKgfXv5EIIfXEvJkQEarNnY&google_push=AehlK4AKIBSy8ERHAnyZkNhcmuxK8rmfNUcueJ1fB4V0SvqsMCXFzYFJG6srwGDe6Rzk2wN8MW1HO1MVxlQY1irXS-KR3F6Evc5iIka7m6aH3728zVDwLTxznoTPCNzA3Zm7QBoPhdicNSjSKz47IUe1rQ
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
i.match
s.tribalfusion.com/z/ Frame AD67
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELl3IxrP190rW4LgCkRCNdQ&google_cver=1&google_push=AehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELl3IxrP190rW4LgCkRCNdQ&google_cver=1&google_push=AehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCe...
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELl3IxrP190rW4LgCkRCNdQ&google_cver=1&google_push=AehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd_xRfJpPj4A0Vm9BUhbwiQAo_KzUu_8pDE7xlO7AP2qRodEpus-I7T0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd_xRfJpPj4A0Vm9BUhbwiQAo_KzUu_8pDE7xlO7AP2qRodEpus-I7T0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73e8a5faae7eaaff-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
635
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73e8a5f89bfbaaff-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELl3IxrP190rW4LgCkRCNdQ&google_cver=1&google_push=AehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd_xRfJpPj4A0Vm9BUhbwiQAo_KzUu_8pDE7xlO7AP2qRodEpus-I7T0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Dyi34rzQVGFFOtRf9tFND61NJl3_X4m-58GSt3tKKzPopm7quVUeseRpUO_noRJnKNmJD8Ny2ZIHwpvZYnIOqgYFfzVCewd_xRfJpPj4A0Vm9BUhbwiQAo_KzUu_8pDE7xlO7AP2qRodEpus-I7T0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD67
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESED-eiZmx2sfxWXby-CS8xhI&google_cver=1&google_push=AehlK4CDuxTix2vtkexcVQG7HV24mfSdHHS2VmFc_0VYGI7hhqA2gIKme4DsEVtPyEB4WKNDxeiseuh2ZbJpq73rZNSPO-fOYn9bhaoqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aHZlNkVFWEpBWEdNZVZobExmMENZdw%3D%3D&google_push=AehlK4CDuxTix2vtkexcVQG7HV24mfSdHHS2VmFc_0VYGI7hhqA2gIKme4DsEVtPyEB4WKNDxeiseuh2ZbJpq...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aHZlNkVFWEpBWEdNZVZobExmMENZdw%3D%3D&google_push=AehlK4CDuxTix2vtkexcVQG7HV24mfSdHHS2VmFc_0VYGI7hhqA2gIKme4DsEVtPyEB4WKNDxeiseuh2ZbJpq73rZNSPO-fOYn9bhaoqnm1zdD5ND9r7HRyjZUT9QTviubHIG869ws4NSEX-I8TZCMNXjw
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aHZlNkVFWEpBWEdNZVZobExmMENZdw%3D%3D&google_push=AehlK4CDuxTix2vtkexcVQG7HV24mfSdHHS2VmFc_0VYGI7hhqA2gIKme4DsEVtPyEB4WKNDxeiseuh2ZbJpq73rZNSPO-fOYn9bhaoqnm1zdD5ND9r7HRyjZUT9QTviubHIG869ws4NSEX-I8TZCMNXjw
date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
297
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame AD67
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDv0LKv29WFqfz-5AeaENzI&google_cver=1&google_push=AehlK4C0Eebz1cCfxwAHRSysw7AMVcI_muVMJIwJwT65e_G7fA-fw52ZNauDxDfuU5hKcLOMErtwUdFuWYt3G...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDv0LKv29WFqfz-5AeaENzI&google_push=AehlK4C0Eebz1cCfxwAHRSysw7AMVcI_muVMJIwJwT65e_G7fA-fw52ZNauDxDfuU5hKcLOMErtwUdFuWYt3G...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C0Eebz1cCfxwAHRSysw7AMVcI_muVMJIwJwT65e_G7fA-fw52ZNauDxDfuU5hKcLOMErtwUdFuWYt3Gnl_2BN_DF_z_OFRzULqVlnhuJrNq5uE2bgHiYRN5f1f-46...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C0Eebz1cCfxwAHRSysw7AMVcI_muVMJIwJwT65e_G7fA-fw52ZNauDxDfuU5hKcLOMErtwUdFuWYt3Gnl_2BN_DF_z_OFRzULqVlnhuJrNq5uE2bgHiYRN5f1f-46AL5OBRlUlaYZ7czWTfh39JA&google_hm=UlVEUHF5a2dQcVB1ZG9oRmF6Z1M=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C0Eebz1cCfxwAHRSysw7AMVcI_muVMJIwJwT65e_G7fA-fw52ZNauDxDfuU5hKcLOMErtwUdFuWYt3Gnl_2BN_DF_z_OFRzULqVlnhuJrNq5uE2bgHiYRN5f1f-46AL5OBRlUlaYZ7czWTfh39JA&google_hm=UlVEUHF5a2dQcVB1ZG9oRmF6Z1M=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
290
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD67
Redirect Chain
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEC_rVkCS1vKZBw6x1ICNUeQ&google_cver=1&google_push=AehlK4AoSJZO5yA82LwmeiMDcQ6jgFSbWpeAn--15YQpbMIfN_pit8rhODkrvMvWP65zgh-NBA7lMVRsX9q6p...
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4AoSJZO5yA82LwmeiMDcQ6jgFSbWpeAn--15YQpbMIfN_pit8rhODkrvMvWP65zgh-NBA7lMVRsX9q6pAQq1wgSQvviYOr2Q0v2hIFIcd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4AoSJZO5yA82LwmeiMDcQ6jgFSbWpeAn--15YQpbMIfN_pit8rhODkrvMvWP65zgh-NBA7lMVRsX9q6pAQq1wgSQvviYOr2Q0v2hIFIcdGJ3eROLDpQ-aLhKvamuFtr5qZC6zoOxf56ZmsMmlDY9ng
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4AoSJZO5yA82LwmeiMDcQ6jgFSbWpeAn--15YQpbMIfN_pit8rhODkrvMvWP65zgh-NBA7lMVRsX9q6pAQq1wgSQvviYOr2Q0v2hIFIcdGJ3eROLDpQ-aLhKvamuFtr5qZC6zoOxf56ZmsMmlDY9ng
Date
Mon, 22 Aug 2022 03:51:09 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame AD67 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEPTWiK4gH4QY_AgAiwAeE6w&google_cver=1&google_push=AehlK4AdO91rDuF85Zxsl8NtqD0BWIv9poNhpSZ8TD7L6Q0_CEFN7bwo4Z4PZLGFvr0pqbdESwJsqsV5ApS42nvh-h4F_pYKB_RarZT4yDtEhiIUGRma-Xd1vP2uX74RC1PRQ1IdR9CLYaq77lXR0TRVww
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame AD67
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEI_ZzhxKfnEsG4JZJ8WFaow&google_cver=1&google_push=AehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5ReQs6MXLh-ivMd...
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMO16WAmY72hN5ygbAc1TU2glnCyRPy5AbBP82OZw&google_push=AehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5Re...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=oxcyRwsggeh-5WA1Vd5c&google_push=AehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5ReQs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=oxcyRwsggeh-5WA1Vd5c&google_push=AehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5ReQs6MXLh-ivMdc1UsgVLpMlypj_PndC2QmbNdC1ffaDXguMw6C0ElPkcZv2gnmhuU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Mon, 22 Aug 2022 03:51:11 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=oxcyRwsggeh-5WA1Vd5c&google_push=AehlK4BAE6ohOGl4k9g7xmUzSatyIrlTu1-OoGfTkEOF6gUZSr_RaJWVOUdR3H_CLqr4hm57-OF_fSfP_aq8VKjuT5ReQs6MXLh-ivMdc1UsgVLpMlypj_PndC2QmbNdC1ffaDXguMw6C0ElPkcZv2gnmhuU
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
281
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame AD67 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhmbGNCbyMiC2qRFA_0CLAZS2kIy3qatdtM0qK286ZqRKBTUbZ1UWvSTRZrP_fs17p7NeyvQ
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 6BD5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
459675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:09:53 GMT
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame D68B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
459675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:09:53 GMT
csi
csi.gstatic.com/ Frame B531 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7480yhd&c=7259849927365&slotId=3629924963682.5&qqid=CIKH-tvF2fkCFQKASwUd_MgODA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d7370b68e0b418395bf4335bf6e1f209.js?tag=video_location/web_och
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.219.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gru14s27-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B531 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRt7fKv0CY4LKEYKArtoP_JG7YPrNhcJnl56xpL8QoJaA7JACEAEguoTAM2ClgICAkAGgAZzquPsDyAEJqQIAnYTDjxGnPuACAKgDAcgDywSqBOoCT9D35tOqKtsAmcgEqP3uvo-wPqXZ_ENxhG0hMAne9fYytqiaR_wtsf0GypzqnQkbM3uZdB2BR-CWoNBkociQX41DFqpnaYIVyUxOahzxbBCCWtdsS6tAJYCM4uxoxubJYzEbmmxg0K64QmI9Ei7A16mhqr1stjMl0T-HuIr4YxE8BxjkzXHVA3FprewOCdyz23gHVdAxMkBQW1iW6CPI6YUkOqmvul2w--aGYtwZewtBAom_jtZYNZqIcIk-7oDADt3C_aVhVpqtf7k0aqHRbevEKSWcxfk7bGw59Q6WYwJ0O--rfxMo1NqSQ2cHaPz3KVA9rbBYWvCrSFfoFFgrRiFUUF-QLdYs8Z4_TGdyjR2WMgqfrBhSVNIvPYydUAGbd2M_DKkzP7fjr-2z1Jz58VT_u-YKeDebg7WEWMdVeQQ4rCiNplSGp4-SzY0Ed0V3rQ5p0uKr2qMkgDVyu5GFNtyJ-JsFMa3OyorABK35vf78A-AEAZIFBAgEGAGSBQQIBRgEoAYugAfMlccEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0IQM0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsBmAzKtdSL8gO4E6EE2BMO0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=2Fumam4FC7o&uach_m=[UACH]&template_id=545
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B8B8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
28167
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 20:01:41 GMT
etag
48472445140208031
expires
Mon, 22 Aug 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B531 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1122028cbee3f3b4da51e736a5bc7e0265be4e3df5b91abffbbfd0a667e93272

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
videoplayback
rr1---sn-ntqe6n7k.googlevideo.com/ Frame B531 		460 KB
460 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-ntqe6n7k.googlevideo.com/videoplayback?expire=1661169066&ei=Kv0CY_uYPLPMpge6r4XoCg&ip=173.245.209.142&id=5e1b00dac4b81a72&itag=18&source=youtube&requiressl=yes&mh=-N&mm=31&mn=sn-ntqe6n7k&ms=au&mv=m&mvi=1&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1658659187640529&mt=1661139915&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAKxuOxa2km-VM6A2eSZL0cOFsn7CuV91JYM8Y8YhmRudAiEAwfkZWCHqK8t78vCeqY9h1Ln-21CxsN0y5w-9iDzMtH0=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPgvWuIfVLy7bkcc6lhz3ijcceR98bTridYxQ8GdBc0RAiEA_g6cS3xT2Kjs4KeO8aStp10QpX3Kyw4CnSqwauGgAOk=&cpn=P3MZF86KnjSTf4Ea
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.194.28.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s07-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
1426378fc6dca28cbdd1d0c75221e662374f35d212525bebf6cea41164822533
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 22 Aug 2022 03:51:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 24 Jul 2022 10:39:47 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-470557/470558
Cache-Control
private, max-age=28497
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
470558
Expires
Mon, 22 Aug 2022 03:51:09 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B531 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 05:22:19 GMT
x-content-type-options
nosniff
age
253729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Aug 2023 05:22:19 GMT
csi
csi.gstatic.com/ Frame B531 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l7480yhq&c=7259849927365&slotId=3629924963682.5&qqid=CIKH-tvF2fkCFQKASwUd_MgODA&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F11ba241b9597ec96a8a9e01db4cce1e1.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d7370b68e0b418395bf4335bf6e1f209.js?tag=video_location/web_och
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.219.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gru14s27-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B531 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l7480yjw&c=7259849927365&slotId=3629924963682.5&qqid=CIKH-tvF2fkCFQKASwUd_MgODA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fd7370b68e0b418395bf4335bf6e1f209.js%253Ftag%253Dvideo_location%252Fweb_och&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d7370b68e0b418395bf4335bf6e1f209.js?tag=video_location/web_och
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.219.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gru14s27-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 15A1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8146108124303731378&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8146108124303731378&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8146108124303731378&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 15A1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4640c6ad-7b04-7dc6-f38e-be5f7224a97e&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a600e4e-96d4-4f57-a4f7-77818b1f684d&ttd_puid=4640c6ad-7b04-7dc6-f38e-be5f7224a97e&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a600e4e-96d4-4f57-a4f7-77818b1f684d&ttd_puid=4640c6ad-7b04-7dc6-f38e-be5f7224a97e&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a600e4e-96d4-4f57-a4f7-77818b1f684d&ttd_puid=4640c6ad-7b04-7dc6-f38e-be5f7224a97e&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 15A1
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwL9LcCo5uYAAO49YMUAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwL9LcCo5uYAAO49YMUAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
56
Date
Mon, 22 Aug 2022 03:51:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":56,"gdpr":false,"ipv4":"173.245.209.142","key":"YwL9LcCo5uYAAO49YMUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad69"}
X-SO-Ads-Time
2
X-SO-Key
YwL9LcCo5uYAAO49YMUAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad69
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwL9LcCo5uYAAO49YMUAAAAA
Cache-Control
private
X-SO-HostName
m-ad69.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-IP
173.245.209.142
sd
jp-u.openx.net/w/1.0/ Frame 15A1
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQ5AiHJOugsNks8ADsaW3ae-Js8AAAGCw6z7WA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQ5AiHJOugsNks8ADsaW3ae-Js8AAAGCw6z7WA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQ5AiHJOugsNks8ADsaW3ae-Js8AAAGCw6z7WA
cache-control
no-cache
content-length
0
x-amz-cf-id
J3NyK-jeJwvu0SNaeSQnB9vgvwUR722ZeoJ0dfW-FJQnIXihEzQD7w==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 15A1 		170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmEyZjE1NjctYjI3My0yMzYyLWU2NmUtZTRlNmI4YzY2NzFl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 15A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFXbfy5rcz-JFw6t6YkYXg4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFXbfy5rcz-JFw6t6YkYXg4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFXbfy5rcz-JFw6t6YkYXg4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 390D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081801&jk=220821798207521&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E123 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=3634049988791698&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cframe.js
assets.a-mo.net/js/ Frame 58A7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.159.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
399
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 16 Aug 2022 15:29:37 GMT
server
cloudflare
etag
W/"b5a666dd0f7ba9330dd36461c34df0c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
SYD62-P2
cf-ray
73e8a5fa88dc6a4b-SYD
x-amz-cf-id
P2nQPgbuPhAa8KZrWgePMZfHRXpWGS2LOlSXIdGVJAlxClPbAAHj_Q==
expires
Mon, 22 Aug 2022 04:51:09 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 72F6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-iraXlmReZFs9pK4p_MwTyP4mdyArLKqYgRzJrpJ0TdhoxelFNxuYV8GwBB6ud9qfXj6XNoLo-icXm3j3PIv8XcJNxjlczgcptx6xwmC4Z398-OZzCMbIL05Osz22DII0PHdE_9VkTovvpZkORaud-4ygdEx-NEXAF2Q5&sai=AMfl-YTJfGL-xvFDxeG8NZLHmEgj_SA2UBWtjFnJyExvsF1-pk_4IC-ItgzSXbcMYFsEfYkvmGTNQgGENRc6WZvpZfQPeOfOYMsTiIwvyCDLaP1ptuHfy_10MGhUxAAF&sig=Cg0ArKJSzBQEfYt9Wc_GEAE&cid=CAASFeRoWWoO1kXN9w0HbUnvt-uSadThKA&id=ampim&o=5,300&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1032&mtos=0,0,1032,1032,1032&tos=0,0,1032,0,0&tfs=657&tls=1689&g=100&h=100&tt=1689&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2DF9 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:09 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b47d4544-7f2d-4e6c-8ce7-7ebc18825b2b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B8B8
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEDhBKVIPMqFQL7rncowZWuY&google_cver=1&google_push=AehlK4BbJvk5XzhUg9MEHVJSCOhAiAM31km-NvDNAmSh4PqfxXRP1-MT54UN2yTc4TWqMzGykgbIm6vKAcosGHiwgB6PscbL...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4BbJvk5XzhUg9MEHVJSCOhAiAM31km-NvDNAmSh4PqfxXRP1-MT54UN2yTc4TWqMzGykgbIm6vKAcosGHiwgB6PscbLfnkpKgjpPBtjwYX9PfJKn0O2bbnlqkyaiVIzT2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4BbJvk5XzhUg9MEHVJSCOhAiAM31km-NvDNAmSh4PqfxXRP1-MT54UN2yTc4TWqMzGykgbIm6vKAcosGHiwgB6PscbLfnkpKgjpPBtjwYX9PfJKn0O2bbnlqkyaiVIzT2oFPyaWqlHVUvTfXBhdCQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4BbJvk5XzhUg9MEHVJSCOhAiAM31km-NvDNAmSh4PqfxXRP1-MT54UN2yTc4TWqMzGykgbIm6vKAcosGHiwgB6PscbLfnkpKgjpPBtjwYX9PfJKn0O2bbnlqkyaiVIzT2oFPyaWqlHVUvTfXBhdCQ
Date
Mon, 22 Aug 2022 03:51:09 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B8B8
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4Ay0DQUQNlVWznCwMW4wP1Vau00_gjGO_1lmeKsvrcSyL2HchfxhX4ebq0gRqMF5BeSzyokiEnV8Fhepm3gT6HzfG71UhxsoXcVAn0GuzHid6Z-gMeiFk5Nc_IPuH4ngS-MKMELUrEljX...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4Ay0DQUQNlVWznCwMW4wP1Vau00_gjGO_1lmeKsvrcSyL2HchfxhX4ebq0gRqMF5BeSzyokiEnV8Fhepm3gT6HzfG71UhxsoXcVAn0GuzHid6Z-gMeiFk5Nc_IPuH4ngS-MKM...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4Ay0DQUQNlVWznCwMW4wP1Vau00_gjGO_1lmeKsvrcSyL2HchfxhX4ebq0gRqMF5BeSzyokiEnV8Fhepm3gT6HzfG71UhxsoXcVAn0GuzHid6Z-gMeiFk5Nc_IPuH4ng...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4Ay0DQUQNlVWznCwMW4wP1Vau00_gjGO_1lmeKsvrcSyL2HchfxhX4ebq0gRqMF5BeSzyokiEnV8Fhepm3gT6HzfG71UhxsoXcVAn0GuzHid6Z-gMeiFk5Nc_IPuH4ngS-MKMELUrEljXhrv_1wEt4&google_hm=Ac1hqY8psvW7ks8ADsd_skkqFsA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
via
1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4Ay0DQUQNlVWznCwMW4wP1Vau00_gjGO_1lmeKsvrcSyL2HchfxhX4ebq0gRqMF5BeSzyokiEnV8Fhepm3gT6HzfG71UhxsoXcVAn0GuzHid6Z-gMeiFk5Nc_IPuH4ngS-MKMELUrEljXhrv_1wEt4&google_hm=Ac1hqY8psvW7ks8ADsd_skkqFsA
cache-control
no-cache
content-length
0
x-amz-cf-id
aAqGCht97nplv1MdCs8prUO6unxssLSVr1A4BRX4aJJxbAqSlPHwNQ==
expires
-1
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B8B8 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENYYtHA-u0u04Q2PrRqr9X4&google_cver=1&google_push=AehlK4CSIUFCGTBPgku36VbJTBrnu65rs1ZLWyskd5EK5dCJvn0-IIuEeluXeL66UeL5LiSwdtyrVEovbD3eEepKoqQDfd0yEYNFbI-1LDxtjOJGRn-zWeakFiIHp-KEjcszC-QJ-M9nRn3ZKC3i4bsGMAE
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame B8B8
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMbUOWsjBuRGmikmYrVGcIY&google_cver=1&google_push=AehlK4DSgCNcdYmC0b3jnp5yY9cesuxox9JwpNilQb_NYLHyM1QDwZPJhZOtvFllUn067JQsxodx8Uz0ClIsita6mDH6WlKms7CR7...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DSgCNcdYmC0b3jnp5yY9cesuxox9JwpNilQb_NYLHyM1QDwZPJhZOtvFllUn067JQsxodx8Uz0ClIsita6mDH6WlKms7CR7lGMfhBGfcdsB4BsPUdfsIhcZcfEhR03Lc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DSgCNcdYmC0b3jnp5yY9cesuxox9JwpNilQb_NYLHyM1QDwZPJhZOtvFllUn067JQsxodx8Uz0ClIsita6mDH6WlKms7CR7lGMfhBGfcdsB4BsPUdfsIhcZcfEhR03LcY6ymYtC7gpwU9Vo6giAdI&google_hm=mRZMkdKCxOgV-vLooT2TxA==
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DSgCNcdYmC0b3jnp5yY9cesuxox9JwpNilQb_NYLHyM1QDwZPJhZOtvFllUn067JQsxodx8Uz0ClIsita6mDH6WlKms7CR7lGMfhBGfcdsB4BsPUdfsIhcZcfEhR03LcY6ymYtC7gpwU9Vo6giAdI&google_hm=mRZMkdKCxOgV-vLooT2TxA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
at5btihbvfk6c892k5174kca5i9f5o6a
pixel
cm.g.doubleclick.net/ Frame B8B8
Redirect Chain
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEC_rVkCS1vKZBw6x1ICNUeQ&google_cver=1&google_push=AehlK4BVfd3Ad3353GrKLkTcLi2KIabWn87TNHc-ThEAj7kMqIeerrLyMc7BwgeT4HYyl4w3hiBTvHVzSNh-c...
