www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

• https://ads.aralego.com/sdk HTTP 301
• https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

Request Chain 65

• https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712245704&bpp=13&bdt=1417&idt=730&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=1448250680542&frm=23&ife=1&pv=2&ga_vid=1634083431.1661712246&ga_sid=1661712246&ga_hid=1157950055&ga_fc=0&ga_cid=amp-JiCQ5zinqqxk-NJ_PmvHyQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1624&biw=1600&bih=1200&isw=336&ish=280&ifk=3800679182&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069108%2C31062931%2C31068920&oid=2&pvsid=1727499833572828&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m8x856iz0usw&btvi=1&fsb=1&dtd=748 HTTP 302
• https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html

Request Chain 69

• https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712245722&bpp=11&bdt=1453&idt=751&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=1448250680542&frm=23&ife=1&pv=1&ga_vid=150588634.1661712246&ga_sid=1661712246&ga_hid=2073036284&ga_fc=0&ga_cid=amp-JiCQ5zinqqxk-NJ_PmvHyQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4268532754&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44768832&oid=2&pvsid=415273921944129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2mjv46lq7nbz&fsb=1&dtd=768 HTTP 302
• https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html

Request Chain 143

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1&C=1

Request Chain 144

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywu3eIqvCeQB.X3n-s5X0wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1&google_hm=2

Request Chain 145

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEM1xMx0XBl2MFZGocNqwzPM&google_cver=1

Request Chain 146

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY0Njc2MjY3OTcyMjgwMjc3OA%3D%3D

Request Chain 157

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECfyscxTgyExVjb2hsjkqu8&google_cver=1

Request Chain 158

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTVjZjVhZjctNjE1Yi0yZTg2LWZhODUtMmNjZTNiYWExY2Fk

Request Chain 159

• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
• https://sync.teads.tv/um?eid=3&uid=CAESEG1zCzCCOvCQr91AKTusps4&google_cver=1

Request Chain 160

• https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDE4YmU1YzQtNzc2Yi00ODljLTk5YTMtOWU5ZjdkZmE0NTQ1

Request Chain 177

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKy2g4k862yYEjczEW_g7RE&google_cver=1&google_push=AehlK4A8cqtsGxlCZg29o7Ryjx-9WSfeqbz5OBIXsAH6PoV6XO1EbIaEm8CWjSAEo9S_P_jorqFAVKVKA0E83WxUt0ZrQ525ivs8RbTQ7V9x36U_SdsJBTBL14e-TFdvEW12ctKevtUkthHjqijl9CIqdms HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4A8cqtsGxlCZg29o7Ryjx-9WSfeqbz5OBIXsAH6PoV6XO1EbIaEm8CWjSAEo9S_P_jorqFAVKVKA0E83WxUt0ZrQ525ivs8RbTQ7V9x36U_SdsJBTBL14e-TFdvEW12ctKevtUkthHjqijl9CIqdms

Request Chain 178

• https://um.simpli.fi/gp_match?google_gid=CAESEMAoRtq_xhIEJreoerSDbrw&google_cver=1&google_push=AehlK4DTmGWGX00DxcsvGGpYU75rmaVFIa1ZWN9Nq3HiTw3TlX0hVx5SMzBdApkdpSEn8SbvfdPX3M9suwfhe1TrBXNZ0CGXX05hTyK4cWwuVBX0NlAzO_BstZTrWG6YO7S8e2K1mBAlgJfHY1Y7qgPmTd4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E9700BD027DA4A4AB62D546AEC99B060&google_push=AehlK4DTmGWGX00DxcsvGGpYU75rmaVFIa1ZWN9Nq3HiTw3TlX0hVx5SMzBdApkdpSEn8SbvfdPX3M9suwfhe1TrBXNZ0CGXX05hTyK4cWwuVBX0NlAzO_BstZTrWG6YO7S8e2K1mBAlgJfHY1Y7qgPmTd4

Request Chain 179

• https://a.c.appier.net/gcm?google_gid=CAESEJYhmir7_j2MYw3sgjIqbJw&google_cver=1&google_push=AehlK4CPa4sOtwuGTFVhbhAN1Pq4mYLDM4zYOvs6l6SrfF7epB1bE0_S5EttQ1_7qx9V-ZwCiC5MpOLTvMKwiBVh9p2WannaqbtLvp6Um_cdnHU1BYoBw5vsvIzVJJBeBz9trHJ9_wF0ZzItvIqWbd6vSVQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MnpNZmFTM0JCREd5dGF2amViY0xZdw%3D%3D&google_push=AehlK4CPa4sOtwuGTFVhbhAN1Pq4mYLDM4zYOvs6l6SrfF7epB1bE0_S5EttQ1_7qx9V-ZwCiC5MpOLTvMKwiBVh9p2WannaqbtLvp6Um_cdnHU1BYoBw5vsvIzVJJBeBz9trHJ9_wF0ZzItvIqWbd6vSVQ

Request Chain 180

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECmkFLu4ZpjVGRGURsnh7jM&google_cver=1&google_push=AehlK4Dq01md2ArujwKXHiEkbo_ld_TBadS-NdCBUlYV2KgtUGfeOQhX3hmwoa1kCZVZZbnz7PVL5w3bY23ihL23fpnDSC-nAKc_kk8FOsYleObsD5Gvnuv7CB0yem1so9VIjItpegytkGbL03PYGJNxuNU HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECmkFLu4ZpjVGRGURsnh7jM&google_push=AehlK4Dq01md2ArujwKXHiEkbo_ld_TBadS-NdCBUlYV2KgtUGfeOQhX3hmwoa1kCZVZZbnz7PVL5w3bY23ihL23fpnDSC-nAKc_kk8FOsYleObsD5Gvnuv7CB0yem1so9VIjItpegytkGbL03PYGJNxuNU&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4Dq01md2ArujwKXHiEkbo_ld_TBadS-NdCBUlYV2KgtUGfeOQhX3hmwoa1kCZVZZbnz7PVL5w3bY23ihL23fpnDSC-nAKc_kk8FOsYleObsD5Gvnuv7CB0yem1so9VIjItpegytkGbL03PYGJNxuNU&google_hm=VkN6QVgxbEhLdGdHUkpDZmFVb2Y=

Request Chain 181

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMoWMg-ufAobo9Ph2T4268Q&google_cver=1&google_push=AehlK4BQT4VWBYPoaThBJFjAJ7Zc7Yn8wfBkT2kD47s8KOAGj3umYUFflWn2JZoEWaDApvQc6pZ_JtiTdhCgE3bUrkZF2ll7nVRU09RIrAsPCxBbhOkUbzLbsSK3uFQ30ZLQ7IlVpU5cezJAnAUcLvd9Xiw HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMoWMg-ufAobo9Ph2T4268Q&google_push=AehlK4BQT4VWBYPoaThBJFjAJ7Zc7Yn8wfBkT2kD47s8KOAGj3umYUFflWn2JZoEWaDApvQc6pZ_JtiTdhCgE3bUrkZF2ll7nVRU09RIrAsPCxBbhOkUbzLbsSK3uFQ30ZLQ7IlVpU5cezJAnAUcLvd9Xiw&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BQT4VWBYPoaThBJFjAJ7Zc7Yn8wfBkT2kD47s8KOAGj3umYUFflWn2JZoEWaDApvQc6pZ_JtiTdhCgE3bUrkZF2ll7nVRU09RIrAsPCxBbhOkUbzLbsSK3uFQ30ZLQ7IlVpU5cezJAnAUcLvd9Xiw&google_hm=VkN6QVgxbEhLdGdHUkpDZmFVb2Y= HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_error=5

Request Chain 182

• https://an.yandex.ru/mapuid/google/CAESEIiLXHSWo_XJm_NklQtrqX4?ext-param=AehlK4DLoe781NGmVUf3Xthj2SIvkaSGOxmpCAYP03Dxvuludj3FE5BTRj54qYOAspzKK55-3G0BcBUWh5lAcss6KxjvhByGFFW9_2iBTetwUdYg8S6L7GuYDDp31K48DWjHYY40WyG6-gO33Q5KY3FDG3S4&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://an.yandex.ru/mapuid/google/CAESEIiLXHSWo_XJm_NklQtrqX4?redir-setuniq=1&ext-param=AehlK4DLoe781NGmVUf3Xthj2SIvkaSGOxmpCAYP03Dxvuludj3FE5BTRj54qYOAspzKK55-3G0BcBUWh5lAcss6KxjvhByGFFW9_2iBTetwUdYg8S6L7GuYDDp31K48DWjHYY40WyG6-gO33Q5KY3FDG3S4&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIiLXHSWo_XJm_NklQtrqX4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://an.yandex.ru/resource/spacer.gif

Request Chain 186

• https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHVQQRkgcaO5Zsg1rIEeNOM&google_cver=1&google_push=AehlK4CCNUh3AwLMD8uWzUsaTqM1ti2sq-ufI9FHXDy4-mZMsZj3uQZV6d8PvDG46-78E9iAmLMhAH6pcE5YmYVgnwlgfHUFOZkrVzjMzkG0xLq5cL76y4eYd_yCsiv3N6qCCDrZhWCvaH0 HTTP 302
• https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1f3e190bebc020bb&is_secure=true&networkId=14000&version=1&google_gid=CAESEHVQQRkgcaO5Zsg1rIEeNOM&google_cver=1&google_push=AehlK4CCNUh3AwLMD8uWzUsaTqM1ti2sq-ufI9FHXDy4-mZMsZj3uQZV6d8PvDG46-78E9iAmLMhAH6pcE5YmYVgnwlgfHUFOZkrVzjMzkG0xLq5cL76y4eYd_yCsiv3N6qCCDrZhWCvaH0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMOwe_fNZYYQM0IM2nAAAAAAA&expiration=1661798650&google_cver=1&is_secure=true&google_gid=CAESEHVQQRkgcaO5Zsg1rIEeNOM&google_push=AehlK4CCNUh3AwLMD8uWzUsaTqM1ti2sq-ufI9FHXDy4-mZMsZj3uQZV6d8PvDG46-78E9iAmLMhAH6pcE5YmYVgnwlgfHUFOZkrVzjMzkG0xLq5cL76y4eYd_yCsiv3N6qCCDrZhWCvaH0

Request Chain 187

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC9I2Cm6QdCOPjuC01OPaLE&google_cver=1&google_push=AehlK4BVrWtl8WRgGcQikRkTEik445W7McxTMyrgi-KZDiaFeww7KC6MSnAaVvhZtOxNLePPgLaLZRHCmSgLnnZHQB3heQHvZCup5qZuYVKL87LKms-90f4BJHP_hOaxAiUsMNvq339UEtB1 HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC9I2Cm6QdCOPjuC01OPaLE&google_cver=1&google_push=AehlK4BVrWtl8WRgGcQikRkTEik445W7McxTMyrgi-KZDiaFeww7KC6MSnAaVvhZtOxNLePPgLaLZRHCmSgLnnZHQB3heQHvZCup5qZuYVKL87LKms-90f4BJHP_hOaxAiUsMNvq339UEtB1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OFY3cVRPVDQxT3NuZ3Q1&google_gid=CAESEC9I2Cm6QdCOPjuC01OPaLE&google_cver=1&google_push=AehlK4BVrWtl8WRgGcQikRkTEik445W7McxTMyrgi-KZDiaFeww7KC6MSnAaVvhZtOxNLePPgLaLZRHCmSgLnnZHQB3heQHvZCup5qZuYVKL87LKms-90f4BJHP_hOaxAiUsMNvq339UEtB1

Request Chain 189

• https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEB8Pcfcn4shuNNLd2aIQ1Hc&google_cver=1&google_push=AehlK4AuVShzhLyyJm0w1uZSiRmENtk-ctUdR2c3n7naYPVFeSU4x0WLkk_TItMdGbSQ0U_BRQekuY0YhzLd2b5q97epXLaja857GJHspY--qubMU5xaxRdLh8a6OLAFfikuT7Z8WKngx0F4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXd1M2VjQ284WHNBQUNZQTF3b0FBQUFB HTTP 302
• https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEB8Pcfcn4shuNNLd2aIQ1Hc&google_cver=1

Request Chain 190

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENGfolD_4hbkc-1Rnhl-Ldg&google_cver=1&google_push=AehlK4BusdSVYczhn6eFchKIQaYL0Q_r-9QJhWsu4D1kGnhGaeRStctd4c3dW16iAG1apFeXRreO3y3VvjuEADlp9YpNIxf5bdYY6QafjUhPTzldUc0ehrCCHqYET1mgbjZ9bjuze9TSrkM HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENGfolD_4hbkc-1Rnhl-Ldg&google_cver=1&google_push=AehlK4BusdSVYczhn6eFchKIQaYL0Q_r-9QJhWsu4D1kGnhGaeRStctd4c3dW16iAG1apFeXRreO3y3VvjuEADlp9YpNIxf5bdYY6QafjUhPTzldUc0ehrCCHqYET1mgbjZ9bjuze9TSrkM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BusdSVYczhn6eFchKIQaYL0Q_r-9QJhWsu4D1kGnhGaeRStctd4c3dW16iAG1apFeXRreO3y3VvjuEADlp9YpNIxf5bdYY6QafjUhPTzldUc0ehrCCHqYET1mgbjZ9bjuze9TSrkM&google_hm=nTfbPnhsQmuLGkFt5bXDOA==

Request Chain 191

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELrR2m44NzUutqiZ1D7hOCk&google_cver=1&google_push=AehlK4DgsVim_cN32DZXwRNAwgCaSDe_po7nbJg75u9BBpcAzmq4jXF6tmOPY_jb1tiSRzY26rPteHKMp7Bk3yC2OVeIGlyRMzVsrqGkWvQnjeRwDxOOtq-CKOdlf3VdM1VWSPuzZBqc4ulX HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELrR2m44NzUutqiZ1D7hOCk&google_cver=1&google_push=AehlK4DgsVim_cN32DZXwRNAwgCaSDe_po7nbJg75u9BBpcAzmq4jXF6tmOPY_jb1tiSRzY26rPteHKMp7Bk3yC2OVeIGlyRMzVsrqGkWvQnjeRwDxOOtq-CKOdlf3VdM1VWSPuzZBqc4ulX&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dje4jBngS2mPXvQ0bj6wNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DgsVim_cN32DZXwRNAwgCaSDe_po7nbJg75u9BBpcAzmq4jXF6tmOPY_jb1tiSRzY26rPteHKMp7Bk3yC2OVeIGlyRMzVsrqGkWvQnjeRwDxOOtq-CKOdlf3VdM1VWSPuzZBqc4ulX

Request Chain 192

• https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEGWH5Zd7q9MkctkgYMr01nk&google_cver=1&google_push=AehlK4DJdy4sLAjOq_ymOc2B6OqN8AzyTUwm_Cf6LFQ6qkBdrt_c6-auA0-dPMUaTctDIfFuF-UtSAkPFvD1qfz3Lfb5yt5221hMIF1tx9RSkQqQx25OkQO_sqwmrzIn4VGueWYEXiZQ_BuTQQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MTcxYTllNTktMTI3Yi00ZmM0LTgzYTItMWQwYWQ1MTkxNTk4&google_push=AehlK4DJdy4sLAjOq_ymOc2B6OqN8AzyTUwm_Cf6LFQ6qkBdrt_c6-auA0-dPMUaTctDIfFuF-UtSAkPFvD1qfz3Lfb5yt5221hMIF1tx9RSkQqQx25OkQO_sqwmrzIn4VGueWYEXiZQ_BuTQQ