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4BVfd3Ad3353GrKLkTcLi2KIabWn87TNHc-ThEAj7kMqIeerrLyMc7BwgeT4HYyl4w3hiBTvHVzSNh-cHJ-75ONXXO8UKWqVdgeB17vWs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4BVfd3Ad3353GrKLkTcLi2KIabWn87TNHc-ThEAj7kMqIeerrLyMc7BwgeT4HYyl4w3hiBTvHVzSNh-cHJ-75ONXXO8UKWqVdgeB17vWsiwt5L4raOVI3Gl196HQyxyAk31JvqnhlyTFQCkTkXhlys
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4BVfd3Ad3353GrKLkTcLi2KIabWn87TNHc-ThEAj7kMqIeerrLyMc7BwgeT4HYyl4w3hiBTvHVzSNh-cHJ-75ONXXO8UKWqVdgeB17vWsiwt5L4raOVI3Gl196HQyxyAk31JvqnhlyTFQCkTkXhlys
Date
Mon, 22 Aug 2022 03:51:09 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
pub
cs.chocolateplatform.com/ Frame B8B8 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBLWlbOA0Wt1eLKg2zLOHgY&google_cver=1&google_push=AehlK4D8BWxHjjIqly6e2UgmfWIZKHkens3vkV2kAlMHZiE0hWh78CRzfQhTjd84LOGfubMLiV9N0lORffBkKE_biobairDNPHi32bdQGgUj7uJFSbMNLFy6_Fhv-lDbkIWcQIfcr71wGu1iEJ-HsnXPxA
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 -, , ASN (),
Reverse DNS
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
server
Chocolate Cookie Sync Powered by Vdopia
pixel
cm.g.doubleclick.net/ Frame B8B8
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECw3qFutKKeefxlQVbOq18s&google_cver=1&google_push=AehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVqfUr0xkFaDzVTpSLTbYq6lm-Yo6qz...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESECw3qFutKKeefxlQVbOq18s%26google_cver%3D1%26google_push%3DAehlK4DJ_MU51y6oAYdNzj...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A5235469453863541908&exchange=193&google_gid=CAESECw3qFutKKeefxlQVbOq18s&google_cver=1&google_push=AehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVq...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTUyMzU0Njk0NTM4NjM1NDE5MDg&google_push=AehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVqfUr0xkFaDzVTpSLTbYq6lm-Yo6q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTUyMzU0Njk0NTM4NjM1NDE5MDg&google_push=AehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVqfUr0xkFaDzVTpSLTbYq6lm-Yo6qzIw_80zs__LBNUgek4QD4KjIqyCfcmmLWcVB5GCYt4BVsPnDsAK3J_KMCb3sxEMjYGXnRFulmN9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTUyMzU0Njk0NTM4NjM1NDE5MDg&google_push=AehlK4DJ_MU51y6oAYdNzjcL8p_pV7JJdOCjkfcC7NxlkLuOiDVqfUr0xkFaDzVTpSLTbYq6lm-Yo6qzIw_80zs__LBNUgek4QD4KjIqyCfcmmLWcVB5GCYt4BVsPnDsAK3J_KMCb3sxEMjYGXnRFulmN9A
Date
Mon, 22 Aug 2022 03:51:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame B8B8 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbF4Y45wVlZO1XjPOXfaLfA-BAURUJE4jCEfsKXphTasxCUlIjCisCOIKqzZMWDdbHLTi6Hw
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 6BD5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?51Aevg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D68B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Yv_McA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
smtr
contextual.media.net/ Frame 7417 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=HARMONY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&kwrf=https%3A%2F%2Fadx.holmesmind.com&nse=5&vi=1661140268714200095&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44BBNeq4x&bcpf=B44BBNeq8fOnRrolnfOur84x&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p11634102580t202208220351&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
572889b0e72056d44be4fcb5e851c27590aba1cb763fcff2d90f98dd9f9088bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-9qfq
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33578
x-sc-w
22-vt9k
bping.php
lg3.media.net/ Frame 7417 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=557&&vgd_cdv=781&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1661140268714200095&ugd=4&lf=6&kwrf=https%3A%2F%2Fadx.holmesmind.com&cc=AU&sc=NSW&lper=100&wsip=2886781337&r=1661140269111&requrl=https%3A%2F%2Fwww.bg3.co&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1661140268191794084&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p11634102580t202208220351&vgd_pgids=1&vgd_uspa=0&hvsid=00001661140269108029185683349539&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 22 Aug 2022 03:51:09 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=41322
content-length
15
checksync.php
contextual.media.net/ Frame 0240 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d9e838e11e53e28982fab39b9239fd02223517740e15a36d80cc781c2d2cfcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=119264
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Mon, 22 Aug 2022 03:51:09 GMT
expires
Tue, 23 Aug 2022 12:58:53 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 7417 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4428&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=Dnj0fD-qtk2KaPKTWwC09Q&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.9962764E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=39.0&adj0=0.0&tmax=300&s_ip=74.125.190.152&adj2=0.0&adj1=0.0&feedback_id=Dnj0fD-qtk2KaPKTWwC09Q&adtypes=0&mx_aabpc=0&reqid=Dnj0fD-qtk2KaPKTWwC09Q&sc=AU-NSW&sd=1&mowxReqId=b9000a01cb4749d981266d91c9c05480_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1661140267089&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-357234536-35-19&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=b9000a01cb4749d981266d91c9c05480&actltime=50&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.015&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESENX81d_HESuJtqqxeXy-hWE&chnl=HARMONY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1661140867343&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.015&pvdTmax=255&ltime=49.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=17135287233592_794619512_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=53&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-7w7sz&currsrc_date=2022-08-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-22+03%3A51%3A07&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET4f9PS29ohJvoZjSFi0yEIO49FU-FGamXTv8BK1LtnQZKA9OC10REc1AjFKxTxoXSdX&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-dfpz6.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D522~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082120~iurl_b%3D60753.34~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.16~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D8%2C8~et%3D18~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082122~vis_b%3D116.08~url_b%3D0.02~url_tvi%3D1844~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw43gPVXibY9RDw8~btd%3D15749759548417329365875974534286979634049254885811154498233912421391106466713604~d2p_l%3D70~3pcf%3D1.3~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.96~ogd2p_b%3D0.92~vurl_b%3D0.1~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D18.06~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.24~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.2~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.015%7Edmm%3Dharmony%7Esuid%3DCAESENX81d_HESuJtqqxeXy-hWE%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.9962764E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=2041&sf=0&cpr=0.11307256457019643
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Mon, 22 Aug 2022 03:51:09 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Mon, 22 Aug 2022 09:51:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D6E6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
28168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 20:01:41 GMT
etag
48472445140208031
expires
Mon, 22 Aug 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7417 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dca67579e781089845e02e5ae6dcc854f3d69f4ddcbd493c3ef535aebae5968f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B531 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCr7mKv0CY4LKEYKArtoP_JG7YPrNhcJnl56xpL8QoJaA7JACEAEguoTAM2ClgICAkAGgAZzquPsDyAEJqQIAnYTDjxGnPuACAKgDAcgDywSqBO0CT9D35tOqKtsAmcgEqP3uvo-wPqXZ_ENxhG0hMAne9fYytqiaR_wtsf0GypzqnQkbM3uZdB2BR-CWoNBkociQX41DFqpnaYIVyUxOahzxbBCCWtdsS6tAJYCM4uxoxubJYzEbmmxg0K64QmI9Ei7A16mhqr1stjMl0T-HuIr4YxE8BxjkzXHVA3FprewOCdyz23gHVdAxMkBQW1iW6CPI6YUkOqmvul2w--aGYtwZewtBAom_jtZYNZqIcIk-7oDADt3C_aVhVpqtf7k0aqHRbevEKSWcxfk7bGw59Q6WYwJ0O--rfxMo1NqSQ2cHaPz3KVA9rbBYWvCrSFfoFFgrRiFUUF-QLdYs8Z4_TGdyjR2WMgqfrBhSVNIvPYydUAGbd2M_DKkzP7fjr-2z1Jz58Rb9inThl4HvQgOP_1UC3ZYpY5WRaMHcuoUEx6Mcnp3Z2c_9T_eHwnPzJSm8JF2SG8QfRRFSlb8UUAEzEYnABK35vf78A-AEAaAGLoAHzJXHBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCxCfrZKnxGS_NOgAoDigqnAWh0dHBzOi8vYWQuYXRkbXQuY29tL3MvZ287YWR2PTExMTgyMjA5MzcyMDk0O2VjPTExMTgyMjA5NDQwODM4O2MuYT0xNTQ5NzMyNTA0MDtzLmE9Z29vZ2xlO3AuYT0xNTQ5NzMyNTA0MDthcy5hPTEzMzcwNTMwODg3NDtxcGI9MTs_Ymlka3c9ZGVmYXVsdGtleXdvcmQmZHZjPWMmaD17bHB1cmx9mAsByAsB4AsBgAwBmAzKtdSL8gO4DAG4E6EE2BMO0BUBmBYB-BYBgBcB&sigh=J2Cbxbfhbbc&cid=CAQSPACsnQUxihszpYjk0GMm7gtn2TfN1tg-F7a3K1MId5TqxZJV68scmZ4Y4Uiv5che3brqvKqkyM-0RzRfWg&label=adresume
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
yahoo
prebid.a-mo.net/setuid/ Frame 58A7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:09 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync
id.a-mx.com/ Frame 58A7 		0
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.41.253 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
AU
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEddJsWrPRGH5ASmv78q%2BGZNJpF%2FTpjzWDvY4bL%2FoR3I22Gpf8kv%2FZvGJq6bipYPoXJd2CgcU85zIXVgrK3wX5YdG%2F3EGAupYF%2B7xhPQiOqMC%2Bs51HrQrGSg3uknFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
73e8a5fca942a82b-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
magnite
prebid.a-mo.net/setuid/ Frame 58A7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L7480UET-18-BG0B&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L7480UET-18-BG0B&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L7480UET-18-BG0B&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
cookie
cm.adform.net/ Frame 58A7 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid.a-mo.net/ Frame 58A7
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%...
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=smartadserver&uid=3775013826742675334
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=smartadserver&uid=3775013826742675334
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=smartadserver&uid=3775013826742675334
date
Mon, 22 Aug 2022 03:51:09 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 58A7
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzc3NzEwMUYtNzc2NS00QjBDLThGQjUtMUMzMDY3OEIyQzIz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dpubmatic%26uid%3D3777101F-7765-4B0C-8FB5-1C3...
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=pubmatic&uid=3777101F-7765-4B0C-8FB5-1C30678B2C23
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=pubmatic&uid=3777101F-7765-4B0C-8FB5-1C30678B2C23
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=pubmatic&uid=3777101F-7765-4B0C-8FB5-1C30678B2C23
date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 58A7
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_priva...
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=index_rtb&uid=YwL9Lfw24S4I4MKePM2kEQAA%26261
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=index_rtb&uid=YwL9Lfw24S4I4MKePM2kEQAA%26261
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVeGZGagL%2BNFPFvRYVwT8BSTptUxQFoD36ZOCVqFLGy2RZDzxqgUMG7%2F7k23cUEqvgXD%2FbBBaHs6d4DhxaIPH6yR0F2bUYZDqz9uhZ%2Bh9fUj0%2Be%2B6tjFKzzu0qLO3x1qtUMsWDRy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=index_rtb&uid=YwL9Lfw24S4I4MKePM2kEQAA%26261
cache-control
no-cache
cf-ray
73e8a5fefb83a974-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 58A7
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=sovrn&uid=FL7nELZHx1aT96D3TVamStyy
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=sovrn&uid=FL7nELZHx1aT96D3TVamStyy
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Mon, 22 Aug 2022 03:51:10 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=sovrn&uid=FL7nELZHx1aT96D3TVamStyy
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame 58A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=appnexus&uid=743498007902742434
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=appnexus&uid=743498007902742434
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:09 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
03329115-d5ec-4d47-b7c9-81ffc0d9fba0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=appnexus&uid=743498007902742434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 58A7 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:09 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f0bd6472-3bb1-44cb-9a82-e163071598c0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 58A7 		86 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
content-length
86
content-type
image/png
setuid
pbs.aniview.com/ Frame 58A7 		86 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.aniview.com/setuid?bidder=amx&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.201.159 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0
setuid
prebid-server.rubiconproject.com/ Frame 58A7 		86 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0
xuid
eb2.3lift.com/ Frame 3B34
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0a600e4e-96d4-4f57-a4f7-77818b1f684d&dongle=0cfd
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=0a600e4e-96d4-4f57-a4f7-77818b1f684d&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=0a600e4e-96d4-4f57-a4f7-77818b1f684d&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 3B34
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjIwMjg1MDU3OTEzMzk4NzEyMQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3B34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECQjX9_mK1BRmB6gVA1qm94&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECQjX9_mK1BRmB6gVA1qm94&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECQjX9_mK1BRmB6gVA1qm94&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3B34
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjIwMjg1MDU3OTEzMzk4NzEyMQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjIwMjg1MDU3OTEzMzk4NzEyMQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjIwMjg1MDU3OTEzMzk4NzEyMQ%3D%3D
date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 3B34
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=6202850579133987121&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=6202850579133987121&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=92782178-f6df-422b-8aa9-18da9346a5d4&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=92782178-f6df-422b-8aa9-18da9346a5d4&_noobservation=1&_expected_cookie=90b59c0...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=92782178-f6df-422b-8aa9-18da9346a5d4&_noobservation=1&_expected_cookie=90b59c06050d1de568498ed9d6269078
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.102.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73e8a603da506a5a-SYD
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=92782178-f6df-422b-8aa9-18da9346a5d4&_noobservation=1&_expected_cookie=90b59c06050d1de568498ed9d6269078
date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73e8a60288a96a5a-SYD
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 3B34
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=6202850579133987121&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=6202850579133987121&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf841d67-8696-44ac-9943-2f52cda65d01&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=ff6545ae-426f-4d00-9b6d-b32eae13e378&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
0
0
c.gif
c.bing.com/ Frame 3B34 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=6202850579133987121&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5C55F56FD3D14ADD9CDD221951DF99BE Ref B: SYD03EDGE1512 Ref C: 2022-08-22T03:51:09Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 3B34
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/6202850579133987121?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-4MgSoKFE2oSxRzgeNwthU0ViP_bWMBNz.ooFvo.gBQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-4MgSoKFE2oSxRzgeNwthU0ViP_bWMBNz.ooFvo.gBQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 22 Aug 2022 03:51:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-4MgSoKFE2oSxRzgeNwthU0ViP_bWMBNz.ooFvo.gBQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 3B34
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=6202850579133987121
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=6202850579133987121&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=6202850579133987121&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BV0Z3Y6EMHCRF8VPF417
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=6202850579133987121&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3B34
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ow3MlYN6133EmVaHRa-Q&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N53TGTLMLFHDM...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ow3MlYN6133EmVaHRa-Q
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ow3MlYN6133EmVaHRa-Q
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ow3MlYN6133EmVaHRa-Q
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame E22D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
459676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:09:53 GMT
smtr
contextual.media.net/ Frame 3000 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&kwrf=https%3A%2F%2Fadx.holmesmind.com&nse=5&vi=1661140268112087943&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44BBNeq4x&bcpf=B44B8fOnRrolnfOur8BNeq4x&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p11634102580t202208220351&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb8a5311074ac975aa958800bbd6407df02f96a7f055b5cedea39d23b7226079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-bhb7
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33571
x-sc-w
22-n4xr
bping.php
lg3.media.net/ Frame 3000 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=557&&vgd_cdv=781&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1661140268112087943&ugd=4&lf=6&kwrf=https%3A%2F%2Fadx.holmesmind.com&cc=AU&sc=NSW&lper=100&wsip=2886781337&r=1661140269354&requrl=https%3A%2F%2Fwww.bg3.co&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1661140268176460361&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p11634102580t202208220351&vgd_pgids=1&vgd_uspa=0&hvsid=00001661140269351029185683342706&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 22 Aug 2022 03:51:09 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=41322
content-length
15
checksync.php
contextual.media.net/ Frame 6239 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d9e838e11e53e28982fab39b9239fd02223517740e15a36d80cc781c2d2cfcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=119264
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Mon, 22 Aug 2022 03:51:09 GMT
expires
Tue, 23 Aug 2022 12:58:53 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 3000 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4487&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=j4Cpgfn6wyWR879oiFdniw&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.9962764E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=24.0&adj0=0.0&tmax=300&s_ip=74.125.190.27&adj2=0.0&adj1=0.0&feedback_id=j4Cpgfn6wyWR879oiFdniw&adtypes=0&mx_aabpc=0&reqid=j4Cpgfn6wyWR879oiFdniw&sc=AU-NSW&sd=1&mowxReqId=a7200ee529094df29e900f205f80fca8_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1661140267145&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-35-6&coppa_enf=true&bdp=0.020&ct=Sydney&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=a7200ee529094df29e900f205f80fca8&actltime=29&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEFrwMBoTGD8txJ8nBHtOA0Q&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1661140867400&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.02&pvdTmax=255&ltime=28.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=22788394563487_1341944493_52982010413131&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=34&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-9plnn&currsrc_date=2022-08-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-22+03%3A51%3A07&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET7KM_vBsud4ytQ_ChQSZ-5oXYEnPjv9OIskObeUNZJbIKbUd-GrQ95qxqNC9duOynQ8&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-9xxtf.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D522~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082120~iurl_b%3D60753.34~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.16~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D8%2C8~et%3D10~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082122~vis_b%3D116.08~url_b%3D0.02~url_tvi%3D1844~smm_wr%3D38.5892~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022082120~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw4bcNz6TasQ6TDR~btd%3D75035309251726826100623876286673023079245953101016549909383927477827337721286656~d2p_l%3D70~3pcf%3D1.3~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D0.92~ogd2p_b%3D0.92~vurl_b%3D0.1~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D18.06~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.24~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.2~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEFrwMBoTGD8txJ8nBHtOA0Q%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.9962764E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=2207&sf=0&cpr=0.01905106544701618
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Mon, 22 Aug 2022 03:51:09 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Mon, 22 Aug 2022 09:51:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E237 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
28168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 20:01:41 GMT
etag
48472445140208031
expires
Mon, 22 Aug 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3000 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd0664c5916dc02a70d2be53a65af5b45e545c59936801c6b33b64bb4b6d424a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sync
gum.criteo.com/ Frame 19A5 		61 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1488
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
usync.html
eus.rubiconproject.com/ Frame 3BD5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Aug 2022 03:51:10 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 22 Aug 2022 03:51:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 6422
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Drkt%26refUrl%3D%26vid%3D114026943730414186868334460...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=rkt&refUrl=&vid=11402694373041418686833446000V10&ovsid=2018808911873235956
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=rkt&refUrl=&vid=11402694373041418686833446000V10&ovsid=2018808911873235956
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 22 Aug 2022 03:51:11 GMT
expires
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 22 Aug 2022 03:51:10 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=rkt&refUrl=&vid=11402694373041418686833446000V10&ovsid=2018808911873235956
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7427 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34742
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 22 Aug 2022 03:51:10 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 13:30:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 19A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dapx%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=apx&refUrl=&vid=11402694373041418686833446000V10&ovsid=743498007902742434
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=apx&refUrl=&vid=11402694373041418686833446000V10&ovsid=743498007902742434
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:10 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:10 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:09 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
833d16db-1c06-467b-bf0c-3ced94672061
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=apx&refUrl=&vid=11402694373041418686833446000V10&ovsid=743498007902742434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 19A5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3041418686833446...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=opx&refUrl=&vid=11402694373041418686833446000V10&ovsid=8e6caf32-d004-4726-90c1-c031c0cb3ba2
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=opx&refUrl=&vid=11402694373041418686833446000V10&ovsid=8e6caf32-d004-4726-90c1-c031c0cb3ba2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:09 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:09 GMT

Redirect headers

date
Mon, 22 Aug 2022 03:51:09 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3041418686833446000V10&type=opx&refUrl=&vid=11402694373041418686833446000V10&ovsid=8e6caf32-d004-4726-90c1-c031c0cb3ba2
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame 19A5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dr1%26refUrl%3D%26vid%3D11402694373041418686...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dr1%26refUrl%3D%26vid%3D11402694373041...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=669392078
  • https://sync.1rx.io/usersync/tradedesk/0a600e4e-96d4-4f57-a4f7-77818b1f684d
  • https://sync.targeting.unrulymedia.com/csync/RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=r1&refUrl=&vid=11402694373041418686833446000V10&ovsid=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=r1&refUrl=&vid=11402694373041418686833446000V10&ovsid=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:11 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=r1&refUrl=&vid=11402694373041418686833446000V10&ovsid=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcd9972777d4b4a8bb3ec17693c5fdcac004
content-type
text/html
cksync
cs.media.net/ Frame 19A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA0MTQxODY4NjgzMzQ0NjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:09 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 19A5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Ddxu%26refUrl%3D%26vid%3D11402694373041418686833...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Ddxu%26refUrl%3D%26vid%3D11402694373041418...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=dxu&refUrl=&vid=11402694373041418686833446000V10&ovsid=xraEYFtU1OpYt05
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=dxu&refUrl=&vid=11402694373041418686833446000V10&ovsid=xraEYFtU1OpYt05
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:10 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:10 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0ba97292cfef13069@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=dxu&refUrl=&vid=11402694373041418686833446000V10&ovsid=xraEYFtU1OpYt05
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 19A5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=db2de2ca-e437-4e0f-a676-6495489bc2cf
45 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=db2de2ca-e437-4e0f-a676-6495489bc2cf
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:10 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:10 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=db2de2ca-e437-4e0f-a676-6495489bc2cf
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1735740
content-length
0
expires
Mon, 22 Aug 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 19A5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ff6545ae-426f-4d00-9b6d-b32eae13e378&google_hm=ZmY2NTQ1YWUtNDI2Zi00ZDAwLTliNmQtYjMyZWFlMTNlMzc4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDnMk2MEjwhI497kKFcoGi8&google_cver=1&ssp=medianet&bsw_param=ff6545ae-426f-4d00-9b6d-b32eae13e378
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:11 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 22 Aug 2022 03:51:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 19A5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dzem%26refUrl%3D%26vid%3D11402694373041418686833446...