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Show response www.bg3.co/a/	56 KB 17 KB	1323ms 911ms	Document text/html	84.17.37.44 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-37-44.cdn77.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 0ea8f56101acbdba14ac9b5280ae5723b272a0a9f68b9946c41409cfbdaa9c28 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Cache-Control max-age=3600 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 28 Aug 2022 18:44:03 GMT ETag "df3c-S3u/nPfjBg3GUb25GeEICctODtM" Expires Sun, 28 Aug 2022 19:44:03 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	v0.js Show response cdn.ampproject.org/	276 KB 72 KB	521ms 170ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 5f8d71069d619040e5ea451d199616bf459fb1ebc73e2e5a5ade04b3c0f6d405 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 72591 x-xss-protection 0 server sffe date Sun, 28 Aug 2022 18:44:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control private, max-age=3000, stale-while-revalidate=1206600 etag "d68ac0b6f7bd5a0e" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 28 Aug 2022 18:44:03 GMT
GET H2	200	amp-sidebar-0.1.js Show response cdn.ampproject.org/v0/	31 KB 10 KB	870ms 519ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-sidebar-0.1.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 5c6e81664d4eceb22dec97dcfdf650d9043fe61c43c6a0bcfb8cb545a3bb6317 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9674 x-xss-protection 0 server sffe date Sun, 28 Aug 2022 18:44:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control private, max-age=604800, stale-while-revalidate=604800 etag "c8d982af404eb30c" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 28 Aug 2022 18:44:03 GMT
GET H2	200	amp-auto-ads-0.1.js Show response cdn.ampproject.org/v0/	24 KB 8 KB	834ms 503ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash d1555f710e3e03e1b2a96c77e01a8d363d3d2617884e6a42f2dd7211c1b4dc07 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7577 x-xss-protection 0 server sffe date Sun, 28 Aug 2022 18:44:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control private, max-age=604800, stale-while-revalidate=604800 etag "ba4554cc3d824f7e" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 28 Aug 2022 18:44:03 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/v0/	109 KB 31 KB	871ms 541ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-analytics-0.1.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash cbcdb4c75801db2fc6e6686038fd68c3512f262c3e256ef1df50978975a699e5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32017 x-xss-protection 0 server sffe date Sun, 28 Aug 2022 18:44:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control private, max-age=604800, stale-while-revalidate=604800 etag "c18a359d5e98957d" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 28 Aug 2022 18:44:03 GMT
GET H2	200	sdk Show response cdn.aralego.net/ucfad/sdk/apac-sg/ Redirect Chain https://ads.aralego.com/sdk https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk	42 KB 43 KB	280ms 98ms	Script application/octet-stream	104.26.5.103 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Server 104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43300 last-modified Mon, 25 Jul 2022 08:38:19 GMT server cloudflare etag "62de567b-a924" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6zu0%2BK5wKtHIIJB62cyInFpdzW%2B%2BBummaghfjhOaZ%2B08IIP2fslV3dUlDGUWnq8PgJv8eKDWzYtbA8JDu0pW%2FCGZYd2qbmJJzx%2F5IAbgm%2F%2FHq2Zs%2F7FeqJSwKFa6tJioQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 741f32364c7a5ac0-MEL Redirect headers Location https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk Connection close Content-length 0
GET H2	200	adRecover.js Show response delivery.adrecover.com/43519/	35 KB 10 KB	1226ms 303ms	Script application/javascript	42.99.140.201 ASN-TELSTRA-GLOBA...
General Check archive.org Show headers Download Go to Full URL https://delivery.adrecover.com/43519/adRecover.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK), Reverse DNS ip-42-99-140-201.pacnet.net Software nginx/1.18.0 / Resource Hash 96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-country AU date Sun, 28 Aug 2022 18:44:04 GMT content-encoding br last-modified Sun, 28 Aug 2022 07:00:18 GMT server nginx/1.18.0 vary Accept-Encoding x-akamai-device mobile:false&tablet:false access-control-allow-origin * cache-control max-age=3600 server-timing cdn-cache; desc=HIT, edge; dur=1 x-cf-geodata AU content-type application/javascript content-length 9527 expires Sun, 28 Aug 2022 19:44:04 GMT
GET H2	200	adpushup.js Show response cdn.adpushup.com/42753/	514 KB 119 KB	1222ms 306ms	Script application/javascript	42.99.140.161 ASN-TELSTRA-GLOBA...
General Check archive.org Show headers Download Go to Full URL https://cdn.adpushup.com/42753/adpushup.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK), Reverse DNS ip-42-99-140-161.pacnet.net Software nginx/1.18.0 / Resource Hash fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd Request headers Referer https://www.bg3.co/ Origin https://www.bg3.co accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-country AU date Sun, 28 Aug 2022 18:44:04 GMT content-encoding br last-modified Wed, 24 Aug 2022 02:59:53 GMT server nginx/1.18.0 vary Accept-Encoding x-akamai-device mobile:false&tablet:false access-control-allow-origin * cache-control max-age=3600 server-timing cdn-cache; desc=HIT, edge; dur=1 x-cf-geodata AU content-type application/javascript content-length 120977 expires Sun, 28 Aug 2022 19:44:04 GMT
GET H2	200	ucfad-formats.css cdn.aralego.net/css/dev/	975 B 617 B	93ms 92ms	Stylesheet text/css	104.26.5.103 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/css/dev/ucfad-formats.css Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:04 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1877 cf-polished origSize=1191 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 16 Mar 2018 07:19:46 GMT server cloudflare etag W/"5aab7012-4a7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQfV1oWbJ6yBXa0QzylLsXNEI38PEtRMSmsk4eqAabgg3omL%2FHlbedv%2Fp3nqBKQDoqHLzhNTwqbQ6WGXjKYVNlaeaHA4SdLcIMZaNCwlTJeyMA3VvCe6uC12ho%2BlQJN64w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 access-control-allow-credentials true cf-ray 741f3236ecdc5ac0-MEL cf-bgj minify
GET H/1.1	200 OK	idRequest Show response sync.aralego.com/	46 B 488 B	806ms 205ms	XHR text/html	64.120.88.131 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif& Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS Software / Resource Hash 8f87f61acb42d66fd796022d01078051089ba84090cdcdef8394099e2749c35f Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:04 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://www.bg3.co Access-Control-Allow-Credentials true Connection close Content-Length 46
GET H/1.1	200 OK	idRequest Show response sync.aralego.com/	46 B 488 B	806ms 201ms	XHR text/html	64.120.88.131 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Full URL https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif& Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS Software / Resource Hash 8f87f61acb42d66fd796022d01078051089ba84090cdcdef8394099e2749c35f Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:04 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://www.bg3.co Access-Control-Allow-Credentials true Connection close Content-Length 46
GET H/1.1	200 OK	ad_request Show response ads.aralego.com/	508 B 1 KB	595ms 255ms	XHR text/html	209.58.171.197 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.40360634374906534&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software / Resource Hash e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:04 GMT X-Width 336 X-Height 280 Vary Accept-Encoding Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://www.bg3.co Access-Control-Expose-Headers X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal X-AdSource PSA X-Adtype html Connection close Access-Control-Allow-Credentials true Content-Length 508 X-AdStyle banner
GET H/1.1	200 OK	ad_request Show response ads.aralego.com/	508 B 1 KB	600ms 258ms	XHR text/html	209.58.171.197 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.32218663470602804&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software / Resource Hash e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:04 GMT X-Width 336 X-Height 280 Vary Accept-Encoding Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://www.bg3.co Access-Control-Expose-Headers X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal X-AdSource PSA X-Adtype html Connection close Access-Control-Allow-Credentials true Content-Length 508 X-AdStyle banner
GET H2	200	897c59c49e2732d09326da2fbf65e4d8.jpg static.bg3.co/imgs/202109/	7 KB 7 KB	873ms 684ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202109/897c59c49e2732d09326da2fbf65e4d8.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e60963dbfcbd2aab348c6ccd4b494dc1a44ba8459dfd64ed17a75a2f300b9ea Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Thu, 02 Sep 2021 11:41:24 GMT server cloudflare etag "897C59C49E2732D09326DA2FBF65E4D8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ho0J8%2BfYYEuSWtjwl8Af%2FIB1UOu%2FS3jv8aPydJOX6VEK0dmN66WHG2zRLaf%2BMdn74u2bJNEub7Jp%2BQXSTVcF3Fxd%2BzkcdOFFYT8WC6CwG7MssP4Rgtl2Z2l7PXe93j0%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3238ac38fe91-MEL content-length 6687 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	c15e994f67a33d93688cf23a4b893231.jpg static.bg3.co/imgs/202105/	4 KB 4 KB	872ms 683ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/c15e994f67a33d93688cf23a4b893231.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4806c40950783b960db98c63c11f622807eda491a7fb2eaf8f3fd1f9255341a9 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Wed, 26 May 2021 15:45:25 GMT server cloudflare etag "C15E994F67A33D93688CF23A4B893231" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IRMEVJ3ZpEaIbz5AfkDclfyOB6h7K%2B9wQ6EY0N5xn6KzJfq8qxFsp18GPnAkqxfk9Rl%2FMIlb7DCADYrvJ962pg%2BZf7CcVkJq0iqpt1twJNFxIfJU8%2B%2F6SJP%2BFIlkJM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3238ac3bfe91-MEL content-length 3869 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	663536c2ea3692ebd4973ed45dd1f82d.jpg static.bg3.co/imgs/202111/	7 KB 7 KB	765ms 577ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202111/663536c2ea3692ebd4973ed45dd1f82d.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50e6bd7d18383c04f25d1f669859769d823ee2602d9e82eafa3cfe1c6622cd37 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Sat, 06 Nov 2021 16:05:41 GMT server cloudflare etag "663536C2EA3692EBD4973ED45DD1F82D" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olZT3SQoOgn%2BK7CbvIL6iwHrFYw8PNpRZCbBDKuX6Ogos9pbWfi1GcstD6CzeWiKrvbFS9X4DmwXAao4UWu7mDjma49qJanBT9pcg%2FTQx%2B1qT42s8KELJGU2DCcaSms%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3238ac3afe91-MEL content-length 6889 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	8dc042f94fdc8918fa580bb06ef8d5c9.jpg static.bg3.co/imgs/202106/	7 KB 7 KB	789ms 601ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202106/8dc042f94fdc8918fa580bb06ef8d5c9.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8427100ff884da5ed87a2b5155e2729cdbd78f9cb0907d41f997ee6bdd79a86d Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Thu, 03 Jun 2021 09:16:48 GMT server cloudflare etag "8DC042F94FDC8918FA580BB06EF8D5C9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9L4Gnvtmnnf9An7hqLPcMsviahO39U18mWTGdld8s%2Bm74NsfRmyLlo6DGgCiGxpH7ZtkLcGKo4TCd%2B5AZZW0oKvjXMRXzevx55CEQK5EA%2BmUbsMyeaYgc%2BKEKRxR4Hw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3238ac32fe91-MEL content-length 7310 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	213a76af75a6dd46c448690c8a7805f2.jpg static.bg3.co/imgs/202106/	6 KB 6 KB	770ms 583ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202106/213a76af75a6dd46c448690c8a7805f2.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c7335cb69354b642cb17883d361cf8fdb1680e4441c191a4261ac29cb77c23c Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Wed, 02 Jun 2021 00:59:04 GMT server cloudflare etag "213A76AF75A6DD46C448690C8A7805F2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGNCfrR7kUA%2Bxy6K1hBHStjxPy3wQz8xuJFGEBCFmms0ZYupuzdk4RG%2B6MWYIoKNfKQY0UjDctEKBibfWn8y%2BErtJDjyVAmhIpbtXBWg85xmv2rlX7esSYVSW7y9UKM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3238ac33fe91-MEL content-length 5716 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	4349977e423a9648ad6bbed4263f14bc.jpg static.bg3.co/imgs/202105/	7 KB 7 KB	764ms 576ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/4349977e423a9648ad6bbed4263f14bc.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93c88a5925d3ae00cdae21e8dc0b8bb7db7c4e08ef8965053e96f616feace16b Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Thu, 20 May 2021 11:36:39 GMT server cloudflare etag "4349977E423A9648AD6BBED4263F14BC" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZ0iF3x3WiE1HlEEAwQIGUeg1YncfvvjirNGxYeiWcsmET4AgmLQkK%2FtGfUPgk%2FSaWP2WEkLMeFUwMz9UGskNK8erigkb0BOmTdtTo%2FaRxEWshxeGX1jvYOAxEnfPyA%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3238ac34fe91-MEL content-length 7005 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	5d3cae22a90ff96274f8a7e6829079f2.jpg static.bg3.co/imgs/202105/	7 KB 7 KB	858ms 676ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/5d3cae22a90ff96274f8a7e6829079f2.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5cc7746513706ae2acc257ecb852e3da95a995b38aedf5eef921b8ba5fe84073 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Fri, 21 May 2021 12:51:08 GMT server cloudflare etag "5D3CAE22A90FF96274F8A7E6829079F2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pP8ZGqJfOKB53popnDBQ7%2Bnfu%2BerCkdHlXCAVLEMtIf32TF13xwSMN4YfXiZzwPtTd0WXhQwyUcCszBOxtTZpzdUlMcJtV1yjmP2xtGfCDK9Wc7QOl3seKV96shMAac%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3238ac35fe91-MEL content-length 6722 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	eefbd6645ea82a2f683950a67809183d.jpg static.bg3.co/imgs/202204/	6 KB 6 KB	825ms 643ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202204/eefbd6645ea82a2f683950a67809183d.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cc12c59ddb8497d822c096fa57ee074dd22a544aaa9b119bdf2cc6f8d4a6987 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Tue, 26 Apr 2022 07:00:39 GMT server cloudflare etag "EEFBD6645EA82A2F683950A67809183D" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnStURQ%2FlZF4d%2BjNSqhE9d8038HrU6eDcYwkP3K%2BjBVIkhnVLJqPQe83Hqt7rro%2BW%2BvQ8smBlTH8bHfK3w%2BzuT1455z4HZFI496A6wq6JqRlfpevI8w1c830DqoqNAE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3238ac36fe91-MEL content-length 6081 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	8d50b75cfa4f9a32a35df3530da76351.jpg static.bg3.co/imgs/202105/	9 KB 9 KB	576ms 572ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/8d50b75cfa4f9a32a35df3530da76351.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1f3a13746399261681f87cde98216a1e9d8c0214dc23c322152506c198ecba8 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Wed, 19 May 2021 05:29:43 GMT server cloudflare etag "8D50B75CFA4F9A32A35DF3530DA76351" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqIveUQ3Thdt9eCls6c9ysboyEbWWttE%2FDjz7loCn5g0LKM3T%2BMOrF7mxVYQCmii5xkVfNVMpCe1RPaWr%2B8MEdPTukSFff4XMZEpN%2FXFkIiByoAdeZxl1Up2tEz3Lqg%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac83fe91-MEL content-length 9127 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	5bc76cb4be58f0ed416220783c1085f3.jpg static.bg3.co/imgs/202201/	4 KB 5 KB	582ms 579ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202201/5bc76cb4be58f0ed416220783c1085f3.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e17197c356c408d0d3eb56865ccd027369c05e93b2fd420763617324bd1ab9f Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Wed, 26 Jan 2022 07:49:04 GMT server cloudflare etag "5BC76CB4BE58F0ED416220783C1085F3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lntaxzQM6%2FyK2GZrwJSE8aaWtjewPxboyxhEe8B7%2F85flFHuQcm9BjJoa6U11S%2B3YHnmux0eYPivZ9OQTVryp9qoz2Zng4OC6wNMgrmpL4gah3eHX%2FnW0XKWy4zYiFA%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac84fe91-MEL content-length 4538 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	8a55073c6dbcef1494b0702d4a1bf3c2.jpg static.bg3.co/imgs/202105/	3 KB 4 KB	685ms 682ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/8a55073c6dbcef1494b0702d4a1bf3c2.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b402fa6aade95f5f20a910f38c92424969142f6d968a669c51d0641523cbd014 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Tue, 25 May 2021 17:28:40 GMT server cloudflare etag "8A55073C6DBCEF1494B0702D4A1BF3C2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx3w4J1%2Bp7jemQnuwP7bKbEXMCs5POfh2%2FE2k7fMeQuMCNBakYe1%2FVfNxky80uICa2173vU8BMg3MAb7bMC09pzHm3XJ52u3naVl9uNoU93k4O1vWUQ0VEaxHoc6GLg%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac85fe91-MEL content-length 3399 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	7c15dffd2f03444e34c4a15d387651fe.jpg static.bg3.co/imgs/202204/	4 KB 4 KB	681ms 677ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202204/7c15dffd2f03444e34c4a15d387651fe.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af992369504a6c607ca46172ef74bf54f6b5c4ade1bb12d428ae4a57773fc65d Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Sat, 30 Apr 2022 07:04:32 GMT server cloudflare etag "7C15DFFD2F03444E34C4A15D387651FE" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=We20pzq16hk1zdwzE3sZjF3VTfoCmABaut7LI2Lr0FLZPllBZPBPw30L66Tzfmg%2BZ9q0QSeYWN4cvz2vW6ShGslJx0ptNgt8UqN8uJ5XT7EI5HPoLSYgF4YmWOfVmLU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac86fe91-MEL content-length 3734 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	ea37da8ad1629e37c7cca7760de52d38.jpg static.bg3.co/imgs/202204/	7 KB 7 KB	589ms 586ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202204/ea37da8ad1629e37c7cca7760de52d38.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac4a86369c7287d3fde7ac0cdafaa3a401a121a5cd8d63d3b454f6b29d00e563 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Thu, 07 Apr 2022 07:03:48 GMT server cloudflare etag "EA37DA8AD1629E37C7CCA7760DE52D38" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf6n6kNls%2FqHUgr3fpmUwRNnsIVgJLDiIGzZIV%2F2F3211qW4zzJZ%2Fyq7rQzAxm8c2BQNQo%2FSEebOa7qiDT7TwXK9Nb6ofX81%2FfR7qyS8Y6RLa9aTPCbEGKpgp6L%2Bo1I%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac87fe91-MEL content-length 6735 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	c56d4b9bf66352e7a07604f686ba77e6.jpg static.bg3.co/imgs/202206/	7 KB 7 KB	588ms 585ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202206/c56d4b9bf66352e7a07604f686ba77e6.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2ad70c85e503c201a49baaf02e18996e2f76816547478fbd48bd5689ca207c0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Wed, 15 Jun 2022 07:09:50 GMT server cloudflare etag "C56D4B9BF66352E7A07604F686BA77E6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2qSXpNpMdYwZVxv8ME8CjAtItl%2BqfvOgg6oo%2BeYrGcUoigoxYS68%2BMsqZfW03EhnRsdKdt%2F5VHZW5NzMU7E1HSnnNogUCIW2btezHbk4%2F%2FDwd51tVZbmpxJJQUVkcE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac88fe91-MEL content-length 7268 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	c88a6c3cd16b905e691ddc1136c18c46.jpg static.bg3.co/imgs/202106/	4 KB 4 KB	582ms 579ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202106/c88a6c3cd16b905e691ddc1136c18c46.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10522823276d21c0defadb1496d68c494447bf93c3f171902a78a0f47cdaf9b0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Thu, 10 Jun 2021 01:24:07 GMT server cloudflare etag "C88A6C3CD16B905E691DDC1136C18C46" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kzu8gGUl7AX0SS3YpovOAT4B3gdgtjFbB1K%2FQXkAAqbqqd%2BBIVcf2DGgFWXGYwpDKwJeUg%2BWHlvYBNc%2FjHvw%2BXQxMyd2oO%2BealYV0BDjURCudiKAaU%2F3sPaPGdITQqg%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac89fe91-MEL content-length 4168 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	e69c1e6c7e345e2fbe412defd2fa7dc2.jpg static.bg3.co/imgs/202105/	6 KB 6 KB	613ms 610ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/e69c1e6c7e345e2fbe412defd2fa7dc2.