  • https://stags.bluekai.com/site/23178?id=sQya3yDPV94ektUWEjY_&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLTKF4WCM3ZIRIFMOJUMVVXIVKXIVVFS...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=sQya3yDPV94ektUWEjY_&refUrl=&type=zem&vid=11402694373041418686833446000V10&vsid=3041418686833446000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=sQya3yDPV94ektUWEjY_&refUrl=&type=zem&vid=11402694373041418686833446000V10&vsid=3041418686833446000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:11 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=sQya3yDPV94ektUWEjY_&refUrl=&type=zem&vid=11402694373041418686833446000V10&vsid=3041418686833446000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 19A5
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3041418686833446000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3041418686833446000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3d16715a-567b-45dd-b28a-30f7f5638b6d&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=3d16715a-567b-45dd-b28a-30f7f5638b6d&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:11 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=3d16715a-567b-45dd-b28a-30f7f5638b6d&cs=1
Date
Mon, 22 Aug 2022 03:51:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 19A5 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Demx%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.112.134 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 19A5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:09 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usync.js
eus.rubiconproject.com/ Frame 9FEB 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5ee3e2b294521befd0025c189e612ed2543efd6d36327b254569da26a8a96e88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48394
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Mon, 22 Aug 2022 17:17:43 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D6E6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGQDQTw1pdLQJ5iTzjfKCeA&google_cver=1&google_push=AehlK4CxmXmtnLBiQojwbSmMhxAtanZkj6f72WSAdQeHELnzvUsJQ78fMhC9130o4bxPRn3yXT55u6ssi4pfcLody7rZyGUyz0T7
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE5NzIxNjE4MzI4ODYwNTM2Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxGZjGRSaZDPTuULeheD70&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxGZjGRSaZDPTuULeheD70&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxGZjGRSaZDPTuULeheD70&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame D6E6 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEFk30xtkogYN64pG2nv-r4&google_cver=1&google_push=AehlK4Ap4NrUlJabdDSG9kVNcfo6DUDpCVleKJ4Zs_ZWMRLsJTB9N3qO6lyzObCcXpCiFGoDXyoiiOzF8BcoQn-1Yszhlb2j6-jEOw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D6E6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBifjLJK98l-y6fAew4E-I&google_push=AehlK4Bkb1Bq04fl_p_yrsrzv7qbvyxGP8Xo_i9hLjLTvK8FHbS5HKP3b5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBifjLJK98l-y6fAew4E-I&google_push=AehlK4Bkb1Bq04fl_p_yrsrzv7qbvyxGP8Xo_i9hLjLTvK8FHbS5HKP3b5hTJHV1YxexaYmdZTIZcMTcTHx6QAQOqQVKH8f9OWyXww
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1661140270.733961,VS0,VE217
x-served-by
cache-syd10148-SYD
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBifjLJK98l-y6fAew4E-I&google_push=AehlK4Bkb1Bq04fl_p_yrsrzv7qbvyxGP8Xo_i9hLjLTvK8FHbS5HKP3b5hTJHV1YxexaYmdZTIZcMTcTHx6QAQOqQVKH8f9OWyXww
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D6E6
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEAJpP3L3NaLdj-Y7g4nqfHg&google_cver=1&google_push=AehlK4BwibYT-cw7YMTLEy21rjjbJ21SAuH3Qe1nWvgFKSfH9ienp3ngd3dhpLuomPMRrlDqOwkqPVpGqypI411kWRduWHic6xYnxA
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDk1REI3OTZDMEE5NDQ1OA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDk1REI3OTZDMEE5NDQ1OA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDk1REI3OTZDMEE5NDQ1OA==
date
Mon, 22 Aug 2022 03:51:10 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame D6E6
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENX54z6DjN43fge-_npYpZQ&google_cver=1&google_push=AehlK4Awdxp912VO-_ypNWhHIP-9FYW6fUtRNwQ2wbrARSxj15GSBeSNEq02p-2c_ikbza4LiInbrOMhNB...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENX54z6DjN43fge-_npYpZQ&google_cver=1&google_push=AehlK4Awdxp912VO-_ypNWhHIP-9FYW6fUtRNwQ2wbrARSxj15GSBeSNEq02p-2c_ikbza4LiInbrOMhNB...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Awdxp912VO-_ypNWhHIP-9FYW6fUtRNwQ2wbrARSxj15GSBeSNEq02p-2c_ikbza4LiInbrOMhNBRYEC9MvdyUANt79RohYg&google_hm=MDUwMzAwMDFfNjMwM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Awdxp912VO-_ypNWhHIP-9FYW6fUtRNwQ2wbrARSxj15GSBeSNEq02p-2c_ikbza4LiInbrOMhNBRYEC9MvdyUANt79RohYg&google_hm=MDUwMzAwMDFfNjMwMmZkMmU5YTMwNQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 22 Aug 2022 03:51:11 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Awdxp912VO-_ypNWhHIP-9FYW6fUtRNwQ2wbrARSxj15GSBeSNEq02p-2c_ikbza4LiInbrOMhNBRYEC9MvdyUANt79RohYg&google_hm=MDUwMzAwMDFfNjMwMmZkMmU5YTMwNQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
adx_sync
ad.audience73.com/ Frame D6E6 		0
0
pixel
cm.g.doubleclick.net/ Frame D6E6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECf8F_hLnzM1WrHCCQoK5TA&google_cver=1&google_push=AehlK4BqZPp7FwaTplsiBcWnm6Lya4Px3-gbe7ZfJXHD01xPW3dcIxre4LzuVT3x9M2dFQSNKGA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0ODBVRVQtMTgtQkcwQg==&google_push=AehlK4BqZPp7FwaTplsiBcWnm6Lya4Px3-gbe7ZfJXHD01xPW3dcIxre4LzuVT3x9M2dFQSNKGAjwjczFniixAWC1yxPVF3PXVNFPg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0ODBVRVQtMTgtQkcwQg==&google_push=AehlK4BqZPp7FwaTplsiBcWnm6Lya4Px3-gbe7ZfJXHD01xPW3dcIxre4LzuVT3x9M2dFQSNKGAjwjczFniixAWC1yxPVF3PXVNFPg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0ODBVRVQtMTgtQkcwQg==&google_push=AehlK4BqZPp7FwaTplsiBcWnm6Lya4Px3-gbe7ZfJXHD01xPW3dcIxre4LzuVT3x9M2dFQSNKGAjwjczFniixAWC1yxPVF3PXVNFPg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame D6E6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LqNz5SBa1KK44Y_5HQz2KmIOL5COty2GEJoHlvmPqbkdkQsO1OrfoEgmEcrhyjUPPdqZBl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 6B43 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: 22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
URL: https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
459676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:09:53 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B531 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCr7mKv0CY4LKEYKArtoP_JG7YPrNhcJnl56xpL8QoJaA7JACEAEguoTAM2ClgICAkAGgAZzquPsDyAEJqQIAnYTDjxGnPuACAKgDAcgDywSqBO0CT9D35tOqKtsAmcgEqP3uvo-wPqXZ_ENxhG0hMAne9fYytqiaR_wtsf0GypzqnQkbM3uZdB2BR-CWoNBkociQX41DFqpnaYIVyUxOahzxbBCCWtdsS6tAJYCM4uxoxubJYzEbmmxg0K64QmI9Ei7A16mhqr1stjMl0T-HuIr4YxE8BxjkzXHVA3FprewOCdyz23gHVdAxMkBQW1iW6CPI6YUkOqmvul2w--aGYtwZewtBAom_jtZYNZqIcIk-7oDADt3C_aVhVpqtf7k0aqHRbevEKSWcxfk7bGw59Q6WYwJ0O--rfxMo1NqSQ2cHaPz3KVA9rbBYWvCrSFfoFFgrRiFUUF-QLdYs8Z4_TGdyjR2WMgqfrBhSVNIvPYydUAGbd2M_DKkzP7fjr-2z1Jz58Rb9inThl4HvQgOP_1UC3ZYpY5WRaMHcuoUEx6Mcnp3Z2c_9T_eHwnPzJSm8JF2SG8QfRRFSlb8UUAEzEYnABK35vf78A-AEAaAGLoAHzJXHBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCxCfrZKnxGS_NOgAoDigqnAWh0dHBzOi8vYWQuYXRkbXQuY29tL3MvZ287YWR2PTExMTgyMjA5MzcyMDk0O2VjPTExMTgyMjA5NDQwODM4O2MuYT0xNTQ5NzMyNTA0MDtzLmE9Z29vZ2xlO3AuYT0xNTQ5NzMyNTA0MDthcy5hPTEzMzcwNTMwODg3NDtxcGI9MTs_Ymlka3c9ZGVmYXVsdGtleXdvcmQmZHZjPWMmaD17bHB1cmx9mAsByAsB4AsBgAwBmAzKtdSL8gO4DAG4E6EE2BMO0BUBmBYB-BYBgBcB&sigh=J2Cbxbfhbbc&cid=CAQSPACsnQUxihszpYjk0GMm7gtn2TfN1tg-F7a3K1MId5TqxZJV68scmZ4Y4Uiv5che3brqvKqkyM-0RzRfWg&label=part2viewed
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 0240
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:09 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync
cs.media.net/ Frame 0240
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0MTQxODY5NjgzMzQ2OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:09 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E237
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEDrFxNd3Klm2WPg_pZOCVg&google_cver=1&google_push=AehlK4DR8cUuRCMaDDcU6y1LmBBw4vz_-UVdohHkJYs1_ZSLc6Cbt8vVrY-Su7fxoH7Uf8wBs9rzWkEKiGG0kNuy...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DR8cUuRCMaDDcU6y1LmBBw4vz_-UVdohHkJYs1_ZSLc6Cbt8vVrY-Su7fxoH7Uf8wBs9rzWkEKiGG0kNuy4lrh3_hNYOTpatvrZK_x3oHEpkmZhe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DR8cUuRCMaDDcU6y1LmBBw4vz_-UVdohHkJYs1_ZSLc6Cbt8vVrY-Su7fxoH7Uf8wBs9rzWkEKiGG0kNuy4lrh3_hNYOTpatvrZK_x3oHEpkmZheqSrnOUheHz5k4lJP3y0ngBx0E
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 Aug 2022 03:51:10 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DR8cUuRCMaDDcU6y1LmBBw4vz_-UVdohHkJYs1_ZSLc6Cbt8vVrY-Su7fxoH7Uf8wBs9rzWkEKiGG0kNuy4lrh3_hNYOTpatvrZK_x3oHEpkmZheqSrnOUheHz5k4lJP3y0ngBx0E
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 Aug 2022 03:51:09 GMT
pixel
cm.g.doubleclick.net/ Frame E237
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEEN4qjJPNchR0Zyx0Pyw1mA&google_cver=1&google_push=AehlK4BSWVjtX6b10LbV8YLU221BSLmMETvHC3ul3tbG_wcQzVJBzT7LOwjJrKc6SFzNcfiT1JUD5ln4Zx...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4BSWVjtX6b10LbV8YLU221BSLmMETvHC3ul3tbG_wcQzVJBzT7LOwjJrKc6SFzNcfiT1JUD5ln4ZxG4gupYIbogRAyDQD0xBFgV3_aIQwNgBFwlCPu3xwKv6b6byk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4BSWVjtX6b10LbV8YLU221BSLmMETvHC3ul3tbG_wcQzVJBzT7LOwjJrKc6SFzNcfiT1JUD5ln4ZxG4gupYIbogRAyDQD0xBFgV3_aIQwNgBFwlCPu3xwKv6b6bykHdFG5VQPzmO30&google_hm=d1RtY29oYXZoc1c3QTNhcS14WVM1SFJoS2lR&from_google=pc1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4BSWVjtX6b10LbV8YLU221BSLmMETvHC3ul3tbG_wcQzVJBzT7LOwjJrKc6SFzNcfiT1JUD5ln4ZxG4gupYIbogRAyDQD0xBFgV3_aIQwNgBFwlCPu3xwKv6b6bykHdFG5VQPzmO30&google_hm=d1RtY29oYXZoc1c3QTNhcS14WVM1SFJoS2lR&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame E237
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELNc4LBQmEcCfnmyKZvFKtk&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZDA2ZjQ3ZTQtNDdmOS00MmU3LWJiMjgtZmM5MWM5MmUyMWIw&google_gid=CAESELNc4LBQmEcCfnmyKZvFKtk&google_cver=1&google_push=AehlK4BB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZDA2ZjQ3ZTQtNDdmOS00MmU3LWJiMjgtZmM5MWM5MmUyMWIw&google_gid=CAESELNc4LBQmEcCfnmyKZvFKtk&google_cver=1&google_push=AehlK4BBsXT_XWhASG3_WWlx2vecxsZ2_nQm_eOy7SimX24vf1ZpcXbzgt2KoHnJ0NjIOdyW_WXRiymoVXWSiaUxZ4RyR9iTXxRbn0UbjbBlLmwR8v48sjayAzUNUK3rl4-A0ImWCSGxdDI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZDA2ZjQ3ZTQtNDdmOS00MmU3LWJiMjgtZmM5MWM5MmUyMWIw&google_gid=CAESELNc4LBQmEcCfnmyKZvFKtk&google_cver=1&google_push=AehlK4BBsXT_XWhASG3_WWlx2vecxsZ2_nQm_eOy7SimX24vf1ZpcXbzgt2KoHnJ0NjIOdyW_WXRiymoVXWSiaUxZ4RyR9iTXxRbn0UbjbBlLmwR8v48sjayAzUNUK3rl4-A0ImWCSGxdDI
date
Mon, 22 Aug 2022 03:51:10 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E237
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDskhYMxTHYa-rVIcmcYXcg&google_cver=1&google_push=AehlK4AxpTOJOLDlP7VN6iRbxXD420NPptytbKAj45s0pNZW9n3f76XE2362FQ03J6Qdbm-NklWs7jcZCA_EF1ZD0hckStf0w_KFG...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AxpTOJOLDlP7VN6iRbxXD420NPptytbKAj45s0pNZW9n3f76XE2362FQ03J6Qdbm-NklWs7jcZCA_EF1ZD0hckStf0w_KFGNur0Y8NlqrZvjGJqhm63v7RfQZGyaoAT8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AxpTOJOLDlP7VN6iRbxXD420NPptytbKAj45s0pNZW9n3f76XE2362FQ03J6Qdbm-NklWs7jcZCA_EF1ZD0hckStf0w_KFGNur0Y8NlqrZvjGJqhm63v7RfQZGyaoAT8fBKFZJqu8&google_hm=mRZMkdKCxOgV-vLooT2TxA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AxpTOJOLDlP7VN6iRbxXD420NPptytbKAj45s0pNZW9n3f76XE2362FQ03J6Qdbm-NklWs7jcZCA_EF1ZD0hckStf0w_KFGNur0Y8NlqrZvjGJqhm63v7RfQZGyaoAT8fBKFZJqu8&google_hm=mRZMkdKCxOgV-vLooT2TxA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
o6tajeuo9j5g9f1daef06ae6e8uv5ued
pixel
cm.g.doubleclick.net/ Frame E237
Redirect Chain
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEF_tCdwCjDZR_S1_8LaDaso&google_cver=1&google_push=AehlK4AdFk_SqNmwbbJ0SypqhVRpLOrLka7V-F7F9Mx8Qzu7ekHZqS5UemI5TgzTJ2bhlzt1upzTspRiXWoqZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4AdFk_SqNmwbbJ0SypqhVRpLOrLka7V-F7F9Mx8Qzu7ekHZqS5UemI5TgzTJ2bhlzt1upzTspRiXWoqZiXLKxwFaeBAapYV4p5bQb9wzS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4AdFk_SqNmwbbJ0SypqhVRpLOrLka7V-F7F9Mx8Qzu7ekHZqS5UemI5TgzTJ2bhlzt1upzTspRiXWoqZiXLKxwFaeBAapYV4p5bQb9wzSoScpeAfHnJXEOqrscioWZJx-M6rehJQjg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AehlK4AdFk_SqNmwbbJ0SypqhVRpLOrLka7V-F7F9Mx8Qzu7ekHZqS5UemI5TgzTJ2bhlzt1upzTspRiXWoqZiXLKxwFaeBAapYV4p5bQb9wzSoScpeAfHnJXEOqrscioWZJx-M6rehJQjg
Date
Mon, 22 Aug 2022 03:51:09 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E237
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJpzvSHP-ll6_n8dj8fIzNM&google_cver=1&google_push=AehlK4DbdhjvDlR5PPC2f-1arMLyZM_Hwfv_Zli7_MfCAcUcTepZvkTpAdmlbvNKOPZCfdxI0i94-i...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4DbdhjvDlR5PPC2f-1arMLyZM_Hwfv_Zli7_MfCAcUcTepZvkTpAdmlbvNKOPZCfdxI0i94-iMyDkdb8lOjbez4KiUvHInIkgjlSFZOdOlJTjpTnS7PR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4DbdhjvDlR5PPC2f-1arMLyZM_Hwfv_Zli7_MfCAcUcTepZvkTpAdmlbvNKOPZCfdxI0i94-iMyDkdb8lOjbez4KiUvHInIkgjlSFZOdOlJTjpTnS7PRLCqc-rMqvkTeh89CSqhUUw&google_hm=NjgxNjEzNDQ3OTQ1NDYyNzY0Ng%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4DbdhjvDlR5PPC2f-1arMLyZM_Hwfv_Zli7_MfCAcUcTepZvkTpAdmlbvNKOPZCfdxI0i94-iMyDkdb8lOjbez4KiUvHInIkgjlSFZOdOlJTjpTnS7PRLCqc-rMqvkTeh89CSqhUUw&google_hm=NjgxNjEzNDQ3OTQ1NDYyNzY0Ng%3D%3D
date
Mon, 22 Aug 2022 03:51:09 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E237
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEcHUAOHzWYZGUPpeik_xu4&google_cver=1&google_push=AehlK4B0kHivZp6l--8eota6VTorGCJfVOqgeT-GUnowsgsfelkFMqZkT7oLHQWZEh8SO_PlfuVBX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4B0kHivZp6l--8eota6VTorGCJfVOqgeT-GUnowsgsfelkFMqZkT7oLHQWZEh8SO_PlfuVBXK_RNpwfo63ZezY090iGbhRaHDe-gz0giuKHHXMIac5KDg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4B0kHivZp6l--8eota6VTorGCJfVOqgeT-GUnowsgsfelkFMqZkT7oLHQWZEh8SO_PlfuVBXK_RNpwfo63ZezY090iGbhRaHDe-gz0giuKHHXMIac5KDgnPLneAe3Z8hOKNO4WPLg&google_hm=WXdMOUxjQ281dVlBQU80OVlUUUFBQUFB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
7
Date
Mon, 22 Aug 2022 03:51:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEEcHUAOHzWYZGUPpeik_xu4&google_cver=1&google_push=AehlK4B0kHivZp6l--8eota6VTorGCJfVOqgeT-GUnowsgsfelkFMqZkT7oLHQWZEh8SO_PlfuVBXK_RNpwfo63ZezY090iGbhRaHDe-gz0giuKHHXMIac5KDgnPLneAe3Z8hOKNO4WPLg","cluster_id":7,"gdpr":false,"ipv4":"173.245.209.142","key":"YwL9LcCo5uYAAO49YTQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40145"}
X-SO-Ads-Time
3
X-SO-Key
YwL9LcCo5uYAAO49YTQAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40145
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4B0kHivZp6l--8eota6VTorGCJfVOqgeT-GUnowsgsfelkFMqZkT7oLHQWZEh8SO_PlfuVBXK_RNpwfo63ZezY090iGbhRaHDe-gz0giuKHHXMIac5KDgnPLneAe3Z8hOKNO4WPLg&google_hm=WXdMOUxjQ281dVlBQU80OVlUUUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40145.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-IP
173.245.209.142
attr
cm.g.doubleclick.net/pixel/ Frame E237 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0JJfDblH6dmMasHeYv86OmhgCm2MLJIDrAcnnw55oIZ5ip1o_rnzJdUDBC1EO35oAeOvB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264657&bpp=16&bdt=288&idt=1957&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=1520386535282&frm=8&ife=1&pv=2&ga_vid=967300268.1661140267&ga_sid=1661140267&ga_hid=1980456621&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068957%2C31069063&oid=2&pvsid=1633590741388991&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9fets24coveq&fsb=1&dtd=1974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 6585 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081801&jk=220821798207521&bg=!IyClIGTNAAYUOm8VNDo7ACkAdvg8WixexnmTXhzHKtW1gxAQ412Kj2W55QoLc06idqvW7oAaQqieMAIAAADlUgAAAAFoAQcKAK3uSWMoo2V3SXYoiFShUVBVvbFFmLlwH5BNRmfUnEoH8cy86KePzPVrbOk-lkooD7-ABClkCmZnLOqraZMnSjaEZCxtY-QhNKRoV0OWQU6Jqh5rXF8XIYUiNK1_4XllftreCbEPA3snKdN25V2ehGIJPDC4UJeTB8xp_LeeYaUMTY-3w6wmKeYYRh0-LOT7JFHVsuTs_HEnevRNgCTZ8V6bGdckdq0Qnio6xHX3bZkCvZddO8nspCbb9SPqy6bXjjMlSq9k7-2tGkYgHHqVjFQ4UTtK1amcdu2hvQ6G7E45gDX3C3A_NrBFQOgTvkJtp8YTlcRWlpahTihi9SYrbpqEvtUcilgoCZfueNrFTKIW9aDniRfF-OUE1mLam7tiW9SXg4bvTriCu-aefYHZNQFKqlx1cKmKTyZ7YfvXH-QyNnkOiIAq2aWNdyursSzcWRykHRZUUB_Zfxj-CxctbNkoY5ZGIunXIaEZ4YEU9H-x8RjeurohruA0o_53_tXD-9nwYkgqY228HJTYi-K6pfreJAzhp2zUWMWJN06_9dQSeTTMowQ1ofOiZVkUZxTixsOpRFHrP2J2R1zXx4CnXBrzi47xZFOm4faPQ4Zpr4JJQIWB7oSIluLlu-9tHHGrUwLp3QAG_MKv4EpuCZ5hNMH4lHjLC8aVYS0GdNN8Fft9JcckqXQi6ygQHWskT5vyAP0hpZJwFlvK0Sk9IDsY8TLLnCakdfQIQqmDLWiLvwJA2Ln3krfqyKsNu17Jow_3lpaJsigeJTfgnwkvCbGnjBKNdeJch5MJYBkazIOxrZbu99z9A_w_x84CK39E9abynGNAjGvio284OjuK1G5qD1o-BjMIgdpI-xvzB7psEPA4EDdVq_VrtteAle-0LHvvqq2LVaRzUEUDRW2-1tKMaXPOp-1vBP9FIqtrGH-LVeB9nw-e11Y8obg1uYNtA8QS-dB6PQouspi-NTDZz_0zzd5L6lM4FY5f-REsRolPSj6fPqAhJXpvv90pJQ1WGQ4SbweK24__zfSNRBq9AoyxyFADFaFdYjL9BdvRnmxUi-ude9vgM3ZrqbhWzVwvanYGn_sHOaEeQH8w0s5LaWGmrica6ihZwUvP0Lb984PuU-hzHFllx-MuFxLuU1WmQBXezriW5JN0GJ6HvtDVq_KC
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ECEA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=3634049988791698&bg=!MTKlMnbNAAYUOm8VNDo7ACkAdvg8WsOJuoP0HBYXYQS1y0jPZKEPpC2_9vUPt7mNr0ECjd_ekePVCgIAAAEhUgAAAAJoAQeZArN2jpa02Vb4KA0KuSzB1cKj_PHiyDnZAGXIcoUKQjcDmSvBtizgE92fqt6Tm7RsGhUOkizt3hQXKCKOCsZQooWvtP-q7AcikQZmYqaMX__svr5HFPkjtOunEo5pQpjH5eMKU8otnVPG4jwX2eqpvjGlIjiaqlWxSky_EM8wFiKvYm6uQgV27eplOouNt8RrmLjt0pOMhOSoZ5KljV6pjJF5y6hpRYx0gph0DgfWse_8Zqo8wspr_DoMcWuDER1LDhtyyxYFx5xF2ijdtftx06g1sg4ji_f4hnxKzThzOBxfIxSZs8TOYeZXTLNtTenUHXFGq-tqUuWD_Q5ffTJTxopKSiyVsutihLNMPTdA2mjZsjPdmwXyYdLqMmTuG3M36Ilf48ekkZ1eOUlBJi2pLeqGlAWhrasEOmYuVbrN56PDSOrGf7rpjAN69QK4U5gkDWcOhJF-3GE3v8qTsO2T3yTIboypMMzdDWPYj4hOzBJ5job_v1wYN3VAOgc06Q_Sy1So0ifjDT1BaIc_ejb_vnayC7tfukqIAe7848oCphVyYJp58i8NbTV-EfNdLAy9N3fHJXkbo65DhS8H8qGSARba-VCtt9yHhLVelpW7ltz7Eb0vnIkjMKFTCBxX6OdvwLzROXbH7_jJdKGrUKcVeT7LtO_Z1oIEr4ZHsfeRFTST-mpNf1chbnp7Z9R0NLQn_GAIP93oAFC2mXTyeWM3JoBztZkIkfVbqZhPVGNGIPpGPXcR_G8DyCDoOAHtT3prYuDsKKcivxFDnN810Jij8_hrpmJhCKqle4kb-lrwn1hbgNLu9_uxQNlF7ZeHgFx1WqPOIgC2zhU55TLwB1pZCj8XHheAJNsPmLomXBuAgDVbZ3J4j_dqjaeMnRQ_Xg9ajB5_791I7NRGO76LrDzKfDWHn-WA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cksync
cs.media.net/ Frame 6239
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0MTQxODY5NjgzMzQ2OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:10 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEM_NreWZm2sdJWHDJIdicpg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 6239
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:10 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0a600e4e-96d4-4f57-a4f7-77818b1f684d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usermatch
ssum-sec.casalemedia.com/ Frame 63E2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0473e70c20d0677b5d6a9cb050e7a3c5a0e644a1eec0131379fd96745d9c44

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e8a5ffdfbe5563-SYD