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1c827a6fd9a694d20baf657ffebec650b41a952a143ffe418eefe0c5b290fc5 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Wed, 19 May 2021 05:39:46 GMT server cloudflare etag "E69C1E6C7E345E2FBE412DEFD2FA7DC2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cF%2FaxiM3SdCrbGWiPOh0g0DcAX3T%2FK4J5PkiO24HoArbwgm%2BDpGDLF6X8gyJCBFiEUR1%2BvWBlkkKPYvPUzy7z7%2B%2FgMwzeHf35ZmVq4J1DIpscQMK4TQyQBg8r235CGc%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac8bfe91-MEL content-length 6269 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	b45119668c354496daafc7a2f9c3763d.jpg static.bg3.co/imgs/202105/	7 KB 7 KB	590ms 586ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/b45119668c354496daafc7a2f9c3763d.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3cca1503e9840158ec0adf1c93019c7d97a0d0047215abc1852187671f6bb50 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Sat, 29 May 2021 06:51:26 GMT server cloudflare etag "B45119668C354496DAAFC7A2F9C3763D" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bja7NuDi54UWdUnBHIqQcqKlZCPVWPrEmUYwtK3BQ8gNG89RWhArwlyKI8IXeI219Xm0LyQU6RatABbEhOtpKTDUeK8q2u0jTMED%2Bm3g%2FkipGtxTItSISHdlSJskGv4%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac8cfe91-MEL content-length 7239 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	b2af5156f32c55bb727b8002ff9881c2.jpg static.bg3.co/imgs/202106/	5 KB 5 KB	679ms 676ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202106/b2af5156f32c55bb727b8002ff9881c2.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6755174b3f4982a7d60fea3bf27092795cf4caff01e4acff22c7bac478ddee10 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Wed, 09 Jun 2021 01:03:34 GMT server cloudflare etag "B2AF5156F32C55BB727B8002FF9881C2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4t1OhxaiZG9kGp8lIniCOAHigTQ91%2F2%2FZl4Is46Ec9Hxej%2FZZAvLnu%2FAU1wDFxyIHLJUMfCqjEyPWG1%2FvKPa76P9Bxer6asBBZJnm97%2BJLXchUtxn4XAjWlt%2B4aHt5U%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac8dfe91-MEL content-length 4741 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	89ce1eda86a62e673f3d3a1bd483ab09.jpg static.bg3.co/imgs/202105/	5 KB 5 KB	661ms 658ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/89ce1eda86a62e673f3d3a1bd483ab09.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a23cf89dbe31faa5a90d2f343f1a6dac3d742cbf946f1a70473de03a3545c068 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Wed, 19 May 2021 02:43:05 GMT server cloudflare etag "89CE1EDA86A62E673F3D3A1BD483AB09" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EesUgoyQlPROvLSgGZsPk2LIPbc1pb0dlXXG0NzMwJdIec4Qp4ilRgCp%2BdvHHgTUKyGutrHKN1Ai%2FAIaz%2FGvrW4vlF63vW3ze7ZcQXN4pTdwoboC9QrIvT1OHf5gz2s%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac8efe91-MEL content-length 5257 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	3eca51a05fbc1bcac901814522158d32.jpg static.bg3.co/imgs/202105/	8 KB 8 KB	614ms 611ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/3eca51a05fbc1bcac901814522158d32.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7983f9eba2bb9d0a2003b50275509dfd97c3c41a1d8b2feeeaa56a0c67a451a Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Sun, 23 May 2021 20:15:39 GMT server cloudflare etag "3ECA51A05FBC1BCAC901814522158D32" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpURC6Qc%2FLh7vo4p%2BAnukBcYn%2FJMVinGjGCbk1M1n5JYowX3f51%2BbrDeZgGx8ZUWhzC14K3hoaMtFoX5B9jkQmb1nnn5Phqogrf8barf9qKyWO8pj3JKBobOWK7NO8A%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac8ffe91-MEL content-length 7688 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	2f7fcf2283cbed2b9a812857f695e5ff.jpg static.bg3.co/imgs/202105/	8 KB 8 KB	667ms 664ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202105/2f7fcf2283cbed2b9a812857f695e5ff.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6ad61c17cb8fdbd21016a861d47969317622d41b479108f8a0128a8acdf4be0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Thu, 20 May 2021 00:16:53 GMT server cloudflare etag "2F7FCF2283CBED2B9A812857F695E5FF" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRDTeoQ0SBRHFN6de3Djrg3ZNfHI0IcUlK1MBgTBSeHvmX2IoBkLANEa8oDjT%2BZbtpx1QlpZmQ38%2FqCWpjV%2FGoIDu2vQxqe3ybXifE6RvmW0q4WoP8b59cqcj2zgusE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac90fe91-MEL content-length 7995 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H2	200	f939f548448b4942ec42869b2866bf44.jpg static.bg3.co/imgs/202109/	6 KB 6 KB	606ms 603ms	Image image/jpeg	104.26.2.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bg3.co/imgs/202109/f939f548448b4942ec42869b2866bf44.jpg?w=150&h=100&q=100 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35539e3ebbd61cc1392d103b91fbd2cb322591c142cf971efa37eb88259ebab2 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT cf-cache-status MISS last-modified Thu, 02 Sep 2021 11:32:57 GMT server cloudflare etag "F939F548448B4942EC42869B2866BF44" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpbasTziiw3RcsTt%2FCwQA%2F%2BTIS4pnVMC2MO4U3kCtzfWZtgnMeLj%2BMkLYeWW5EzMKIApTf13DH1x86lEiBJDVaWuut2XWFM2k%2BrfgEsxVNDALS7KJTLc41tmaLbFuKE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 741f3239ac91fe91-MEL content-length 6012 expires Sun, 04 Sep 2022 18:44:05 GMT
GET H3	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012208121708000/v0/	8 KB 3 KB	528ms 182ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208121708000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 740ffa5ffc4ed6a504bcc5f6f9fe5bcd3af393bf1a3d621944bac18722075553 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ Origin https://www.bg3.co accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 16254 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2995 x-xss-protection 0 server sffe date Sun, 28 Aug 2022 14:13:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "2d2f0c9c768f6ba9" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 28 Aug 2023 14:13:10 GMT
GET H3	200	amp-ad-0.1.js Show response cdn.ampproject.org/rtv/012208121708000/v0/	81 KB 23 KB	535ms 192ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 6dd09c80d743e5c5e9bd8ab6ceed8f1a48d40e914681043e0cacd30f584ec1df Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ Origin https://www.bg3.co accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 99863 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23065 x-xss-protection 0 server sffe date Sat, 27 Aug 2022 14:59:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "069ae92740d24a46" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 27 Aug 2023 14:59:41 GMT
GET H2	200	ama Show response pagead2.googlesyndication.com/getconfig/	5 KB 1 KB	526ms 176ms	Fetch application/json	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 4dc189b45c6485c80edecc3b8b60fdd033b1408ec6e11fa940f4ac977a8d8904 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 589 x-xss-protection 0
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012208121708000/v0/	12 KB 4 KB	512ms 172ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208121708000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash a0959a3ef0c2403f6026292415a5ecd2f9eabf8d11ff040609eb8c5d88734810 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ Origin https://www.bg3.co accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 61105 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3841 x-xss-protection 0 server sffe date Sun, 28 Aug 2022 01:45:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a89096bd4dac0edc" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 28 Aug 2023 01:45:39 GMT
GET H2	200	jquery-2.2.2.min.js Show response code.jquery.com/	84 KB 29 KB	720ms 238ms	Script application/javascript	69.16.175.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.2.min.js Requested by Host: delivery.adrecover.com URL: https://delivery.adrecover.com/43519/adRecover.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS hwcdn.net Software nginx / Resource Hash dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-14e98" vary Accept-Encoding x-hw 1661712245.dop033.la3.t,1661712245.cds233.la3.hn,1661712245.cds210.la3.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29880
GET H3	200	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame 6D75	118 KB 39 KB	602ms 259ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 4dee5343baa98ca076818c3845eead4a0b5d6047d07420c1fc3bd29cd9a66af0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40290 x-xss-protection 0 server cafe etag 17332340379629706619 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 28 Aug 2022 18:44:05 GMT
GET H3	200	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame 31C6	118 KB 39 KB	524ms 187ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash e38b6744772fb183d4687635ea6fdf0d3e21d73dadb69e945a2e2122422ab31b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40295 x-xss-protection 0 server cafe etag 1777625451226942630 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 28 Aug 2022 18:44:05 GMT
GET H3	200	amp-sticky-ad-1.0.js Show response cdn.ampproject.org/rtv/012208121708000/v0/	39 KB 10 KB	172ms 172ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208121708000/v0/amp-sticky-ad-1.0.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 73cebcd1f01c0af24cf0b3dfdc4989de4feed5f04fc5d399f6096d5194201400 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ Origin https://www.bg3.co accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 24268 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10236 x-xss-protection 0 server sffe date Sun, 28 Aug 2022 11:59:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "3e723257ea406594" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 28 Aug 2023 11:59:36 GMT
GET H3	200	amp-ad-network-adsense-impl-0.1.js Show response cdn.ampproject.org/rtv/012208121708000/v0/	214 KB 57 KB	172ms 172ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-network-adsense-impl-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 0962992388017b566b3a129965a7dcd3da217015293874236154b9d4613f176e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ Origin https://www.bg3.co accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 226474 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57837 x-xss-protection 0 server sffe date Fri, 26 Aug 2022 03:49:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d9de18c3b0ae27e6" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 26 Aug 2023 03:49:31 GMT