content-encoding
br
content-type
text/html
date
Mon, 22 Aug 2022 03:51:10 GMT
dropped-udsids
230|241|45|39|206|13|3|8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7w6dzXbx6iKAffOiRLfSfMgsnzuZ%2BEdyXUDLPMvF7upKp8nVttdjWq8ucoYHXUn1dWE%2B7z2ivyGKr0q0dlQH5pz6LqFEEfCo2CPtekkawfmu8UMPSZ%2BjWl9sTSTvWodUKdP9Tf3VQGC4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9231 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34742
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 22 Aug 2022 03:51:10 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 13:30:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 3F92 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.229.60 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
814380b01b416e69562ee76a77f41c851fb46c70b1b568af1f38c18e843f06ba

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 22 Aug 2022 03:51:10 GMT
etag
W/"06a9ed93392917d5499e3d45c7b6e14cc"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 6065 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2515 		1012 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
456e932a07f55b74d0fc86f51b6a82a1b5a3b0ddbc707baadf908820977b0617

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
1012
content-type
text/html
date
Mon, 22 Aug 2022 03:51:09 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 759C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6d819eef13cded79f65719b50259da5997709d37bafd06bafdfe66d9e16128

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e8a5ffdfc05563-SYD
content-encoding
br
content-type
text/html
date
Mon, 22 Aug 2022 03:51:10 GMT
dropped-udsids
241|39|230|45|130|17|47|31
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSTAq74lQ%2B%2FP0IPLJmMCPKIBVhlLO9E8LYbToqt0T7ait25YUgoqLGNR4mUhBceVyVVXX4jpXwSOf8W1bacn5ZgdRI%2BSj%2BNzqRkDoyMrAYOjCi8ye%2BauKtyuZO8sw6D4dgtqO1nHY4o%2FqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 13A2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Aug 2022 03:51:10 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 22 Aug 2022 03:51:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame 3137
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7480UET-18-BG0B&gdpr=0&us_privacy=1YN-
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7480UET-18-BG0B&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.174.20.147 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7480UET-18-BG0B&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
sync
ads.servenobid.com/ Frame 3137
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=743498007902742434
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=743498007902742434
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:09 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
abc307dd-8453-450c-8e44-138491b49941
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=743498007902742434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3137
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FL7nERZHRGZKQrQKRBGHvI1c
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FL7nERZHRGZKQrQKRBGHvI1c
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FL7nERZHRGZKQrQKRBGHvI1c
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 3137
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FL7nELZHw7UJ2wN3SvmlBBmc
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FL7nELZHw7UJ2wN3SvmlBBmc
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 22 Aug 2022 03:51:10 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FL7nELZHw7UJ2wN3SvmlBBmc
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 3137
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZWFkOGYxOTktNDE1Zi00MThkLTgxZjYtNjE2MTU5ZDBmNDI2IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMlQwMzo1MToxMC45MjgwODVaIn0=
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZWFkOGYxOTktNDE1Zi00MThkLTgxZjYtNjE2MTU5ZDBmNDI2IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMlQwMzo1MToxMC45MjgwODVaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZWFkOGYxOTktNDE1Zi00MThkLTgxZjYtNjE2MTU5ZDBmNDI2IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMlQwMzo1MToxMC45MjgwODVaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
cksync.php
contextual.media.net/ Frame 3137
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661140269962
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5779072630
  • https://sync.1rx.io/usersync/tradedesk/0a600e4e-96d4-4f57-a4f7-77818b1f684d
  • https://sync.targeting.unrulymedia.com/csync/RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=r1&refUrl=&vid=11402694373041418686833446000V10&ovsid=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=r1&refUrl=&vid=11402694373041418686833446000V10&ovsid=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:11 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=r1&refUrl=&vid=11402694373041418686833446000V10&ovsid=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcd9972777d4b4a8bb3ec17693c5fdcac004
content-type
text/html
sync
ads.servenobid.com/ Frame 3137
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1920574144146992952
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1920574144146992952
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1920574144146992952
Date
Mon, 22 Aug 2022 03:51:10 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 3137
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=e9bf7a9c-6383-4c34-8e35-06c74d088111
0
0
cookie
cm.adform.net/ Frame 3137
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F331%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D...
  • https://prebid.a-mo.net/cchain/0/331?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=46c0ea8d-ba03-45f8-915d-b7cc978bb0ee&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F331%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D46c0ea8d-ba03-45f8-915d-b7cc97...
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F331%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.6.241 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F331%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D46c0ea8d-ba03-45f8-915d-b7cc978bb0ee%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Mon, 22 Aug 2022 03:51:09 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 3137
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A
date
Mon, 22 Aug 2022 03:51:09 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame 3137 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.131.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cache-control
no-store
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 3137
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-gODWO7tE2uGcuzdhwMBQKpX.aGXjaycLF0Nn47M-~A
date
Mon, 22 Aug 2022 03:51:09 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 9FEB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0a600e4e-96d4-4f57-a4f7-77818b1f684d&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0a600e4e-96d4-4f57-a4f7-77818b1f684d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0a600e4e-96d4-4f57-a4f7-77818b1f684d&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 9FEB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uG8P7pNeSHPoAVBRo1aCfsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2488849446806238951
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2488849446806238951
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Content-Type
image/gif

Redirect headers

date
Mon, 22 Aug 2022 03:51:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2488849446806238951
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 9FEB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI1YjY1OGMxNzc5ZTJjZTg2ZmZhMDBjMmQwOTk5NjA2ZTFlMzA2NQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI1YjY1OGMxNzc5ZTJjZTg2ZmZhMDBjMmQwOTk5NjA2ZTFlMzA2NQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI1YjY1OGMxNzc5ZTJjZTg2ZmZhMDBjMmQwOTk5NjA2ZTFlMzA2NQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9FEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPHlLEl9nmuyMXqsaXV4hBw&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPHlLEl9nmuyMXqsaXV4hBw&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPHlLEl9nmuyMXqsaXV4hBw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FEB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0ODBVRVQtMTgtQkcwQg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0ODBVRVQtMTgtQkcwQg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0ODBVRVQtMTgtQkcwQg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 9FEB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7480UET-18-BG0B
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7480UET-18-BG0B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7694D974C0CB48719BC9020DD04B8EC1 Ref B: SYD03EDGE1607 Ref C: 2022-08-22T03:51:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXmzFvGI4GTcequXV/b3w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7480UET-18-BG0B
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
esync
token.rubiconproject.com/ Frame 9FEB
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 22 Aug 2022 03:51:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9FEB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uBksZwFRT5OON-sauWS4Rw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uBksZwFRT5OON-sauWS4Rw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uBksZwFRT5OON-sauWS4Rw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
HTTP/1.1
Server
52.95.125.22 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N5532YWAG1C5YQQ51DVH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uBksZwFRT5OON-sauWS4Rw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
truncated
/ Frame ABA9 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ABA9 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ABA9 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame ABA9 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5332&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QeyqOKI8kt9BXaXhN4MB0XET2PcGbXmfqUorjVPaRHg4JFb09KGpHsVwoMauA_yzF2IVO46F12KzlpyCrgoA3C4WIldxYJFE0&cme=FtxZVk6KfJfgBZHYirhsyq7XZNIPv5Pn-1iylAbPPdQC9uJGEF6AvhKXa83zSlTU3RpHk0fr4yMO9vVJiem9fg0DQOUhSwDPjLemw3WlZi9-UkvSPSu1fJZOHRbJK2J6z8KkFxJldtWdAcFILPTGqY8mTioc7EGaBEzV7VTvigl8cYI5AvJVVZg0kOe5myHuuun9ON3GURJhxu7T6eECew%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7Cxrl5Md8q4--Fy0OUtnqyq87TUqV3eBzav9_8O2wUo_jlgFwn8JB2Og%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C_0CD0nxQ07tnlZ3cUJxd_VHZnMO9DbmSmM4iPjAKDXmdDWxPFrQUbIhnwVUY60nSgwl4efTr5UcQzxxcHfzin0-in7XlpCIPxRvr6PbC678_SxzXxQ2S6QDtUapzxVlg-bADG6sXvWFFjvlylg3oOwp6cAHZ0QnLAmExwEVIzinuOFwb9NHzkSVMmHGpu1RQh7UEkMePrN5dxygzfTc3YqCkeD55OOJ9drjp-HarUR4%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785146&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuOu99&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=48970281&kbc2[]=0%7C1%3D1.18%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.66%7C63%3D0.36%7C66%3D1.07%7C60%3D1.24%7C62%3D0.65%7Cps%3D0.972%7C3%3D0.54%7C4%3D4.67&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=30111142&kbc2[]=0%7C1%3D0.41%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.47%7C63%3D0.36%7C66%3D0.31%7C60%3D0.21%7C62%3D1.67%7Cps%3D0.972%7C3%3D0.12%7C4%3D4.29&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=How+to+Start+an+Online+Business&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=14374179&kbc2[]=1%3D0.48%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.33%7C63%3D0.36%7C66%3D1.28%7C60%3D0.48%7C62%3D0.62%7Cps%3D0.558%7C3%3D0.42%7C4%3D4.65&ktd[]=1126174818435328&ktrkt[]=How+to+Start+an+Online+Business&kwd[]=Best+Bank+for+a+Savings+Account&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=324879789&kbc2[]=1%3D0.52%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.78%7C63%3D0.36%7C66%3D1.07%7C60%3D0.33%7C62%3D0.89%7Cps%3D0.558%7C3%3D0.18%7C4%3D5.00&ktd[]=1126174818435328&ktrkt[]=Best+Bank+for+a+Savings+Account&kwd[]=Small+Kitchen+Designs&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=26322723&kbc2[]=1%3D0.20%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.32%7C63%3D0.36%7C66%3D1.03%7C60%3D0.13%7C62%3D1.10%7Cps%3D0.558%7C3%3D0.10%7C4%3D4.47&ktd[]=1126174818435328&ktrkt[]=Small+Kitchen+Designs&cid=8CUABW64L&vwid=1661140268714200095&vi=1661140268714200095&tdAdd[]=ib%3D0&vsid=3041418696833452&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=781&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=holmesmind.com&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785146&vgd_nrrv=1219&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1661140268191794084&sttm=1661140269108&upk=1661140269.10654&hvsid=00001661140269108029185683349539&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3041418696833452&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvXff~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9Wfuf9~8xLjMGvF9hXA.AH~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.uF~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vW%2CW~J7vuW~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9Wfuff~e8QMGvuuF.9W~xLjMGv9.9f~xLjM7e8vuWHH~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBHAy0%2Ft8G3iDrBW~G7OvuXhHihXiXHWHuhAfiAFXWhXihHXAHfWFihiFAH9HifXHWWXWuuuXHHiWfAAiufHfuAiuu9FHFFhuAF9H~OfEMjvh9~AENkvu.A~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iF~myOfEMGv9.if~exLjMGv9.u~QQvIK~x8Bvou~NJv9~LEQMGvuW.9F~exLjMjvX9~%3DVvfhfA~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu9.fH~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.f~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9uX~OYYvw1LYmz5~Qx8Ov%3DK4b4ItWuOMq4bx67%20%20-Jt5owp4~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvOJk1xj7~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.iiFfhFH4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXX&vgd_optout=0&vgd_cfud=220331&vgd_scsver=289&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=1&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001661140269108029185683349539&subBdr=186&bdrid=313&rc=0&rand=1661140269901&acid=b9000a01cb4749d981266d91c9c05480&matm=1661140269902&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2495&vgd_rtime=2487&vgd_etm=12&vgd_l1hcsd=A12%7C5535&vgd_l1ch=1&vgd_lhl=2779&vgd_pgid=p11634102580t202208220351&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7c75f56789-dfpz6.SG&vgd_sbSup=1&vgd_nrrs=1219&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fadx.holmesmind.com%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 22 Aug 2022 03:51:10 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=44586
content-length
15
async_usersync
ib.adnxs.com/ Frame 2DF9 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3d368a86-ce51-4725-8168-9bf32ca02b82
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame BD63 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BD63 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BD63 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame BD63 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5381&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QeyqOKI8kt9Ab6l_oIaDcMMTd7ked6_EiQMY30fmFvO7wBT37TK3g_oYuWPGJnt1nMD_5jqXTRFY_eWANKrDUL9yCngiZEhSJ&cme=1L330woNXGPMRt1u2aGRo_AXU6rF-DjMmz03Y4A95_ET8657tsn4mYoaxQm6ijfPeWuiq5RphzcyRMf7kbU4f33fG_nMpPfviNRszlwgFSq1IvqpMeKIW-SDm9C95b7j34khmTUSA6xJ5EPv4RL3gM4BSlnZYuXNUwRwjnkbYroKyHYC0XP6qM0CaJaC7a0duG6kRfBPnecVy5CWXFR8vw%3D%3D%7C%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7Cxrl5Md8q4--Fy0OUtnqyq87TUqV3eBzav9_8O2wUo_jlgFwn8JB2Og%3D%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7C_0CD0nxQ07tnlZ3cUJxd_VHZnMO9DbmSmM4iPjAKDXmdDWxPFrQUbIhnwVUY60nSgwl4efTr5UcQzxxcHfzin0-in7XlpCIPxRvr6PbC678_SxzXxQ2S6QDtUapzxVlg-bADG6sXvWFFjvlylg3oOwp6cAHZ0QnLAmExwEVIzinuOFwb9NHzkSVMmHGpu1RQh7UEkMePrN5dxygzfTc3YqCkeD55OOJ9drjp-HarUR4%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785147&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=48970281&kbc2[]=0%7C1%3D1.18%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.66%7C63%3D0.36%7C66%3D1.07%7C60%3D1.24%7C62%3D0.65%7Cps%3D0.972%7C3%3D0.54%7C4%3D4.67&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=30111142&kbc2[]=0%7C1%3D0.41%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.47%7C63%3D0.36%7C66%3D0.31%7C60%3D0.21%7C62%3D1.67%7Cps%3D0.972%7C3%3D0.12%7C4%3D4.29&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=How+to+Start+an+Online+Business&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=14374179&kbc2[]=1%3D0.48%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.33%7C63%3D0.36%7C66%3D1.28%7C60%3D0.48%7C62%3D0.62%7Cps%3D0.558%7C3%3D0.42%7C4%3D4.65&ktd[]=1126174818435328&ktrkt[]=How+to+Start+an+Online+Business&kwd[]=Best+Bank+for+a+Savings+Account&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=324879789&kbc2[]=1%3D0.52%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.78%7C63%3D0.36%7C66%3D1.07%7C60%3D0.33%7C62%3D0.89%7Cps%3D0.558%7C3%3D0.18%7C4%3D5.00&ktd[]=1126174818435328&ktrkt[]=Best+Bank+for+a+Savings+Account&kwd[]=Small+Kitchen+Designs&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=26322723&kbc2[]=1%3D0.20%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.42%7C12%3D0.32%7C63%3D0.36%7C66%3D1.03%7C60%3D0.13%7C62%3D1.10%7Cps%3D0.558%7C3%3D0.10%7C4%3D4.47&ktd[]=1126174818435328&ktrkt[]=Small+Kitchen+Designs&cid=8CUABW64L&vwid=1661140268112087943&vi=1661140268112087943&tdAdd[]=ib%3D0&vsid=3041418686833446&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=781&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=holmesmind.com&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785147&vgd_nrrv=1219&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1661140268176460361&sttm=1661140269351&upk=1661140269.10616&hvsid=00001661140269351029185683342706&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3041418686833446&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvXff~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9Wfuf9~8xLjMGvF9hXA.AH~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.uF~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vW%2CW~J7vu9~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9Wfuff~e8QMGvuuF.9W~xLjMGv9.9f~xLjM7e8vuWHH~QYYMBLvAW.XWif~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9Wfuf9~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBHGNIlF_1QgF_rD~G7OvhX9AXA9ifXuhfFWfFu99FfAWhFfWFFhA9fA9hifHXiXAu9u9uFXHii9iAWAifhHhhWfhAAhhfufWFFXF~OfEMjvh9~AENkvu.A~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.if~myOfEMGv9.if~exLjMGv9.u~QQvIK~x8Bvou~NJv9~LEQMGvuW.9F~exLjMjvX9~%3DVvfhfA~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu9.fH~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.f~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4sLBcRm_ZrW7-6WzRq7aK9g~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.iiFfhFH4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXX&vgd_optout=0&vgd_cfud=220331&vgd_scsver=289&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=1&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001661140269351029185683342706&subBdr=186&bdrid=313&rc=0&rand=1661140270160&acid=a7200ee529094df29e900f205f80fca8&matm=1661140270160&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2677&vgd_rtime=2668&vgd_etm=13&vgd_l1hcsd=A12%7C5535&vgd_l1ch=1&vgd_lhl=2849&vgd_pgid=p11634102580t202208220351&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7c75f56789-9xxtf.SG&vgd_sbSup=1&vgd_nrrs=1219&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fadx.holmesmind.com%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 22 Aug 2022 03:51:10 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=44586
content-length
15
log
hblg.media.net/ Frame 7417 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=Dnj0fD-qtk2KaPKTWwC09Q&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.9962764E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=39.0&adj0=0.0&tmax=300&s_ip=74.125.190.152&adj2=0.0&adj1=0.0&feedback_id=Dnj0fD-qtk2KaPKTWwC09Q&adtypes=0&mx_aabpc=0&reqid=Dnj0fD-qtk2KaPKTWwC09Q&sc=AU-NSW&sd=1&mowxReqId=b9000a01cb4749d981266d91c9c05480_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1661140267089&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-357234536-35-19&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=b9000a01cb4749d981266d91c9c05480&actltime=50&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.015&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESENX81d_HESuJtqqxeXy-hWE&chnl=HARMONY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1661140867343&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.015&pvdTmax=255&ltime=49.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=17135287233592_794619512_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=53&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-7w7sz&currsrc_date=2022-08-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-22+03%3A51%3A07&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET4f9PS29ohJvoZjSFi0yEIO49FU-FGamXTv8BK1LtnQZKA9OC10REc1AjFKxTxoXSdX&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-dfpz6.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D522~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082120~iurl_b%3D60753.34~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.16~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D8%2C8~et%3D18~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082122~vis_b%3D116.08~url_b%3D0.02~url_tvi%3D1844~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw43gPVXibY9RDw8~btd%3D15749759548417329365875974534286979634049254885811154498233912421391106466713604~d2p_l%3D70~3pcf%3D1.3~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.96~ogd2p_b%3D0.92~vurl_b%3D0.1~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D18.06~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.24~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.2~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.015%7Edmm%3Dharmony%7Esuid%3DCAESENX81d_HESuJtqqxeXy-hWE%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.9962764E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=2041&sf=0&cpr=0.11307256457019643&evttyp=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661140264622&bpp=12&bdt=261&idt=1907&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=4951448239390&frm=8&ife=1&pv=2&ga_vid=2016815944.1661140267&ga_sid=1661140267&ga_hid=2123236735&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760911%2C31064019&oid=2&pvsid=3201935511870513&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.knyrdoppm9ct&fsb=1&dtd=1947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 22 Aug 2022 03:51:10 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A566 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
fb493b5c435237664fb8719d43c0a020b882900ecfa77d548bbed79ef3f00b15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10976
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8E02 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
11a8bbdc475674e45e5df9320d2dac3cfd2f173373b538fb84ffc5a93623eb7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11044
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 51BF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv12p_ahEM87T2Ka6pOK11Q3bDR_TjjAzMKnnuPRLsbpTK5t7gE8qVrpgRFmKu9Cn5Ohrd5J3vXb6dS3aAu5kU54aVgOzupXvWiljGC-bsJ1sHIXayYEtujAhIRmXLrnyYWnios2SBL7nYVIl1J9TOYof8u0HNpO_-nqCFVQCAYqfJEKlE63i01Jja4o3-sYMqhJN27qiI7MdUdeN0O0vf4uB7M3wVtb7WUXV2mZwn_a4mNE5zzp6Z6ocm3KdPY_oXXylCVD6RZ_XdR1I-d2gfefSM3C9svGTh2UJP3wdFoiqQFMmHL8hICeZzVtyKDEArVe_Ubq8FreW6Ny97TUqbXCqXUBzm5w6stTsqRwTg5bjoKB65fVInkaGR_IIP3ZANJWEo5zKtk5qG7E0ha5SBAK4ZR10zPy70FXJLMMXrdGHXUHlitaFkmiixniwTCP0TYkmpdrRwTACIOGGqyxX10xaZjnck5B8pSEyiYHgtLg_4CFw3370rspFasogXuOenJK9Z4OwHucQRxEt3zqeQJvILF3MybNGI9GRhIwRTcIdxVv-1MB9f2miXqDFZcAZJMbsa54b032QgVWpi3T2y_U__64mQPrkemY3TNAgXb_ysl7qwrxE1zf98pTAJL53gemQEXI7CBUCgbTsL0ZZ16jQIkaN7I2CBOtST7sHR3ybnW0FZjgmzPLEJeSo5crZrFyZ1DQ_SjWbyjXAvOGdMtlnZX3hd0zjPTC_O9XhE2Ge5TNBCj3M5G6zkzi1vA9zz7uP_cLAjboGyvVAgtTIM3YedeDcS0ow5ASo5u9l1K4-EgQ-6PTUsreDasmtWymgEuB9hp4tPhz7J9xGCZKXDpEra5pxmBuVDd7mG3XO1P14PzwnMOwQqn5L2ScFQPT4cixRGdxDigv3vn0Iom-kJS5hI_snH6gewweaNuXzVK8CzvndXmLFQQ3mlUq7a0guCboCssfJFxJNV0mTIIsNgqmbUhUY668Q4gtZSORUZ2kEs7uICGD8yEcoJMeXryv1iMJQ-ZC8Pd16ODsPxeNrmlj3-rA2tad5K_ohSFKiTSwTIm1jXp5h8UeKvwWb7Bbu_BC-bCDRelAVBmIablM8OfWB9K5yEjXFsTi1aZFd8PsohYVUOn9rj9TFAL_mgkVrnekNSLIVxFzRwMglf8BgzZo70rHWC3OJNBJ3HvLD2wXHGtMQWlaYQCPqgmRbxOWoTMMz3nGieckAXR9mQa4pg-91xO5WMlX1XE0Kd_KON3NTbSXajsoot3Lvib0N9jyuw-1x5SBY6-HmsW2z6Mka84npH1PoWftQrIdDYsc1V1-60-EOfOMDqPlcormYH6aOqVI1yQ8tLzsokS4F66mqgwZXt7pXmuHVaDf2lwnpD2xRU4cz5Hbg&sai=AMfl-YR7_K8P0DTpe2-xc61VS_esuyoR6TQo2XDJ9fyLcWA6Onm534QM3dc0zza0INeA0cwaEkvyZsSX1sLY57jW4873zxdmi13_f5xOiw4sDRDcEMo94JuTTWOkbCyiGYlQat6Enm3XDDju-A&sig=Cg0ArKJSzKUds-2slCj2EAE&cid=CAASFeRoWKhFCiT2ooSc0e09VZaYGZpYcw&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661140267258&rpt=2057&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8h0&_p=5667&cid=806427578.1661140265&ul=en-us&sr=1600x1200&_z=ccd.v9B&sid=1661140265&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&dt=%E6%B5%B7%E7%81%98%E9%A9%9A%E8%A6%8B%E3%80%8C%E5%8D%8A%E8%A3%B8%E7%84%A1%E9%A0%AD%E5%A5%B3%E5%B1%8D%E3%80%8D%E8%A1%9D%E4%B8%8A%E5%B2%B8%EF%BC%81%E9%81%8A%E5%AE%A2%E5%9A%87%E5%A3%9E%E5%A0%B1%E8%AD%A6%E3%80%80%E7%9C%9F%E7%9B%B8%E8%B6%85%E5%AE%B3%E7%BE%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 63E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2EztTdRhhc8-urxPELj7M&google_cver=1
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2EztTdRhhc8-urxPELj7M&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a604bd22a973-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT7thUF1mF4LGvCPUGIFNh8GW%2Bh9E40R%2F2oMjDs%2B4IOKTwfSHRQtN8W4eOhEA6u0%2BmKL1ybSBoo7h0O0OPN%2B4EeZ2HzZlea8kLORzqLo%2FyJDT1kICZIfdmu8peReE0HO3ZAe3Asq40CMDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2EztTdRhhc8-urxPELj7M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 63E2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AP2EFNRDSZQ4QPS3CCJ7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C8EQZD8TK68PFH3KPJPG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 63E2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwL9Lfw24S4I4MKePM2kEQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjKvqW4fa0RHtr6OewWbOE&google_cver=1
43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjKvqW4fa0RHtr6OewWbOE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a607ead7a97a-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QU%2F8xUL6FX%2FLRX%2BqK06n4j5iw4Vx%2FRT%2Behxhy%2BBEcSzYtU%2B%2Bglrn828jts5tcRtbuji%2FRE4t9VNaImZzrnG8mhQ85bGFWrcL4bsHG3BjtArUXsJc%2BDMFUnE7ZuSBB4UapAn%2B8i8CJEXX7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjKvqW4fa0RHtr6OewWbOE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 63E2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a600e4e-96d4-4f57-a4f7-77818b1f684d&expiration=1663732270&gdpr=0&gdpr_consent=
43 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a600e4e-96d4-4f57-a4f7-77818b1f684d&expiration=1663732270&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a6043c19a87c-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFUzUyCiGTGN8uFylJZ%2BBQ%2BJ%2Bf%2BoamRqyN9rOzeyUWIWIs%2BNOPtp4BCCVvIlhkYNUV10CsX5WgAoFtC%2FZgiMCin5C3buCx2KeyZZeyFE8hz4oK%2BPtt4ClCJU8V7RCW35NUbvYZ4GjB1NaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a600e4e-96d4-4f57-a4f7-77818b1f684d&expiration=1663732270&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 63E2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB
43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.77.77.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-77-30.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB
date
Mon, 22 Aug 2022 03:51:10 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 63E2
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=080b22040766854161166544&expiration=[EXPIRATION]
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=080b22040766854161166544&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a60a7dd3a97a-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jUxscM878Qn4pKsVCNb7jxBUZrZkLJkbCv9xABLUsiUxnPAMeTM%2FddISa9ec41n6A3teSl%2B7shcC%2FciqTPGByvxs0pc2NmTMh6UWSYpuWM8gyjIY9SlHlx9dH3Ignk9x7jFpHc0akw%2BoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=080b22040766854161166544&expiration=[EXPIRATION]
date
Mon, 22 Aug 2022 03:51:11 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
crum
dsum-sec.casalemedia.com/ Frame 63E2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3a526302-fd2e-4a00-91d4-f8a0faba426f
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3a526302-fd2e-4a00-91d4-f8a0faba426f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a6048c7da87c-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZiMpPBlJ5%2BflhUSQvv8%2Fs5mT2IljgaoS%2F9d0947ufORLP7WYzIsCoS%2Bn0r8mWhqWcFR1eg8MYOMVSpeHuESBnY%2FD%2FjyAI8%2F3Ifz%2Bll8zWIM8fzjMCBQ1bRst6zHNZ5iQjqeN9BfpPJgdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 22 Aug 2022 03:51:10 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3a526302-fd2e-4a00-91d4-f8a0faba426f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 Aug 2022 03:51:09 GMT
crum
dsum-sec.casalemedia.com/ Frame 63E2
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8d87488b-238f-4cef-91af-47e27e7ece1a&expiration=1692676271
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8d87488b-238f-4cef-91af-47e27e7ece1a&expiration=1692676271
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a608bbb1a97a-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zR7XT0vLmlGH40fKxh48rWX4gif0dwAzCmctYYCLGak3%2BqQxZ9hOl9LPT8v5%2Bb52o5fGN4PqmbFUTqjxDlvvIrYSkL706WckPQcTKW%2BAmefRuIggbmJR%2FwxNRkq1T7UZcWRCAZdLy%2BQUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8d87488b-238f-4cef-91af-47e27e7ece1a&expiration=1692676271
date
Mon, 22 Aug 2022 03:51:11 GMT
server
Kestrel
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 63E2 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YwL9Lfw24S4I4MKePM2kEQAA%26261
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
HIT
age
220
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73e8a6044de95557-SYD
expires
Mon, 22 Aug 2022 07:51:10 GMT
sync
ads.servenobid.com/ Frame 2515 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4760478439128917803&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
bsync
visitor.omnitagjs.com/visitor/ Frame 2515 		0
0
v1
match.sharethrough.com/sync/ Frame 2515
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6816134479454627646&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6816134479454627646&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
18.136.32.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6816134479454627646&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 2515
Redirect Chain
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=15783f8e5de7c519122148bf1c3d0f966862c442&gdpr=0&gdpr_consent=
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=15783f8e5de7c519122148bf1c3d0f966862c442&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=15783f8e5de7c519122148bf1c3d0f966862c442&gdpr=0&gdpr_consent=
Date
Mon, 22 Aug 2022 03:51:11 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
pixel
cm.g.doubleclick.net/ Frame 2515
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjgxNjEzNDQ3OTQ1NDYyNzY0Ng==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjgxNjEzNDQ3OTQ1NDYyNzY0Ng==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjgxNjEzNDQ3OTQ1NDYyNzY0Ng==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
dcm
s.amazon-adsystem.com/ Frame 759C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4TR561QQE9NSQWBM61FE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
D5H4B8NHZ6HW975SFJJ8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 759C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a600e4e-96d4-4f57-a4f7-77818b1f684d&expiration=1663732270&gdpr=0&gdpr_consent=
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a600e4e-96d4-4f57-a4f7-77818b1f684d&expiration=1663732270&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a6043c18a87c-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXDpIzaca1B1sH0nZQ5z%2FEfk2M2KpuG2tMmhX9XWwH5I7Xt5nzPMk2UeVPC3DWmQD4jM2IJcYhqsK%2FWBS3804Kstc32vHYzLlPAdEgtB8Mhl%2BLJqAGF0UX2H6eufTZNeVfhaECHCmsoBYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a600e4e-96d4-4f57-a4f7-77818b1f684d&expiration=1663732270&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 759C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2EztTdRhhc8-urxPELj7M&google_cver=1
43 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2EztTdRhhc8-urxPELj7M&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a604bd1fa973-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxDc6DFCwVO76JI3DNk1XpPlstkBnj2DdM0Xxx96FYjPtrenltvagVjh5JkuANWm6i6ad5t0eezew9XaSJTAuQRURzzqbJeo%2BYNhAsslr2apErfKcVFvOwDJB07w90HxlrEBnr9CwEs7zA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2EztTdRhhc8-urxPELj7M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 759C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwL9Lfw24S4I4MKePM2kEQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjKvqW4fa0RHtr6OewWbOE&google_cver=1
43 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjKvqW4fa0RHtr6OewWbOE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a607ead4a97a-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WEtUXu1rwhnZp1gW77SFRtSNll4aPmIG1lZaRW5PJUrMTwZtw7mq4W3%2Fk5azE97zVWMYbJh%2BM63XCPcdu%2Bk2GdFoTA9RQWPf06k4HsAT4wAMSyC%2FgPCaj5Y7zN7uzy4lubQ0OhJe%2Bb%2F3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjKvqW4fa0RHtr6OewWbOE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 759C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD5Fk7GBfoAABASpwHsrw&expiration=1662349871
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD5Fk7GBfoAABASpwHsrw&expiration=1662349871
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a60b7f3ea97a-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpwvykHFRmYfNDlHNfGZvhUW6j5s7i7k%2BnvbraQsojpW8tdg5NjY5P%2B044fbJzh6bZlSmCMG1qTC7siwMquMeEYUaFN0xubmDAB4nST0MqHutXKyDHhS8fK6jxYf3HSMdnSd7JkGFqQYsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD5Fk7GBfoAABASpwHsrw&expiration=1662349871
Date
Mon, 22 Aug 2022 03:51:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 759C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=RUDPqykgPqPudohFazgS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2USVIRIHC...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=RUDPqykgPqPudohFazgS
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=RUDPqykgPqPudohFazgS
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a60a2d7ba97a-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JGnCrwqVNCsIRc7fuTzCQjJEinILo%2BdI0mDvBdM%2FP0x6rB1PHlVkMyLTZHYcRgPhBNEv%2Fs4m95bv9NJI6%2Bq%2FVHIUyWCCJ81MOsredlHjg7DfOMyIadstp2X45RbdZ6%2FHT5AUJ%2Fp4MddEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=RUDPqykgPqPudohFazgS
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 759C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xraEYFtU1OpYt05
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xraEYFtU1OpYt05
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a6043c1aa87c-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STvpJ4M62C21STckDTm2EGR%2FR8ZXMFnbOGpUEkuaYcPryX6r2mtHzsZmt6BzpkL11ylfaf28YZz6gjup%2BzZfwDWvbEubmWrdcS2tUSkwCKLAsXCBGbm5NyDENBwlfRVW%2B72wHtWjmFLIEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:10 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-01afc7b9ae03f914c@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xraEYFtU1OpYt05
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 759C
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7144266711334741122&uid=Q7144266711334741122&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7144266711334741122
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7144266711334741122
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e8a609cd05a97a-SYD
pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cETQ67pzA%2FZ6v8Yc%2B8wl8RI%2F8wBjiW6UVk6xIsTaUJZyvzfjBoHj1y%2FOtryXUrMvqlyCrUwOqYKr18ezEqRgWlpTjiQJsgZPp%2FaqQzeSm6QDkskdR%2FEKMICFRHt48hHLYBDA2vb4ji21eA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 22 Aug 2022 03:51:11 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7144266711334741122
Cache-Control
max-age=33895
Connection
keep-alive
Content-Type
text/html
Content-Length
154
sync
ads.servenobid.com/ Frame 759C 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YwL9Lfw24S4I4MKePM2kEQAAAQUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A566 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B531 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvU2uAWhW-h3nzvJpHd73uKnJu6nbNaM_2ArUr4AszrHNi7uLRE3HCA5-RB88gsWBQJlXfbrsEy4Iv1fTs1qSofNHhxl6P5SogVLGkxSKEhSkCg7oR4NnTaax4XkK4twXhwGFFvBbTJ40cjuZIAn6833wpWTZsnOEKEfDj8Krqo-DpZfp8PTG-MBOYmtdng8T_aa_ecZrSCWq2z3LF7ORHklabFfroZKj4gxLk1PXZPDD961y15A_Id67w4PMDakoU8dqlj45jCmVjjhEOAnq_0pzeDVuklgrLP3x_L6hiK7pw9GZ1ZGV9VLutpvnZ0EVEdX6Sn1HwzViPjApt6Z8rTn_CnCQXsvy3nYhe6GSAkK5pdEcCKcjKWACNuDkG7iINiws5eeq9TTo2RFAElxmjg2Nzh7HB6mjzPTxhhX3M_9TjG_RjoL0HUbBC8oi9c8DoCKnLc8GRlP7I8he11VUMgNaUJDyOKIiAOsOE35wtChAKenLONxIBE3angk0yQBVI4I8I6DwBEMrc2Nkrs6ee0dBwW80GIC6agDx9AT61Pl3UfQu_cFquPUDio3sgGT5Wz1QOutTfFpHJGOv4mJ9dl4Tz0mAGAF8MW3AXDq-CtFWf4l4XujCZvFLk48dS8IUvAMZ4oLnaBhVvCSAgJiee6ZiMr0JxkBd25C7kk_HfhQGhKVMupN2Je46kiSnAbkWxL3zoTKFBUVm6qPVKWhLiMKGhp9tg-5MifbZUldbrgo54oK2O1Fq_LN7YJkTMgDeZCjc25NN0YK2qdJOmvIpB1q811lcxj8BRs3UaPt1S1_ne5PD5qrmr0FX4QoDtKYVm0RxLWp-84euSpM2TTqAWScMbAtwLOs1NIV2adt9_yyc13PgBkf8Y17V4zFBgctB4hl77lIpY3M6Ca-qXle2MBUFWvg4gyKiX-LJFvd8bIW_dKs9mLDmrY3MO-w35ID0N_zbI0Fi1gC3TUOz6LmWQkcl9t0ZjnCHoRFneOFSRk0c_e14Lyg48AlJNW4xUhKITWfu3Rlke7BrPJskM3P_V9iKXOGedYu9Oiq7vp-DMyymVu5QFeh63_de_4CUh5j4eS3xco8-3fd0oR20biMxlWxlZxc9STVtQmg1kU1-YDzHwlpeVadr3CIsngCOXaXP_4M4B6CLs_zpfUg7G5RHhPbReRgQGxSG-Nw-tuBu4Po1mpGQw7fwDkAKlRP2ZjK3oA7QK2ImwFZ1csOahPhX-4so2Ih84pGkp9T04LJwAphCWRU-4tyPnKnz422ybV2SgoDDGlH5wv6D1soHR1aBIa_D7VwuNfTOywtKT0jkgNq_RKKsMxxnbTHYSGIL7aYzlCuYvR09S4E-NGwxGNyvmllp9Iv1l_uzH33PlkTXw551UTeQ&sai=AMfl-YTAfueCq0HSdoUOu1RNuEfXhyIjsLhBn_3jyt9qZ63ZvWRY3oBCliis9k0kwE2B8_TU_g5erUIkKKT8nJxsTm4vLfEfY6G6LdTtesV1Uk1yVQNEWye1wCFg9Ua58IAFBq2tO0ePZCLLHw&sig=Cg0ArKJSzHPYoA3Yvt_JEAE&cid=CAASFeRouvBtSyp1Vr6Uc2ScY8DGs6mRuQ&id=lidar2&mcvt=1012&p=60,450,310,750&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661140267251&rpt=2219&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7427 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14395946&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dd34b01af2607765874170f05d9d113f9b94b74aaaba7239860d9ecb27b86f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 050B 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