GET H3	200	cookieSyncIframe.html Show response cdn.aralego.net/ucfad/cookie/ Frame 0F07	714 B 865 B	96ms 96ms	Document text/html	104.26.5.103 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6 Request headers Referer https://www.bg3.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers access-control-allow-credentials true age 6300 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=14400 cf-cache-status HIT cf-ray 741f323c09ac5a61-MEL content-encoding br content-type text/html date Sun, 28 Aug 2022 18:44:05 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 09 Feb 2022 05:59:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtqtXVReviSdcG%2FSAUl9djgYD4dqU9W96LUkzQ3xzMG9eyz7Zb3Biq4iY%2FuPC2Giwb92tO3Mg4QdYbEl%2F%2BudlzAPtRbo2OItQkzhP0zKkL1pG%2FQQ2MuNqy2maEEherg%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	idsync sync.aralego.com/	35 B 384 B	604ms 203ms	Image image/gif	64.120.88.131 LEASEWEB-APAC-HKG...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}& Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK), Reverse DNS Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:05 GMT Connection close Content-Length 35 Content-Type image/gif
GET H3	200	cookieSyncIframe.html Show response cdn.aralego.net/ucfad/cookie/ Frame 9C78	714 B 832 B	92ms 92ms	Document text/html	104.26.5.103 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6 Request headers Referer https://www.bg3.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers access-control-allow-credentials true age 6300 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=14400 cf-cache-status HIT cf-ray 741f323c19b95a61-MEL content-encoding br content-type text/html date Sun, 28 Aug 2022 18:44:05 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 09 Feb 2022 05:59:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR0Ndycql5LFjX%2BzJuTV353YOMJA0kqxwVI4QPSifD%2B%2BGRVVeiC6NvoElhC23eox3Hg9F0k%2Bmlkr3JNZNSkRfVxQYiJCvcdq%2BzzXuDrY88MmjJ2FWMFv21iyzeHBLTBm%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 0F07	83 KB 28 KB	524ms 174ms	Script text/javascript	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.aralego.net URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software sffe / Resource Hash af9fa4d754102f1a82d4a88e96b9e0d200d07b5c27ac2f6aa04fc48536a880da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28571 x-xss-protection 0 server sffe etag "1317 / 802 of 1000 / last-modified: 1661552013" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 28 Aug 2022 18:44:05 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 9C78	83 KB 28 KB	705ms 364ms	Script text/javascript	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.aralego.net URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software sffe / Resource Hash 7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28647 x-xss-protection 0 server sffe etag "1317 / 979 of 1000 / last-modified: 1661551853" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 28 Aug 2022 18:44:05 GMT
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	367ms 366ms	Script application/javascript	69.16.175.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/42753/adpushup.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS hwcdn.net Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-15d9d" vary Accept-Encoding x-hw 1661712245.dop033.la3.t,1661712245.cds233.la3.hn,1661712245.cds267.la3.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	200	integrator.json Show response adservice.google.com/adsid/	86 B 572 B	514ms 170ms	Fetch application/json	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash 14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." access-control-allow-origin https://www.bg3.co cache-control private, no-cache, no-store access-control-allow-credentials true cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 83 x-xss-protection 0
GET H2	200	nameframe.html d-28590489582262331284.ampproject.net/2208121708000/	0 0	521ms 172ms	Other text/html	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://d-28590489582262331284.ampproject.net/2208121708000/nameframe.html Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	gtag.json Show response cdn.ampproject.org/rtv/012208121708000/v0/analytics-vendors/	2 KB 931 B	173ms 173ms	Fetch application/json	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208121708000/v0/analytics-vendors/gtag.json Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 125099 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 901 x-xss-protection 0 server sffe date Sat, 27 Aug 2022 07:59:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type application/json access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f8ad7a45fe031326" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 27 Aug 2023 07:59:06 GMT
POST H2	200	amp Show response www.googletagmanager.com/gtag/	610 B 808 B	514ms 173ms	Fetch application/json	142.251.12.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f97.1e100.net Software Google Tag Manager / Resource Hash 8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept application/json Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=utf-8 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding br vary * cross-origin-resource-policy cross-origin content-disposition attachment; filename="amp.json" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 258 x-xss-protection 0 pragma no-cache amp-access-control-allow-source-origin https://www.bg3.co server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/json; charset=UTF-8 access-control-allow-origin https://www.bg3.co access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	block.jpg delivery.adrecover.com/	631 B 915 B	297ms 296ms	Image image/jpeg	42.99.140.201 ASN-TELSTRA-GLOBA...
General Check archive.org Show headers Download Go to Show image Full URL https://delivery.adrecover.com/block.jpg?ts=1661712245658 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK), Reverse DNS ip-42-99-140-201.pacnet.net Software nginx/1.18.0 / Resource Hash 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-country AU date Sun, 28 Aug 2022 18:44:06 GMT last-modified Wed, 23 Jun 2021 06:37:54 GMT server nginx/1.18.0 etag "60d2d6c2-277" vary Accept-Encoding x-akamai-device mobile:false&tablet:false access-control-allow-origin * cache-control max-age=3600 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-type image/jpeg content-length 631 expires Sun, 28 Aug 2022 19:44:06 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/ Frame 31C6	343 KB 120 KB	192ms 192ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash a10fdc21836ebd307ba5634f3b92cf257ac07f8a49b9a299e0e1365a42bac355 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 123233 x-xss-protection 0 server cafe etag 10992865580420844201 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 28 Aug 2022 18:44:05 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/ Frame 6D75	342 KB 120 KB	217ms 217ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 7d676ba25f25bf00b2c640eb8db188103719675eaf32ec37a36931762a39ac00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 122960 x-xss-protection 0 server cafe etag 7318862798100865146 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 28 Aug 2022 18:44:05 GMT
GET H2	200	pb.42753.1661278076254.v6.js Show response cdn.adpushup.com/prebid/	342 KB 92 KB	1225ms 340ms	Script application/javascript	42.99.140.161 ASN-TELSTRA-GLOBA...
General Check archive.org Show headers Download Go to Full URL https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/42753/adpushup.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK), Reverse DNS ip-42-99-140-161.pacnet.net Software nginx/1.18.0 / Resource Hash e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-country AU date Sun, 28 Aug 2022 18:44:06 GMT content-encoding br last-modified Tue, 23 Aug 2022 18:08:10 GMT server nginx/1.18.0 etag W/"6305178a-557f3" vary Accept-Encoding x-akamai-device mobile:false&tablet:false access-control-allow-origin * cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=6 content-type application/javascript content-length 93716 expires Mon, 28 Aug 2023 18:44:06 GMT
GET BLOB	200 OK	08128654-13aa-4329-9645-0d0b64aefc1d https://www.bg3.co/	4 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.bg3.co/08128654-13aa-4329-9645-0d0b64aefc1d Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 3743
GET H2	200	pubads_impl_2022082302.js Show response securepubads.g.doubleclick.net/gpt/ Frame 0F07	379 KB 129 KB	475ms 174ms	Script text/javascript	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software sffe / Resource Hash 257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 27 Aug 2022 18:02:57 GMT content-encoding gzip x-content-type-options nosniff age 88869 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132097 x-xss-protection 0 last-modified Tue, 23 Aug 2022 21:23:25 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 27 Aug 2023 18:02:57 GMT