549fd811355173a6e1ecf68fca56fe912d8f0dab62b48c3a5d9b56314d380964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10992
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A822 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
eb8f239a09acfe37716affe5cde3b63e852c0fb33f34b88551c7278afa168227
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Aug 2022 03:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11046
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8E02 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:10 GMT
csi
csi.gstatic.com/ Frame B531 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l7480yjw&c=7259849927365&slotId=3629924963682.5&qqid=CIKH-tvF2fkCFQKASwUd_MgODA&dm=15069&event_name=first_play&asset_bytes=78690&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=2&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l7480z3n
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d7370b68e0b418395bf4335bf6e1f209.js?tag=video_location/web_och
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.219.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gru14s27-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6768 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
144968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 11:35:02 GMT
expires
Sun, 20 Aug 2023 11:35:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DD82 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
58f2621b2d0befb7ec2e5a958cfb2c9699ee0860b281307f900f237bdb36ce5b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--u-tlI_m01dgFVzgkVMjWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce--u-tlI_m01dgFVzgkVMjWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:10 GMT
expires
Mon, 22 Aug 2022 03:51:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 13A2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5ee3e2b294521befd0025c189e612ed2543efd6d36327b254569da26a8a96e88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48393
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Mon, 22 Aug 2022 17:17:43 GMT
usync.js
eus.rubiconproject.com/ Frame 3BD5 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5ee3e2b294521befd0025c189e612ed2543efd6d36327b254569da26a8a96e88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48393
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Mon, 22 Aug 2022 17:17:43 GMT
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=743498007902742434
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=743498007902742434
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
45e5bebe-3f89-4bef-946c-4a8c97dc44ef
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=743498007902742434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 3F92 		0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_2d3898a6-7c5c-45a6-bb68-d36168392ad2&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
p-cxanv6hYFn1kw.gif
cms.quantserve.com/pixel/ Frame 3F92
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28oXy9cG7Si7zVbXPN0H2oN-VzjuALjGekZzHktgU3rbzg6ECcPM5DKZHTY9VIVLvt%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_2d3898a6-7c5c-45a6-bb68-d36168392ad2&obuid=ENC(oXy9cG7Si7zVbXPN0H2oN-VzjuALjGekZzHktgU3rbzg6ECcPM5DKZHTY9VIVLvt)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DoXy9cG7Si7zVbXPN0H2oN-VzjuALjGekZzHktgU3rbzg6ECcPM5DKZHTY9VIVLvt
0
0
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=b17d62dd-5311-4590-94f5-aeb2ba74a838
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=b17d62dd-5311-4590-94f5-aeb2ba74a838
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Mon, 22 Aug 2022 03:51:10 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=b17d62dd-5311-4590-94f5-aeb2ba74a838
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f5dd8de1-fc33-4d32-49ef-4d59fe7fc6b7$ip$173.245.209.142
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-f5dd8de1-fc33-4d32-49ef-4d59fe7fc6b7$ip$173.245.209.142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-f5dd8de1-fc33-4d32-49ef-4d59fe7fc6b7$ip$173.245.209.142
Date
Mon, 22 Aug 2022 03:51:11 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-OxUwPMhE2pe0ZPcpr6JqOmppNkLHqP0xDiUt~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-OxUwPMhE2pe0ZPcpr6JqOmppNkLHqP0xDiUt~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Mon, 22 Aug 2022 03:51:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-OxUwPMhE2pe0ZPcpr6JqOmppNkLHqP0xDiUt~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=eb17feaf-c124-44c4-9a97-3572bdcc5d63
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=eb17feaf-c124-44c4-9a97-3572bdcc5d63
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=eb17feaf-c124-44c4-9a97-3572bdcc5d63
Date
Mon, 22 Aug 2022 03:51:11 GMT
X-CI-RTID
ca18c6e7-f6c0-47d1-b34d-5c2117418592
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 3F92 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.174.27 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
914785464
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 3F92 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_2d3898a6-7c5c-45a6-bb68-d36168392ad2&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=RUDPqykgPqPudohFazgS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2USVIRIHC6LLM5IHCUDVMRXWQRTBPJTVG...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RUDPqykgPqPudohFazgS&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RUDPqykgPqPudohFazgS&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:11 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RUDPqykgPqPudohFazgS&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=aa77fb1f-820b-49ef-bd60-dafebd8e21f9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=aa77fb1f-820b-49ef-bd60-dafebd8e21f9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=aa77fb1f-820b-49ef-bd60-dafebd8e21f9
date
Mon, 22 Aug 2022 03:51:11 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
x.bidswitch.net/ Frame 3F92
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004&rndcb=3276895532
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b757c3aa-bc9c-4905-b1e8-3e6e1215d4dc&expires=1&user_group=5&ssp=adconductor&bsw_param=ff6545ae-426f-4d00-9b6d-b32eae13e378
0
0
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=eTo29C6La86X&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=eTo29C6La86X&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://usersync.gumgum.com/usersync?b=pln&i=eTo29C6La86X&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d98db7788-rnm6x
expires
-1
usersync
usersync.gumgum.com/ Frame 3F92
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6816134479454627646
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6816134479454627646
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6816134479454627646
date
Mon, 22 Aug 2022 03:51:10 GMT
content-length
0
sync
ads.servenobid.com/ Frame 3F92 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_2d3898a6-7c5c-45a6-bb68-d36168392ad2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 3091
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=ade56302-fd2e-4900-81b6-9408a7a8b32f&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=ade56302-fd2e-4900-81b6-9408a7a8b32f&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:10 GMT
Expires
Mon, 22 Aug 2022 03:51:09 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master hkg-pixel-x5 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=ade56302-fd2e-4900-81b6-9408a7a8b32f&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 7072
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YwL9LQAINHkEXAAK&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YwL9LQAINHkEXAAK&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 22 Aug 2022 03:51:10 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YwL9LQAINHkEXAAK&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10148-SYD
x-timer
S1661140271.783117,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame DF1E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8yZDM4OThhNi03YzVjLTQ1YTYtYmI2OC1kMzYxNjgzOTJhZDI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F944 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=34742
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 22 Aug 2022 03:51:10 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 13:30:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C4C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=0a600e4e-96d4-4f57-a4f7-77818b1f684d
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=0a600e4e-96d4-4f57-a4f7-77818b1f684d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 22 Aug 2022 03:51:10 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=0a600e4e-96d4-4f57-a4f7-77818b1f684d
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame EDC2 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.112.134 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 22 Aug 2022 03:51:10 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 4D88
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YwL9LcCo5uYAAO49YTQAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YwL9LcCo5uYAAO49YTQAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 22 Aug 2022 03:51:10 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YwL9LcCo5uYAAO49YTQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
6
X-SO-Cluster-ID
7
X-SO-HostName
a-ad40145.dc2p.scaleout.jp
X-SO-IP
173.245.209.142
X-SO-Key
YwL9LcCo5uYAAO49YTQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":7,"gdpr":false,"ipv4":"173.245.209.142","key":"YwL9LcCo5uYAAO49YTQAAAAA","privacy_sensitive":false,"uid":"YwL9LcCo5uYAAO49YTQAAAAA","upstream_id":"a-ad40145"}
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-UID
YwL9LcCo5uYAAO49YTQAAAAA
X-SO-Upstream-ID
a-ad40145
usersync
usersync.gumgum.com/ Frame 1CE7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=YwL9Lfw24S4I4MKePM2kEQAA%26261
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=YwL9Lfw24S4I4MKePM2kEQAA%26261
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e8a604bd24a973-SYD
content-length
0
date
Mon, 22 Aug 2022 03:51:10 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=YwL9Lfw24S4I4MKePM2kEQAA%26261
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp9dl0cnITTRe0U2%2FbHkEdulDopqps6pb7FU3ayQuU3lkyK5k4ffBvzJt1lLbxv2pXzD0mEG4TD1Py26dw9s2XYC%2FDtb%2B1elCDiUVHicKIKtHgddzV3eL0WWw4pIO51EnHFsb9K1f%2FErTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C0C2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=Iex7cTtV60KFF24oASJt&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Iex7cTtV60KFF24oASJt&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 22 Aug 2022 03:51:12 GMT Mon, 22 Aug 2022 03:51:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Iex7cTtV60KFF24oASJt&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 66B4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Aug 2022 03:51:11 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 22 Aug 2022 03:51:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6FBA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
144968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 11:35:02 GMT
expires
Sun, 20 Aug 2023 11:35:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C4EF 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
85eebf29ba90a6d0cab377dc70e5ac6113a378397be48ad4ef0ccb3b7eeffdb6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-emG_vxrLg50CTZWKJQWtQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-emG_vxrLg50CTZWKJQWtQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:10 GMT
expires
Mon, 22 Aug 2022 03:51:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 050B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A822 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 03:51:11 GMT
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 6768 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
459678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:09:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DD82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=1633590741388991&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bqi.php
lg3.media.net/ Frame 7417 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3007&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8PO15GP54&katbid=-103&katen=1&cme=FtxZVk6KfJfgBZHYirhsyq7XZNIPv5Pn-1iylAbPPdQC9uJGEF6AvhKXa83zSlTU3RpHk0fr4yMO9vVJiem9fg0DQOUhSwDPjLemw3WlZi9-UkvSPSu1fJZOHRbJK2J6z8KkFxJldtWdAcFILPTGqY8mTioc7EGaBEzV7VTvigl8cYI5AvJVVZg0kOe5myHuuun9ON3GURJhxu7T6eECew==||u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|a0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo=|xrl5Md8q4--Fy0OUtnqyq87TUqV3eBzav9_8O2wUo_jlgFwn8JB2Og==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|_0CD0nxQ07tnlZ3cUJxd_VHZnMO9DbmSmM4iPjAKDXmdDWxPFrQUbIhnwVUY60nSgwl4efTr5UcQzxxcHfzin0-in7XlpCIPxRvr6PbC678_SxzXxQ2S6QDtUapzxVlg-bADG6sXvWFFjvlylg3oOwp6cAHZ0QnLAmExwEVIzinuOFwb9NHzkSVMmHGpu1RQh7UEkMePrN5dxygzfTc3YqCkeD55OOJ9drjp-HarUR4=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&requrl=https%3A%2F%2Fwww.bg3.co&vi=1661140268714200095&ugd=4&cc=AU&sc=NSW&bdrid=313&subBdr=186&vgd_kwrf=https%3A%2F%2Fadx.holmesmind.com&startTime=1661140269099&l2type=sca&vgd_l1rakh=1661140268191794084&l1ch=1&cref=https%3A%2F%2Fadx.holmesmind.com%2F&sttm=1661140269108&upk=1661140269.10654&hvsid=00001661140269108029185683349539&acid=b9000a01cb4749d981266d91c9c05480&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D522~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082120~iurl_b%3D60753.34~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.16~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D8%2C8~et%3D18~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082122~vis_b%3D116.08~url_b%3D0.02~url_tvi%3D1844~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw43gPVXibY9RDw8~btd%3D15749759548417329365875974534286979634049254885811154498233912421391106466713604~d2p_l%3D70~3pcf%3D1.3~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.96~ogd2p_b%3D0.92~vurl_b%3D0.1~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D18.06~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.24~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.2~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.015%7Edmm%3Dharmony%7Esuid%3DCAESENX81d_HESuJtqqxeXy-hWE%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.9962764E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_sc=NSW&infr=1&twna=1&stime=1661140267428&vgd_ecrid=1700080812610100250025000000500&l1hcsd=l1!A12|5535&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=1&vgd_pgid=p11634102580t202208220351&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 22 Aug 2022 03:51:11 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=41006
content-length
15
sodar
pagead2.googlesyndication.com/pagead/ Frame C4EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=2744689635591038&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame 13A2
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L7480UET-18-BG0B
  • https://ads.servenobid.com/sync?pid=323&uid=L7480UET-18-BG0B
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L7480UET-18-BG0B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.servenobid.com/sync?pid=323&uid=L7480UET-18-BG0B
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 6FBA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
459678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:09:53 GMT
cksync.php
contextual.media.net/ Frame 3BD5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L7480UET-18-BG0B
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L7480UET-18-BG0B
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L7480UET-18-BG0B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 22 Aug 2022 03:51:11 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L7480UET-18-BG0B
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
match
c1.adform.net/serving/cookie/ Frame 30F0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3777101F-7765-4B0C-8FB5-1C30678B2C23
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3777101F-7765-4B0C-8FB5-1C30678B2C23
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 665A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a526302-fd2e-4a00-91d4-f8a0faba426f&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 22 Aug 2022 03:51:11 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame BCE4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwL9LQAINHkEXAAK&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 22 Aug 2022 03:51:11 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame D6E1 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:12 GMT
Pragma
no-cache
Server
nginx
expires
-1
ImgSync
image8.pubmatic.com/AdServer/ Frame F590
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 22 Aug 2022 03:51:11 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 3AD2
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wrmnmnrturg
1 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wrmnmnrturg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Mon, 22 Aug 2022 03:51:11 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wrmnmnrturg
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 4CDB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:xraEYFtU1OpYt05&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 22 Aug 2022 03:51:11 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
pool.admedo.com/ul_cb/ Frame BC0C
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-cd997277-7d4b-4a8b-b3ec-17693c5fdcac-004&rndcb=1709143089
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ff6545ae-426f-4d00-9b6d-b32eae13e378
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ff6545ae-426f-4d00-9b6d-b32eae13e378
0
0
pxd