GET H3	200	pubads_impl_2022082202.js Show response securepubads.g.doubleclick.net/gpt/ Frame 9C78	384 KB 131 KB	411ms 171ms	Script text/javascript	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software sffe / Resource Hash 07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Aug 2022 17:43:39 GMT content-encoding gzip x-content-type-options nosniff age 262827 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133587 x-xss-protection 0 last-modified Tue, 23 Aug 2022 21:21:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 25 Aug 2023 17:43:39 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 396 B	519ms 174ms	Image image/gif	142.251.12.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%AD%A3%E5%A6%B9%E5%8F%83%E9%81%B8%E4%BA%BA%E3%80%8C%E6%93%BA%E6%8B%8D%E6%95%99%E5%AD%B8%E3%80%8D%E9%81%AD%E6%89%B9%E8%B3%A3%E8%82%89%EF%BC%81%E9%A9%9A%E4%BA%BA%E5%AD%B8%E6%AD%B7%E6%9B%9D%E5%85%89%EF%BC%9A%E8%AA%B0%E7%89%A9%E5%8C%96%E5%A5%B3%E6%80%A7%EF%BC%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-JiCQ5zinqqxk-NJ_PmvHyQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.6384480239743557&gjid=0.7959174569725105&_r=1&a=873&z=0.35145368486793016&gtm=2pu000 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f113.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:06 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame DEF9	603 B 627 B	656ms 316ms	Document text/html	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-424611399810825733&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3246&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=5000873&ga_cid=amp-JiCQ5zinqqxk-NJ_PmvHyQ&ga_hid=873&dt=1661712245480&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&bdt=2041&dtd=398&__amp_source_origin=https%3A%2F%2Fwww.bg3.co Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:06 GMT expires Sun, 28 Aug 2022 18:44:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame 31C6	379 B 692 B	524ms 173ms	Script text/javascript	142.251.10.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f156.1e100.net Software cafe / Resource Hash e3aeb4f88e248cced68ad051a2207247cc53e89efb22b9e5e59f1c2f8315ec09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 247 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com.au/adsid/ Frame 31C6	107 B 165 B	530ms 176ms	Script application/javascript	142.251.12.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 31C6	107 B 196 B	474ms 173ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html Show response adx.holmesmind.com/adx-file/20220802/ Frame 12B5 Redirect Chain https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw... https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html	673 B 1 KB	529ms 172ms	Document text/html	52.84.251.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.251.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-251-100.sin5.r.cloudfront.net Software AmazonS3 / Resource Hash 21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711 Request headers Referer https://www.bg3.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 399 content-length 673 content-type text/html date Sun, 28 Aug 2022 18:37:30 GMT etag "48eae0cda160246f65db69ea3a0e8b6a" last-modified Tue, 02 Aug 2022 04:45:52 GMT server AmazonS3 vary Accept-Encoding via 1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront) x-amz-cf-id ZQLpaRyhpZggR2WGFmwEdjbpYsxhNvzOgbYUC6IJaf6pLrdrcI4YtA== x-amz-cf-pop SIN5-C1 x-amz-version-id AXCXhborHznj.8nLhhiA1470QYBmIoZE x-cache Hit from cloudfront Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:06 GMT location https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame 6D75	379 B 317 B	475ms 173ms	Script text/javascript	142.251.10.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f156.1e100.net Software cafe / Resource Hash 17a17443aaaa4206bd24aa4ee122b41647cc1ef57a6e1e1b85ad782daccfed74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 248 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com.au/adsid/ Frame 6D75	107 B 165 B	490ms 174ms	Script application/javascript	142.251.12.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 6D75	107 B 122 B	481ms 172ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html Show response adx.holmesmind.com/adx-file/20220802/ Frame C99D Redirect Chain https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw... https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html	673 B 1 KB	502ms 173ms	Document text/html	52.84.251.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.251.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-251-100.sin5.r.cloudfront.net Software AmazonS3 / Resource Hash 21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711 Request headers Referer https://www.bg3.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 399 content-length 673 content-type text/html date Sun, 28 Aug 2022 18:37:30 GMT etag "48eae0cda160246f65db69ea3a0e8b6a" last-modified Tue, 02 Aug 2022 04:45:52 GMT server AmazonS3 vary Accept-Encoding via 1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront) x-amz-cf-id 1XTL2HI9tE_xKiKsAa95r6Sla8zOcSyKqByoCdoEYmKV430ROzsaAQ== x-amz-cf-pop SIN5-C1 x-amz-version-id AXCXhborHznj.8nLhhiA1470QYBmIoZE x-cache Hit from cloudfront Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:06 GMT location https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com.au/adsid/ Frame 0F07	107 B 792 B	300ms 173ms	Script application/javascript	142.251.12.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 0F07	107 B 122 B	294ms 175ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 0F07	492 B 265 B	194ms 194ms	XHR text/plain	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=816637484102105&correlator=1678580987659781&eid=31069153%2C31069184%2C44770638&output=ldjh&gdfp_req=1&vrg=2022082302&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661712246680&lmt=1644386353&dlt=1661712245177&idt=1481&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=wmtuhqbeeatz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=444577822.1661712247&ga_sid=1661712247&ga_hid=545074447&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software cafe / Resource Hash c8caa836b07c11fc4bc4f7d11ea2d7595dea1c99db0727d10a8e7ca9fbf96693 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:06 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 235 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cdn.aralego.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 417c82c1395ab5ed45cb3e68c106cf7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD40	6 KB 4 KB	522ms 172ms	Document text/html	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://417c82c1395ab5ed45cb3e68c106cf7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:07 GMT expires Mon, 28 Aug 2023 18:44:07 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com.au/adsid/ Frame 9C78	107 B 165 B	174ms 174ms	Script application/javascript	142.251.12.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 9C78	107 B 122 B	172ms 172ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 9C78	492 B 265 B	205ms 205ms	XHR text/plain	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1861024363498360&correlator=3299813748640569&eid=31068928%2C31069183%2C44761477%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661712246829&lmt=1644386353&dlt=1661712245189&idt=1618&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=q6i49i4x04ep&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2040076286.1661712247&ga_sid=1661712247&ga_hid=515195076&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software cafe / Resource Hash 470962b652a79f2ac356c02fd756e42bf8b1a1a16cf34a4ea9fba8bacb9f0233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:06 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 234 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cdn.aralego.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 3a747ac0fce3399870844e3489389e3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CB4	6 KB 4 KB	524ms 173ms	Document text/html	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://3a747ac0fce3399870844e3489389e3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:07 GMT expires Mon, 28 Aug 2023 18:44:07 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	quantcast.js Show response cdn.adpushup.com/pbuseridscripts/	450 B 618 B	311ms 311ms	Script application/javascript	42.99.140.161 ASN-TELSTRA-GLOBA...
General Check archive.org Show headers Download Go to Full URL https://cdn.adpushup.com/pbuseridscripts/quantcast.js Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/42753/adpushup.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK), Reverse DNS ip-42-99-140-161.pacnet.net Software nginx/1.18.0 / Resource Hash 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-country AU date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip last-modified Mon, 28 Jun 2021 04:15:23 GMT server nginx/1.18.0 etag "60d94cdb-1c2" vary Accept-Encoding x-akamai-device mobile:false&tablet:false access-control-allow-origin * cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=10 accept-ranges bytes content-type application/javascript content-length 317 expires Mon, 28 Aug 2023 18:44:07 GMT
GET H2	200	linkPreview.js Show response cdn.adpushup.com/42753/	72 KB 17 KB	512ms 512ms	Script application/javascript	42.99.140.161 ASN-TELSTRA-GLOBA...
General Check archive.org Show headers Download Go to Full URL https://cdn.adpushup.com/42753/linkPreview.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK), Reverse DNS ip-42-99-140-161.pacnet.net Software nginx/1.18.0 / Resource Hash 968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-country AU date Sun, 28 Aug 2022 18:44:07 GMT content-encoding br last-modified Thu, 14 Jul 2022 19:44:27 GMT server nginx/1.18.0 etag W/"62d0721b-11ed1" vary Accept-Encoding x-akamai-device mobile:false&tablet:false access-control-allow-origin * cache-control max-age=3600 server-timing cdn-cache; desc=HIT, edge; dur=16 content-type application/javascript content-length 17440 expires Sun, 28 Aug 2022 19:44:07 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	83 KB 28 KB	172ms 172ms	Script text/javascript	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/42753/adpushup.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software sffe / Resource Hash 7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28647 x-xss-protection 0 server sffe etag "1317 / 349 of 1000 / last-modified: 1661551853" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 28 Aug 2022 18:44:07 GMT