dps.jp.cinarra.com/ Frame 7468 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3777101F-7765-4B0C-8FB5-1C30678B2C23
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.41.24 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Mon, 22 Aug 2022 03:51:12 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 393D
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=a9a93a8a-21cd-11ed-82d0-b1eae87d11f8
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 22 Aug 2022 03:51:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 22 Aug 2022 03:51:12 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame F31B
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hve6EEXJAXGMeVhlLf0CYw
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hve6EEXJAXGMeVhlLf0CYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 22 Aug 2022 03:51:11 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hve6EEXJAXGMeVhlLf0CYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 0D15
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=0be0ff3769714862a980c188680193a4
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=0be0ff3769714862a980c188680193a4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Mon, 22 Aug 2022 03:51:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=0be0ff3769714862a980c188680193a4
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame A8E4
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 22 Aug 2022 03:51:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73e8a60848bba7f6-SYD
content-length
0
date
Mon, 22 Aug 2022 03:51:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
cookiesync
core.iprom.net/ Frame DFC0 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 Aug 2022 03:51:12 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-8dfbb086dc9b@version_1.522v2
X-core-time
0ms
X-server-arch
v2
i.match
a.tribalfusion.com/ Frame CC41 		43 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
73e8a607abb5a979-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 22 Aug 2022 03:51:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
141
match.deepintent.com/usersync/ Frame 5976 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Mon, 22 Aug 2022 03:51:11 GMT
server
c
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 25AA
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c304ba6-8c28-432b-abad-94d31487054c-tuct9fc82af&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c304ba6-8c28-432b-abad-94d31487054c-tuct9fc82af&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 22 Aug 2022 03:51:11 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10162-SYD
x-timer
S1661140272.615951,VS0,VE129

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 22 Aug 2022 03:51:11 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c304ba6-8c28-432b-abad-94d31487054c-tuct9fc82af&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10162-SYD
x-timer
S1661140271.407840,VS0,VE103
x-vcl-time-ms
103
ImgSync
image8.pubmatic.com/AdServer/ Frame 02E4
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E021DABD8BD74A878C3186B77A86F3C2
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 22 Aug 2022 03:51:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 22 Aug 2022 03:51:12 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cksync.php
contextual.media.net/ Frame 4BD9 		45 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3041418686833446000V10&type=pba&refUrl=&vid=11402694373041418686833446000V10&ovsid=3777101F-7765-4B0C-8FB5-1C30678B2C23
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Mon, 22 Aug 2022 03:51:11 GMT
expires
Mon, 22 Aug 2022 03:51:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7427
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N3cQH3dlSwyPtRwwZ4ssIw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34741
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 22 Aug 2022 13:30:12 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rcs
tags.rd.linksynergy.com/ Frame 7427
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3777101F-7765-4B0C-8FB5-1C30678B2C23
  • https://pippio.com/api/sync?pid=5324&it=1&iv=40264f97c37ade9d1f33f3a2ab11413d862159bef9941fff3329a811be860412791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0MDI2NGY5N2MzN2FkZTlkMWYzM2YzYTJhYjExNDEzZDg2MjE1OWJlZjk5NDFmZmYzMzI5YTgxMWJlODYwNDEyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0MDI2NGY5N2MzN2FkZTlkMWYzM2YzYTJhYjExNDEzZDg2MjE1OWJlZjk5NDFmZmYzMzI5YTgxMWJlODYwNDEyNzkxNDI2YjU0MTdkY2UyMRAAGgwIr_qLmAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3a526302-fd2e-4a00-91d4-f8a0faba426f
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3a526302-fd2e-4a00-91d4-f8a0faba426f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 22 Aug 2022 03:51:11 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3a526302-fd2e-4a00-91d4-f8a0faba426f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 Aug 2022 03:51:10 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFzOAfCxAAJIjRJGUjbrhfc&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:42C8EC6DBB384582B75D15A1CBB036AC
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:50:46 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
3777101F-7765-4B0C-8FB5-1C30678B2C23
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7427 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3777101F-7765-4B0C-8FB5-1C30678B2C23?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.77.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-77-30.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ImgSync
image8.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0a600e4e-96d4-4f57-a4f7-77818b1f684d
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=743498007902742434&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uimxgup-s4ihK7LV6Cmshb4i4NahL-OGui9O7oK_
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=433&user_id=1g65rrddzq5d&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=
1 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ff6545ae-426f-4d00-9b6d-b32eae13e378&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3777101F-7765-4B0C-8FB5-1C30678B2C23&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-n6XWatVE2uXsU7pMvLzk.ExuhEi2ruM-~A&gdpr=0&gdpr_consent=
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-n6XWatVE2uXsU7pMvLzk.ExuhEi2ruM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-n6XWatVE2uXsU7pMvLzk.ExuhEi2ruM-~A&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:11 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
c1.adform.net/serving/cookie/ Frame 7427
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3197216183288605362&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3777101F-7765-4B0C-8FB5-1C30678B2C23&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=64342b9d91932045&is_secure=true&networkId=17100&version=1&nuid=3777101F-7765-4B0C-8FB5-1C30678B2C23&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALduuhvPwOcwNuC_AAAAAAAAA&expiration=1661226671&nuid=3777101F-7765-4B0C-8FB5-1C30678B2C23&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALduuhvPwOcwNuC_AAAAAAAAA&expiration=1661226671&nuid=3777101F-7765-4B0C-8FB5-1C30678B2C23&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALduuhvPwOcwNuC_AAAAAAAAA&expiration=1661226671&nuid=3777101F-7765-4B0C-8FB5-1C30678B2C23&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=743498007902742434
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:12 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 22 Aug 2022 03:51:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
d1ba4609
rtb.gumgum.com/getuid/ Frame 7427 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3041418686833446000V10%26type%3Dpba%26refUrl%3D%26vid%3D11402694373041418686833446000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
generate_204
tpc.googlesyndication.com/ Frame 6768 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nQfJiw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD06 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
144969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 11:35:02 GMT
expires
Sun, 20 Aug 2023 11:35:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 10EE 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
6bf85f1310ec2e19b5342b3dbb469344d3e5f0b6919cec977bd14820feaa8a03
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LjrkJI61i9e5V1WwRRJv_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-LjrkJI61i9e5V1WwRRJv_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:11 GMT
expires
Mon, 22 Aug 2022 03:51:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA9B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
144969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 11:35:02 GMT
expires
Sun, 20 Aug 2023 11:35:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 316E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
68d7603936287ec5483156f16773b1fe571e360b3450a03a5cfdd9a46e303565
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qfo61VEcyWn71PhGb9cM6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-qfo61VEcyWn71PhGb9cM6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 03:51:11 GMT
expires
Mon, 22 Aug 2022 03:51:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 6FBA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rO3NaQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usync.js
eus.rubiconproject.com/ Frame 66B4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5ee3e2b294521befd0025c189e612ed2543efd6d36327b254569da26a8a96e88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 03:51:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48392
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Mon, 22 Aug 2022 17:17:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7417 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswZBja-tilUM1f3JuKKLYvG0EvIz1LvdQR9KmJAj_V3yp0wHNwrXAY0AjA28msRs4tFjJINd_o2RWGFXyWcw4JCFQ8&sig=Cg0ArKJSzHHf2jluxnfWEAE&cid=CAASFeRoQ4ZFT7zH6cw81shyslbi66j-ag&id=lidar2&mcvt=1013&p=0,0,254,250&mtos=0,1013,1013,1013,1013&tos=0,1013,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661140267382&rpt=3116&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Aug 2022 03:51:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 10EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=3201935511870513&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame AD06 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
459678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:09:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 316E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=1369396865685979&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame FA9B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
459678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:09:53 GMT
usersync
usersync.gumgum.com/ Frame 66B4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L7480UET-18-BG0B
  • https://usersync.gumgum.com/usersync?b=mag&i=L7480UET-18-BG0B
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L7480UET-18-BG0B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Aug 2022 03:51:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L7480UET-18-BG0B
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
generate_204
tpc.googlesyndication.com/ Frame AD06 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?x5SJzg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame FA9B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Kf3Ncw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 03:51:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A566 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=1633590741388991&bg=!_v2l_bnNAAYUOm8VNDo7ACkAdvg8WkuD6k-ymdPBUkvtwtuhsFFi7idM6i4wmUQGyyoIQyIpdO-ZBwIAAADcUgAAAAJoAQcKAKBIeHKWMf2lFboSirralinnr3XqupvcEP1dj993LjcG4myvtSdgdG81v4stofmdY7fWBvKM5vOH7HmBflvj-C-_Q7juw443e0a7YQ1Ekin6fch6GO2f_Pkv49ADdyDz6pUYzKQil-xkhBDUBmr4sxEJ2Z1IV0L6ep2kn9LSZe9Y5zx9kiEy3WUUQglkWdq5BxboXR57XHFpgjnkyoUz175vmQLT_Htihs54kFZJJZB-96ZYfDkNQptUe3rGhwFHoi43V6eOLOmxIysr9XMQkCdaeSATbqPJUk2oTbR6WNzXleS86q2l4Px7A8EerwMOlWahZIV5-fc4vAHgbT4DPZKf5ZuBlMBTNIK_0klOZ4LzoOdpVqjkuPNmMQ5KTf7e86rQnP2To77p8HIMtUazxS7yrn7IRpikzqgtSFpG4foWqzBcJOcaj1BuQLjGN5yzwBfixHItdOLUp1kWtNMXOTdzSAMnexd08x6yz9AbH96T-eNHKSTElmJzkpCiaLhVcrnE17nE89HR_ujdpwBxKbWql8aLu8Ec2Yvb-oWS5jaascql2j6Fwr46UQ44EFH7gQb9U1TCFTwwna6wP77Yl_bGY8vRcsvvFwjtfDbJwYpDvumeR1inH4tH-2hXgP0Vcd5iMRx4ZqOuBBaUVDOMGdjiyXVAo5T7-KKM1-e6wdY6T3X9--4gZv-i93aSWMegj3XhhYLEteCglW0IdnxeWjqINI5N5dSKgDNo4iAQgOLwpM2Xy1qFblgTCtouUOYroyerw1eA9wGOB-gEafCL9EDfp4cIKl0j9_MrZJqRV3Gr3AsOdob3RjoXy30U6SqPWRmWRwIpdgB2MLkl-zPFNi7SzvCNnUvOySBp_7cl3JIzlLQOTDVWdod_T5kuBGqkV6khfDahv2Ch6ViYINAX1q4MxKy2KVtLsqil0gJ8bp9WgAbOnM1f8hWmsL4sm6iOLM8WDyjH2xZTjKUwiGeFBb2obfAtJ0vsJ5hVGqCDuVe8t9pAZvQ4lVv2KKhsJkZxnOZbVX5zBcxi_B1g9xqeTFDYBLFs7ApaNDugJEVyaXqF9ICmIy0VMsaFBa1kkbIxrqInB4oIcmUROal7vBnBxU_cLknhcZPPbRL8syZlv4nEfdFQWduFhw7LApHqWNLC2pPzWSgXIE5MNLY_8iR14pKqWcesQTRm
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8E02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=2744689635591038&bg=!FhWlFVHNAAYUOm8VNDo7ACkAdvg8WnCX_L4r0-QJCrv-TzcWxrs3xsp1PrmaUOt-SMOF0_2t9KcFPgIAAACsUgAAAAFoAQeZArHNkNxxn6Z-5x6dS8B7SxQCRZ1U_dx0YBMEiyWhnf0pks9phUMwGa0u1BQJ0JXbz2onUBq-cnowVdO4IrqLLaU2NnyXkQLBM4IUFl0K7dqyd5cgdausGehpEIzANXyRvVEiU_X24MepFJLqpRGnz0eNK54id9EW2PRwTLBMJu5Y26-tWM_-aLUcQRMXBSMWsRCrWVIyhytA31WXOHCznW5GMW7G47pRWX-RhIXPAFfNrRtP66EOV9ZQCfxR8peqxmAV0Va3iAyVxlBa0qir5CD6jAuQ1FQUmOheyBZr4docUWYeCXH5AUBxdxRvv996oQrqwwzt-7EP8EEvmNYKHZqjsMevx3DS7QbuPaSXuQW_REE41M86UJxhSnFRFhXiPtN9UquaUpVfcu765Xq4AoK9RiXRz_MrcXlBLWaJt9sK7vqxAdnFCu2QYbeBWftXxOA-HT7g_ZAkaK2jB9hdOJzlE4JSNuHoEURy2faSZpH0j5IFsBystSWZy8sLJ6j88Ii1jv5Hkx70fl-8vQT4wpadA1qjAeKGp6-z3Ltgyro6Q12lO2coC45TmoNc14KcrSrfl5HHeKy8vKWmQroaQVsNKRhvSP0uoqegIer-LsfCkKhk7i97WcoRAuALrOBmj6gBcG-hqHSFdQr9HPf356Xnvry2ME4_fXxcONyfuJMGlaS_rMMnJfytQc7i9WaX9aRrXH5XYHk3Kz9Io9bX7nqkj99bu2ATIBd2bvCn3m4a4NiuwNwSgpSfegMXq0eU5qVhUirP9W80mEwUKiMsQgrjf3_9h2IyexTFvr_6HC1qSqQmMbxZl1Eiz0lBIPO51aNWsDdPEbTbBKH86LHx9BYY5VRZLtvK76WhOGNgni1PQXfqJSxKEau5lVM3yeDVv4Rw9yc_Ydw4MyIK3NLIQt3iYA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 050B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=3201935511870513&bg=!Dg2lDUnNAAYUOm8VNDo7ACkAdvg8Wh6O6vX9eGN1Uc-l2-43_-eKXuYuQtT4CIHFWSr8SMAonG3U5QIAAACcUgAAAAJoAQeZAs9BdghmEUok9dNXi0rq6SO2ULYrmZ0hNTF5hhMy52nvPBiNLUe_yKhAdqlOyqrdCnZ0FtVrFd33W90oBRe4pj0FHsfMEwaRVUSQkVRZ9yAtsY0DRdpYzgwONmia9AbO6iQAcHu0OmRR7TmLTlxCrzmS6vTEHlgQtTnrW6Df3yrNdyy3GvZxNT9nCRi5d79ecqtzx8STHmgQ1zCINs113GVr3PJWNASYcdJM-ahG-lNVMqyTwEL5wZLrfyBaonBZtfc43ncjLGfVtygW_D3JgVkqgHKIaO_o440Nxmr8e6FwkKAxo0jOF9Zbkj4tv7y4qk9iVc-S2TsjWPCwMgnQvTtu7O_wHU-fK15SGbw2ffA7MxdI-Cfe_xom3de7CrzjOHXx12i7MZrCalHRLyWAyZfWSSqPAaxz12mRFP8c9qsc8Oy4xtCOvp9XCVacK-roniHu0yIQeTwB1qXZmpktkEA4LW_leEyeGXCKjagh9FYP82yWqQBpjsmmh0eeCR3WRiCSMH7XTGWG42Sofw-fb7fL2gyhsui3-0twMyl6kI7IGXXqow4gGaanYWM2ICVzlbqnR6srfAutvCPYkAiSBFR8FmCD9o3U85-A06rz2sALbwDE_SR2GB0kxGDSCa0HocVpLHjdR_Kll0VLnKAlw0yRwvt1VcmCpBHmRENrXcJudInIFRgCUh5eZwTtvGqANJuvLkoWkVlO6Aw1KFE-xYSvhI44Y1MI2Dc1UX1iwCfEefMBlKsqvNk49myYhiEBkG-DXcONvZr92xYgYtXx4VUvuyTlevjV0Il-_JAiyvITfRgDJRi3mFLZd3YUvj7EOy4eqcR5cK_x8w9Lhu4Vj1xQ0aEP1dLXLuZ-pkWiJtB-Y1vfFuYmiFTxKaS9-LfULqzPbsmrl2_oKmD_opIHDv7vnpW1lNIoqCX188eYGFNH86AHNaa24yWAk5ksB1IJVw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A822 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=1369396865685979&bg=!ZWalZiLNAAYUOm8VNDo7ACkAdvg8WtBQhZNBy1ws1UYHjik2rNs35hVtHan-H6N50ir5euhNL_0PrAIAAACXUgAAAAFoAQeZArD4PkCoTYAVuG5YZdxXG1qm5Ow2dq40aPZOup_evvgpv5nijyB8uO9GgMMCe7IUKwEcnrHE16UcNERQOWV8-0Fo6dMDVJcTMwJl2c4GhnuPiRb2tTroQ0ARudmogIVVznWCSQ74wcZ42ArSxfw2LxV-rBZm9g9ge4-tILg79aAqGbd29mwWewIJkUU4E_lnaMBCDHCiT5lUK5I5RoyYuHmgEmAdAH6qeAZocWGWFieRdkAOaEO4GEs2PP3G0WwUzok3twCSu0d1noJG7VZSjoYY-iU6qQcnandGN4ragtMQqMY196OSrzywOYR7I2wg7E3YNlyymdjgEkDnwkd6hRgilLsHpW3tWVGXYZysIZ1ype-EcPeeAkFE-YunMbZsht-EQm2R6COmB0R4Z2faNZHlYErTOTO2ybqvxXlpoG1QpHyXblA3AKi8wotcHiWirNXzu_AyJQqUTaBtnz6QS9BEdP_GU6Eusl8lI11-bdOlwBL62ntd6MQA_mDehU3QQKKxHJuITBaTBapf1M3OlRS93WVOkHxeM7vsfibePHE-qQgrUKGtMUH_Ue0Xy4J49D8QEZcf4Cisn_-kVZZ--nLfdAwLmRFJv0KI5UvgxvgyGswvdNGIskWkC8EC4Y6gcOrYAnLkq0r5Swgee2kPoAUfD0ytCgtdjk1XE9lg1ScrY9eMKF8v0C835blKF5Reie4JShZucSS5QpoEgbDaqJAV3hsvgCo4lXdAlFnhtZBooqVggC7cDz7o95HqXEpWYYxuJbaIXtB0-7fFCT5sDo3sdRwqCVxQlnnEe0sUR3PgyfQu-yg8AV1vdFwVM_GxdvOzXSNHtRLJIyReG-_eKhVtZ-hfC6SkRB6wW6sE93H_fkzxxbTmlSuSdlrvlDSyfAdmLD0ebCZmpT9HrwO1ytTd
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rtb.adxpremium.services
URL
https://rtb.adxpremium.services/openrtb2/auction
Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2409&xuid=ff6545ae-426f-4d00-9b6d-b32eae13e378&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Domain
ad.audience73.com
URL
https://ad.audience73.com/adx_sync?google_gid=CAESEEHnvkvnqGWSew2I0PnWJJM&google_cver=1&google_push=AehlK4ANNrGxu6DC3E9Bu5QO98z-dDl2mrgcz69iwBUpfMcsXaMDhgto6yLWPXPddpvrur6Js5PdrXAWO0dIaAipARsULTRfGOWleg
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=332&uid=e9bf7a9c-6383-4c34-8e35-06c74d088111
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DoXy9cG7Si7zVbXPN0H2oN-VzjuALjGekZzHktgU3rbzg6ECcPM5DKZHTY9VIVLvt
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=283&user_id=b757c3aa-bc9c-4905-b1e8-3e6e1215d4dc&expires=1&user_group=5&ssp=adconductor&bsw_param=ff6545ae-426f-4d00-9b6d-b32eae13e378
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3777101F-7765-4B0C-8FB5-1C30678B2C23
Domain
pool.admedo.com
URL
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ff6545ae-426f-4d00-9b6d-b32eae13e378
Domain
tags.rd.linksynergy.com
URL
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias string| currentState object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator object| google_reactive_ads_global_state object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| listeningFors number| 3pla function| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_127 object| Criteo_prebid_127 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

71 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQg_GznawwCgoIgQIQg_GznawwCgoI4gEQg_GznawwCgoI5gEQg_GznawwCgoIhwIQg_GznawwCgkICRCD8bOdrDAKCQg6EIPxs52sMAoJCAsQg_GznawwCgoIjAIQg_GznawwCgkIXxCD8bOdrDA=
.aralego.com/ Name: sspid
Value: ca1151b5-e0cd-3e1c-a1dd-669fd7e348d0
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: a28f42aa-c10e-4c05-943d-8d7bae17eb3b
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 95ecf9f4-d283-4231-a958-76b716039a83
.adpushup.com/ Name: ap_uid
Value: a49a95c0-21cd-11ed-a0fc-000d3aa18564
.adpushup.com/ Name: ap_usid
Value: a49a95c1-21cd-11ed-a0fc-000d3aa18564
.openx.net/ Name: i
Value: 95ecf9f4-d283-4231-a958-76b716039a83|1661140263
.bg3.co/ Name: __gpi
Value: UID=000008dec8ac2ceb:T=1661140263:RT=1661140263:S=ALNI_Mb0Q3maZMcwdrYC10dcZG6nRWCQ5Q
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwp_qLmAY4AUABSAEQp_qLmAYYAA..
.adnxs.com/ Name: uuid2
Value: 743498007902742434
.rubiconproject.com/ Name: khaos
Value: L7480UET-18-BG0B
.prebid.a-mo.net/ Name: __amc
Value: 1_1661140263_1661140263
.a-mo.net/ Name: amuid2
Value: 46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
.prebid.a-mo.net/ Name: sd_amuid2
Value: 46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
www.bg3.co/ Name: cto_bidid
Value: lyTJrl9XUThySlFiSFNDRlR2RUlWUTdib3JKbEd2R3Q3c1NpdWozT25JSkE5c3pHblBjUFd1aTE5OThCS1lUQ0oxZXJKNGtlMTRrUEh4eCUyQlclMkZYVndveTR2TlElM0QlM0Q
www.bg3.co/ Name: cto_bundle
Value: bY5ktl9BOU1sTkc5a29vdnJLS1pSJTJGZjExeHRpeCUyQkt2Zmx3SjhXS1MlMkYwV2JDVERXRkY5dERiNGFQMUxWQWJvVVlVb1lySmVkSlhsTENqYzk4OWRQT3Q2YTJ5amhBQ3k5RFlLVmxuQ1M2NnZ1dDVKQSUzRA
.teads.tv/ Name: tt_viewer
Value: f13830a5-fa8f-452b-84c8-5242fd0d5548
.quantserve.com/ Name: mc
Value: 6302fd28-13ed3-528af-5b665
.bg3.co/ Name: __qca
Value: P0-375065468-1661140263977
.bg3.co/ Name: _ga
Value: GA1.1.806427578.1661140265
.bg3.co/ Name: __gads
Value: ID=e392b00f4598d0c6:T=1661140263:S=ALNI_MYZR_2aN3WUahh6QyrUdC5Q-5rRfA
.doubleclick.net/ Name: IDE
Value: AHWqTUlboEnvzkYVkwcXNcZcrj-bkOAz-qX5uiBlJbTq6-Xqc7bbAVL-Wysuofmuefc
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1661140265.1.0.1661140268.0.0.0
.adsrvr.org/ Name: TDID
Value: 0a600e4e-96d4-4f57-a4f7-77818b1f684d
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%220a600e4e-96d4-4f57-a4f7-77818b1f684d%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-22T03%3A51%3A08%22%7D
.openx.net/ Name: pd
Value: v2|1661140268|jElYiuvOiahI
.yahoo.com/ Name: A3
Value: d=AQABBCz9AmMCEGg2gAq8tAPs-WEytbo159sFEgEBAQFOBGMMYwAAAAAA_eMAAA&S=AQAAAqE5JbCJlCn_3MFI3d7YeBY
.3lift.com/ Name: tluid
Value: 6202850579133987121
.openx.net/ Name: univ_id
Value: 537072971|0a600e4e-96d4-4f57-a4f7-77818b1f684d|1661140269051489
.c.appier.net/ Name: _auid
Value: hve6EEXJAXGMeVhlLf0CYw
.c.appier.net/ Name: _gu
Value: CAESED-eiZmx2sfxWXby-CS8xhI
.analytics.yahoo.com/ Name: IDSYNC
Value: 196y~26q3
.blismedia.com/ Name: b
Value: 6302FD2D0017E60B1B458FEBBLIS
.tribalfusion.com/ Name: ANON_ID
Value: a9nsIHs2aF9pAJsbYLnZblYwKrdp2CX9jiB1HYCrdNiP0Ur44U8SijSlZdFHbfLnewSId9MgQanqdDrMKSUy6ukDxv
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjQ2YzBlYThkLWJhMDMtNDVmOC05MTVkLWI3Y2M5NzhiYjBlZSIsImV4cGlyZXMiOiIyMDIyLTA5LTA1VDAzOjUxOjA5LjQyMTY0NDQzNloifSwicnViaWNvbiI6eyJ1aWQiOiJMNzQ4MFVFVC0xOC1CRzBCIiwiZXhwaXJlcyI6IjIwMjItMDktMDVUMDM6NTE6MDkuNDIwNzM0NTExWiJ9fSwiYmRheSI6IjIwMjItMDgtMjJUMDM6NTE6MDkuNDIwNzMzMTYzWiJ9
.dotomi.com/ Name: DotomiTest
Value: 5162947192df2058
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYxMTQwMjY5fQ
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mx.com/ Name: amuid2
Value: 46c0ea8d-ba03-45f8-915d-b7cc978bb0ee
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.quantserve.com/ Name: d
Value: EEsBCQH1JoEA
.turn.com/ Name: uid
Value: 3197216183288605362
.casalemedia.com/ Name: CMID
Value: YwL9Lfw24S4I4MKePM2kEQAA
.casalemedia.com/ Name: CMPS
Value: 261
.casalemedia.com/ Name: CMPRO
Value: 261
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2E?hgSh9.!]tbP6j2F-.o%/6/guKFUau[(_=e9#:BgyaY7OWTQ1wI7^/1lDSHGK]Gm`iPT`tqI1c<ZNuG(viP-HC_#u##n*b7:8
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNDZjMGVhOGQtYmEwMy00NWY4LTkxNWQtYjdjYzk3OGJiMGVlIiwiZXhwaXJlcyI6IjIwMjItMTEtMjBUMDM6NTE6MDlaIn19LCJiaXJ0aGRheSI6IjIwMjItMDgtMjJUMDM6NTE6MDlaIn0=
.ladsp.com/ Name: cr
Value: 1
.bing.com/ Name: MUID
Value: 12941145AB8963E53210034DAABB628F
.c.bing.com/ Name: MR
Value: 0
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.linkedin.com/ Name: li_sugr
Value: 92782178-f6df-422b-8aa9-18da9346a5d4
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&192daa47-daf3-4caf-8bb1-da9d2188d700"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2896:u=1:x=1:i=1661140269:t=1661226669:v=2:sig=AQEYheR0TIC_dRSbHxQA1Mc2mk8BS7sy"
.media.net/ Name: visitor-id
Value: 3041418696833452000V10
.socdm.com/ Name: SOC
Value: YwL9LcCo5uYAAO49YTQAAAAA
.zemanta.com/ Name: zuid
Value: RUDPqykgPqPudohFazgS
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.media.net/ Name: data-ttd
Value: 0a600e4e-96d4-4f57-a4f7-77818b1f684d~~1
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCO6Xnczy_oE7EAUSFgoHcnViaWNvbhILCNSc2NHy_oE7EAUYASACKAIyCwja8M_9iP-BOxAFOAFaBzhtMzN6azRgAg..
.smartadserver.com/ Name: pid
Value: 3775013826742675334
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YwL9LQAINHkEXAAK
.media.net/ Name: data-o
Value: 8e6caf32-d004-4726-90c1-c031c0cb3ba2~~8
.ladsp.com/ Name: smn_uid
Value: H1WBreaWH8qe_kna2-g_bQ7Glt2nviY
.ladsp.com/ Name: lum
Value: CNj2s52sMBIFCAMQ0AU
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLbUU8/ocbn8bUyebV3a1stx17MlJHm2sfxU/6a1r7ymitzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1EmA5m/0RLi7+t87ZpM6MNOg=

4 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-tan-liang-jian-ban-luo-wu-tou-nu-shi-chong-shang-an-you-ke-xia-pi-bao-jing-zhen-xiang-chao-hai-xiu.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ad.audience73.com/adx_sync?google_gid=CAESEEHnvkvnqGWSew2I0PnWJJM&google_cver=1&google_push=AehlK4ANNrGxu6DC3E9Bu5QO98z-dDl2mrgcz69iwBUpfMcsXaMDhgto6yLWPXPddpvrur6Js5PdrXAWO0dIaAipARsULTRfGOWleg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22d38692baae50e942027f94a0692fd3.safeframe.googlesyndication.com
9ae9d187ea7c7cce2a5abf32f2fd32d0.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.audience73.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
app.cauly.co.kr
assets.a-mo.net
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c.eu1.dyntrk.com
c1.adform.net
c81b7725fb2574a4e0cac51dc1610615.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p1.ladsp.com
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d-2610030963545689271.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mts0.google.com
mweb.ck.inmobi.com
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.aniview.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
qsearch-a.akamaihd.net
r.turn.com
rr1---sn-ntqe6n7k.googlevideo.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.fout.jp
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
visitor.omnitagjs.com
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
y.one.impact-ad.jp
ad.audience73.com
ads.servenobid.com
c1.adform.net
cms.quantserve.com
eb2.3lift.com
hb-api.omnitagjs.com
pool.admedo.com
rtb.adxpremium.services
tags.rd.linksynergy.com
visitor.omnitagjs.com
x.bidswitch.net
103.229.10.171
103.229.206.240
103.231.98.194
103.231.98.203
103.254.153.160
104.16.87.20
104.18.102.194
104.18.13.76
104.18.18.126
104.18.19.126
104.18.35.11
104.19.159.19
104.19.173.108
104.21.41.253
104.211.156.162
104.254.150.228
104.254.151.68
104.26.4.103
104.45.178.220
104.65.229.32
104.83.196.24
104.83.197.63
13.107.21.200
13.107.42.14
13.114.41.24
13.76.45.37
133.186.161.88
135.125.160.77
139.162.23.100
139.99.49.250
141.95.98.67
142.250.219.3
142.251.10.154
142.251.10.155
142.251.12.154
142.251.12.94
142.251.12.97
145.40.89.200
151.101.1.44
151.101.193.108
151.101.2.49
159.203.145.121
169.197.150.8
169.45.107.147
172.104.45.159
172.217.194.102
172.217.194.155
172.217.194.95
172.67.72.16
173.194.28.102
174.137.133.49
18.136.32.109
18.138.18.111
18.178.218.220
18.198.190.98
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
185.183.112.148
185.184.8.90
193.122.174.27
195.5.165.20
198.8.71.129
20.127.253.7
202.131.200.84
202.232.238.37
202.241.208.100
209.191.163.210
209.58.188.181
23.106.127.38
23.106.127.39
23.106.127.53
23.15.111.217
23.15.148.136
23.36.252.26
23.72.44.196
23.72.44.239
3.1.14.27
3.1.183.6
3.113.229.60
3.115.209.30
34.102.253.54
34.107.148.139
34.227.131.62
34.96.105.8
34.98.64.218
35.169.131.238
35.186.193.173
35.186.253.211
35.190.60.146
35.213.109.249
35.213.12.39
35.244.159.8
35.71.131.137
35.71.178.8
35.72.150.84
37.157.6.241
42.99.128.160
42.99.140.161
42.99.140.201
44.195.112.134
50.116.239.135
52.2.211.96
52.213.181.231
52.220.229.2
52.46.143.56
52.74.13.196
52.76.225.46
52.77.77.30
52.84.45.129
52.95.125.22
54.146.105.203
54.164.39.11
54.174.20.147
54.192.150.114
54.192.150.119
54.192.150.50
54.192.150.58
54.238.120.71
54.255.144.233
54.64.4.232
54.82.201.159
64.202.112.223
67.199.150.81
67.199.150.82
67.199.150.85
69.16.175.10
69.173.158.64
69.173.158.65
74.118.186.45
74.125.130.156
74.125.200.132
74.125.24.132
74.125.24.147
74.125.24.155
74.125.24.94
74.214.196.131
8.43.72.97
84.17.37.44
88.214.206.247
89.207.22.105
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
01d28732fdbf3287703d5342fd4c3c0187682033c9978c4b0fa3ea8fe41ceb26
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06480b7e3810bc630cb0db02a74888ff10148c202127c703b3da4ca93d48d4d9
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3
07911f80d027f5d10a099a849cadfec5d9b62cc21897b8d6688a587642d43e14
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a0473e70c20d0677b5d6a9cb050e7a3c5a0e644a1eec0131379fd96745d9c44
0a9906e691335ab30f64396b06cf01d4ffe4dc7b431a545a3e534c31bf3255bf
0aa98ae796b11e97f2fa0e1e6489cecb276df9b7a0496b3f242ca43fa80d2edb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d10a2de2936c6a653e97da68fdb2f222ea25243772a4db309afa06b4f0bfa18
0e0a8e6c28f25fe5d3a02350c2dd08f8d1a4a73bb7d898d2cd2abbc5ab1d1013
0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a
0f641a5823444423b64704a1510ca5a9221a7cd12d85b759ecc7fd41a86826c3
10259d1ed95c13540a25ed7b7ca4d75294b8f69c7c4ec32832efa9954bbbb97d
1122028cbee3f3b4da51e736a5bc7e0265be4e3df5b91abffbbfd0a667e93272
117b1f9ce8440b0896d528a4172bfa4d94616993534f5b9cb277b0eea4c50c43
11a8bbdc475674e45e5df9320d2dac3cfd2f173373b538fb84ffc5a93623eb7f
1426378fc6dca28cbdd1d0c75221e662374f35d212525bebf6cea41164822533
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
163bfb71e678051ec4084f1b780bc6f561a55b923d335b4450a76223fe0ad819
165e52d852a9caed593ba5954f40f0de261bd91c42b9de944f3c09f9dd4a7e5d
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190cf577c0c3529de7368d8660aa30c625a7bf5c5e724c2eb6309b535cf25e5e
1959448826d3dca4f7710e7c47fd548f199b393888f879e0c788c208f4085ad5
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
1e44b74464c41833096dc8da6bd29299e868fabb9fef4c4f5ce9036cbbc9e905
1e69fc7f240d5cc0fdc344374a19e4fcd46c9dd22e86437900d25e26a6f43574
20bae632845403fa004243570edc3bbbfc17fe6b771816bf13c7b52f7d043d7d
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2a32f145ebce429e33c7295b9ee1f383ae8b8cf476bd137924c2f26636003087
3057368a96c56c12aeeb96ba4bc5700265696e2e69ce3c1672d063118f91f99b
31d817c1a430a822a314276c5b5e8460ce60b8e32e0631931e2c3ef42d492557
320d35a22bcea4c087fb12d90f8ec4e080f7ddb5cad2c7f45e0fcaa024f03bbf
3260174f0103f75b0b825a531cbf4431c9700ec73271d56945d3e4564e9426f3
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
33af763fd0ebc3726beaa69cce9c895aff120e5c7108fe3aab5fd534520abfe3
354bf21bfb9d61843e2f6b0def0edd63b3c2dc9299aa78484259089dc69be819
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
374584442f82c03dea97d056c31939debcf62f80deabae4053cf3b226c5afb66
377cb99bdd97fa07bd52eb67b3f1af94539d08b75264ad82f5cbaab2887c9b14
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37c4de34d63a769957d7baa0840538ad77025bd63c2b78766519b89699f90c33
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6d819eef13cded79f65719b50259da5997709d37bafd06bafdfe66d9e16128
3e868b68ba4e38b08bbdd3e4270ccb126982f8e2cc67c1e6a5649c584a45ed43
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
42d0048eb4f1646f6ad14db53b18c50d4c0b62ac90f71627037bd40e39bbc755
42ffa1e4fb948fdd96c9e8822ec5e8022eb3fa6e752ae04582b46f99eaa6766a
456e932a07f55b74d0fc86f51b6a82a1b5a3b0ddbc707baadf908820977b0617
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4942982e3e43d32668431a1025248255e5d7ae732890f9ce86c4aba29e762d52
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
52147dd3104e8f66d771bdfee1be4e1c0bcdd2d8d82f4c9f26285bfbbe1d2d39
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
549fd811355173a6e1ecf68fca56fe912d8f0dab62b48c3a5d9b56314d380964
5569fd3d29f4d2c5e1a0d42879aedcacd5be91c7499915cca274c3d5f9485065
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56368d49f4817b9887057f7f88a7b70edf279bccec0acf04f046763f96ec8f25
5658d2f4a61c3d6ea2b10b42f1503899eb68d0a2551d37ae41cecf530f32ed45
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
572889b0e72056d44be4fcb5e851c27590aba1cb763fcff2d90f98dd9f9088bb
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58f2621b2d0befb7ec2e5a958cfb2c9699ee0860b281307f900f237bdb36ce5b
597d97e1b73655fc8ab70cb95344b5878ab8142c1f5353cf9427deee83ff35dd
5a40d49932c7a63adc7f684b46332ae923c8e0148b3ed3b2e777004eb4c9f3ef
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
5c9d0358c8ebee35ba7f6eede940efb4172460a76ed1838fdbe23ebc9f73a780
5ccd15f4d57172a883f1e07947fcc76efa0d81819b2c72b80032446c824f2b51
5ee3e2b294521befd0025c189e612ed2543efd6d36327b254569da26a8a96e88
5f6a8b95c8ccbd093e86f2fef21a8e0517f1c6951c764aca6a6746d7cef2aaf2
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6055603d3e8af8889eae1bf7e3c345d9643ffa5ab9413b7068f1f24431e93b65
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
657465b80b6b28e3bd6f7d1d2ff420208a7021f7ab49decfd4b1b87b9ec41c88
66290306acdce22c511f270b9a157c5a2f4f5a75e4a685d7e6e1ade3679d2f3f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68d7603936287ec5483156f16773b1fe571e360b3450a03a5cfdd9a46e303565
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bf85f1310ec2e19b5342b3dbb469344d3e5f0b6919cec977bd14820feaa8a03
705fb8ab56fbf24a043e6d91c0a24284a4a3c6fff2011ec5e51c4cabfb872923
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
7129b13e1fc5ac8ce5576efc8a114388c22d144c36f778bb481a8a3e48435449
72a07994c057f2624a5677259e731b7bbf3ae4feb4ac3539aa8bfb294b03a388
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7aa5aed44c586034cb5f6807292dbb5b2a23a5d1c24c43383e2884e446c93fd1
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
814380b01b416e69562ee76a77f41c851fb46c70b1b568af1f38c18e843f06ba
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
85eebf29ba90a6d0cab377dc70e5ac6113a378397be48ad4ef0ccb3b7eeffdb6
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
887fc46f3b4b9f5b4976c9eb04622c1c1fefccffb52ea9011afde8a175df5af5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8dd34b01af2607765874170f05d9d113f9b94b74aaaba7239860d9ecb27b86f7
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
9635bb0b603b2bae789d9b8147be13d1c967a04afdab2301f0bdbebd6a07499e
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d9e838e11e53e28982fab39b9239fd02223517740e15a36d80cc781c2d2cfcf
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a0281357fd67062678e0f94adc9cb3317b327c7c0bcdb9cd825e871fef23cee0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a28cc4ae9eec1c120a648c49d45fe5d7234c6a9b22067112472cbd1fc09e26b1
a4190b9c5f8a1bcd3b415017bd8b7695bb316c9792ae2bd7d8a9bd4067e8e5ee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51abdc945bd68a425eddc829372fe5380aff8fe0343c7246784db121f65f994
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a98a520d51adb642123bc61ed5da6c39eca72b1d48d286948b9865db9c7f5044
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b13574f0328525ad255ce5eadb2aae1169eaadaa2dc0bd2127666463ebe1e8cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
b82bf2f25434a76e0d9bc08f1101d9b89c52bd9d122eb7707bdf70b6aae29346
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf491029ae855be81c5c4a9f3cccf53f63bc9b276f45d52f0f8c0520eb3c531f
bfbd8c3deb99d7413bd307b503c1b8be39194efa874920283eda9d57a696b5ba
c03cead1566dc6b3d2b5c7839fd5348ec5d3b06afb477f04848edb16184a69be
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720
c378be2146055cc28a4798a39e9f59d013dd556a1d11842ce4a59e8aa38ec8a3
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c53f4706b6959f19ff2d7b6ac019b91cb3eb325d8e5024c6613e226506d6d71e
c6b79d0d39982b00857d3eb6e62a48d1dc07b2c86682d8c7ae79f9800d502924
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
cace5323af14053509cfa0a23c408f10b7d83fd978a149fb76f011db3c09aef0
cd0664c5916dc02a70d2be53a65af5b45e545c59936801c6b33b64bb4b6d424a
cdd4c9c54a988c06e93f9c7d5a1c825f2d696b5c82c1c2cb931c0d0e6087ed40
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa670a6f80b6f904228dd50d55f885bf6595b202c716d10fa1e2087b2fc71e5
d163dcbc56957d75348b361ca89d3c1a214d38eb3968031387dc6d96f568d02f
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
dca67579e781089845e02e5ae6dcc854f3d69f4ddcbd493c3ef535aebae5968f
deb2d96ed6f3ffb08ba686606bb2f27865ec19eadb376d359e4bfffb267d20cd
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e9a1855fc9973ebd70d89e8598df49ad2b4515e72e3eb157add2727f06cd9dd1
eb8a5311074ac975aa958800bbd6407df02f96a7f055b5cedea39d23b7226079
eb8f239a09acfe37716affe5cde3b63e852c0fb33f34b88551c7278afa168227
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee1b361d4e867f92f0a603315c565725a7ceb394d621ba6b804e280d95d043fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e6285f4491c162ed31a117d85f162c73f32bd2fcdac55de82bc4e3282cf99e
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7f07801cc1c660edd15eb7528fae7d8ce94244c80a29e81da1ae04669b84e12
fb493b5c435237664fb8719d43c0a020b882900ecfa77d548bbed79ef3f00b15
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e