GET H2	200	sync e3.adpushup.com/AdPushupFeedbackWebService/user/	70 B 476 B	523ms 170ms	Image image/png	13.76.45.37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT ap-cookie-status cookies ap_uid and ap_usid are set access-control-allow-methods GET, POST content-type image/png access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H2	200	testmode e3.adpushup.com/AdPushupFeedbackWebService/feedback/	70 B 131 B	629ms 340ms	Image image/png	13.76.45.37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjE3MTIyNDcxOTgsInBhY2tldElkIjoiMDAwMEE3MDEtYjA4OTJlYTEtZWQwMC00Y2JkLTg4ODEtZjliMTAyNjc5OWUyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW5nLW1laS1jYW4teHVhbi1yZW4tYmFpLXBhaS1qaWFvLXh1ZS16YW8tcGktbWFpLXJvdS1saWFuZy1yZW4teHVlLWxpLXB1LWd1YW5nLXNodWktd3UtaHVhLW51LXhpbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT access-control-allow-methods GET, POST content-type image/png access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H2	200	testmode e3.adpushup.com/AdPushupFeedbackWebService/feedback/	70 B 131 B	630ms 341ms	Image image/png	13.76.45.37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjE3MTIyNDcxOTksInBhY2tldElkIjoiMDAwMEE3MDEtYjA4OTJlYTEtZWQwMC00Y2JkLTg4ODEtZjliMTAyNjc5OWUyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW5nLW1laS1jYW4teHVhbi1yZW4tYmFpLXBhaS1qaWFvLXh1ZS16YW8tcGktbWFpLXJvdS1saWFuZy1yZW4teHVlLWxpLXB1LWd1YW5nLXNodWktd3UtaHVhLW51LXhpbmcuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT access-control-allow-methods GET, POST content-type image/png access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H2	200	feedback e3.adpushup.com/AdPushupFeedbackWebService/	70 B 131 B	462ms 174ms	Image image/png	13.76.45.37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE3MTIyNDcxOTksInBhY2tldElkIjoiMDAwMEE3MDEtYjA4OTJlYTEtZWQwMC00Y2JkLTg4ODEtZjliMTAyNjc5OWUyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW5nLW1laS1jYW4teHVhbi1yZW4tYmFpLXBhaS1qaWFvLXh1ZS16YW8tcGktbWFpLXJvdS1saWFuZy1yZW4teHVlLWxpLXB1LWd1YW5nLXNodWktd3UtaHVhLW51LXhpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT access-control-allow-methods GET, POST content-type image/png access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H2	200	feedback e3.adpushup.com/AdPushupFeedbackWebService/	70 B 131 B	626ms 341ms	Image image/png	13.76.45.37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE3MTIyNDcyMDMsInBhY2tldElkIjoiMDAwMEE3MDEtYjA4OTJlYTEtZWQwMC00Y2JkLTg4ODEtZjliMTAyNjc5OWUyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW5nLW1laS1jYW4teHVhbi1yZW4tYmFpLXBhaS1qaWFvLXh1ZS16YW8tcGktbWFpLXJvdS1saWFuZy1yZW4teHVlLWxpLXB1LWd1YW5nLXNodWktd3UtaHVhLW51LXhpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT access-control-allow-methods GET, POST content-type image/png access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H2	200	feedback e3.adpushup.com/AdPushupFeedbackWebService/	70 B 131 B	622ms 339ms	Image image/png	13.76.45.37 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE3MTIyNDcyMDYsInBhY2tldElkIjoiMDAwMEE3MDEtYjA4OTJlYTEtZWQwMC00Y2JkLTg4ODEtZjliMTAyNjc5OWUyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW5nLW1laS1jYW4teHVhbi1yZW4tYmFpLXBhaS1qaWFvLXh1ZS16YW8tcGktbWFpLXJvdS1saWFuZy1yZW4teHVlLWxpLXB1LWd1YW5nLXNodWktd3UtaHVhLW51LXhpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT access-control-allow-methods GET, POST content-type image/png access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 0F07	14 KB 11 KB	497ms 196ms	XHR application/json	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082302&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 55c893777c8982880480b614b65f5ec9dda1f60acfa79dccc8b231b167118b38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11110 x-xss-protection 0
GET H3	200	pubads_impl_2022082202.js Show response securepubads.g.doubleclick.net/gpt/	384 KB 131 KB	172ms 171ms	Script text/javascript	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software sffe / Resource Hash 07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Aug 2022 17:43:39 GMT content-encoding gzip x-content-type-options nosniff age 262828 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133587 x-xss-protection 0 last-modified Tue, 23 Aug 2022 21:21:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 25 Aug 2023 17:43:39 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	109 B 118 B	521ms 175ms	XHR application/json	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software cafe / Resource Hash 57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93 x-xss-protection 0 expires Sun, 28 Aug 2022 18:44:07 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 9C78	14 KB 11 KB	375ms 179ms	XHR application/json	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 886ab13dee90730999468ead9605964f170bac0d9de1cee342b21fe11d457fe4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11059 x-xss-protection 0
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	285ms 94ms	XHR application/json	104.16.88.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220828 Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 420aa7c1d96c4bec5287b97f5de519aed454b232b4fa2253cdab4eb5d081dc27 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 28 Aug 2022 18:44:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 13371 x-jsd-version 1.0.1446 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19167-FRA, cache-iad-kiad7000067-IAD timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"665-3usGrpCWLpQRkfFNGUltCtZyNm8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyKa3nvTcejVRYpFAbPHeatvcj7fdQxvSa37cgdjWGDguHHy7nDSN%2BTzZdjyeq9S%2B8nHix7GhlnqubWvKV2XnaJAhTyr6UqmJUqh3qMshsA%2BuK17yFyrMz2CA9jqzZoDeUc%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=604800, s-maxage=43200 cf-ray 741f324c1c5b5ab8-MEL access-control-expose-headers *
POST H2	200	bid-request Show response a.teads.tv/hb/	16 B 361 B	819ms 273ms	XHR application/json	23.213.141.184 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/hb/bid-request Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.141.184 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-141-184.deploy.static.akamaitechnologies.com Software / Resource Hash 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip vary Accept-Encoding content-type application/json access-control-allow-origin https://www.bg3.co cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 42 expires Sun, 28 Aug 2022 18:44:08 GMT
POST H2	204	c Show response prebid.a-mo.net/a/	0 518 B	884ms 294ms	XHR text/plain	145.40.89.200 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.bg3.co date Sun, 28 Aug 2022 18:44:07 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server envoy x-envoy-upstream-service-time 2 vary origin, Accept-Encoding
GET H2	200	arj Show response adpushup-d.openx.net/w/1.0/	174 B 384 B	556ms 378ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=36af36c4-adc7-435d-9f7a-90afebc223cd%2Cfe80bd75-dcc7-43e2-91a3-19c08414d4bf%2Cce3825a0-16dd-4fae-a45f-733149d6caab&nocache=1661712247482&pubcid=1a0cb664-01ab-4fd5-b5b3-be9f956fe130&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347 Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash b031fcd1b209b4887757715a66ce2064a4e27edb400eafb9d3891dcf829714b7 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip server OXGW/0.0.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.bg3.co cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 166 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	avjp Show response adpushup-d.openx.net/v/1.0/	106 B 296 B	360ms 182ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=974b0f16-6835-41dd-8980-cd0598314afd&nocache=1661712247483&pubcid=1a0cb664-01ab-4fd5-b5b3-be9f956fe130&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT via 1.1 google server OXGW/0.0.0 p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.bg3.co cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 106 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	avjp Show response adpushup-d.openx.net/v/1.0/	106 B 296 B	357ms 179ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6c7d2c78-bc66-4681-b811-e066dc3c1f86&nocache=1661712247483&pubcid=1a0cb664-01ab-4fd5-b5b3-be9f956fe130&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT via 1.1 google server OXGW/0.0.0 p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.bg3.co cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 106 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	avjp Show response adpushup-d.openx.net/v/1.0/	106 B 504 B	351ms 174ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=44375404-32f8-4241-bb39-34bb82035204&nocache=1661712247483&pubcid=1a0cb664-01ab-4fd5-b5b3-be9f956fe130&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT via 1.1 google server OXGW/0.0.0 p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.bg3.co cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 106 expires Mon, 26 Jul 1997 05:00:00 GMT
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 918 B	479ms 300ms	XHR application/json	34.107.148.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9 Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash 581fb5bc88ea1994800e32526b7f99086bb0923f29c47136bbe1237c6442c7d0 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip server nginx content-type application/json;charset=UTF-8 access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 123 alt-svc clear via 1.1 google
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 407 B	674ms 328ms	XHR application/json	51.79.234.100 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ip100.ip-51-79-234.net Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip access-control-allow-headers content-type, origin, referer, user-agent p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://www.bg3.co cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 41
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	185 B 405 B	945ms 289ms	XHR application/json	35.72.150.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com Software / Resource Hash a83ea97ab67762cf39b837d4e20827dee318922382ab8872e4121864c386c410 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-prebid pbs-java/1.96.0 content-type application/json access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 173 expires 0
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	185 B 405 B	946ms 291ms	XHR application/json	35.72.150.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com Software / Resource Hash e7fffb0334b43748d8c2436d167a5242f63eb1842e8f5b1af95bb1bdc54a7218 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-prebid pbs-java/1.96.0 content-type application/json access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 174 expires 0
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	185 B 405 B	1160ms 505ms	XHR application/json	35.72.150.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com Software / Resource Hash a8b18c50256bb385356e7c4e426d9b4ee3014f0f85416fe7de9df898d99ff481 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-prebid pbs-java/1.96.0 content-type application/json access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 174 expires 0
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	472 B 2 KB	881ms 266ms	XHR application/json	69.173.158.65 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=1a0cb664-01ab-4fd5-b5b3-be9f956fe130%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=a3d0eeb7-c861-416b-96b9-1b9bf39e5ee1%3Bd496491a-ae1f-4c49-ac93-8310190fa3a6%3B624486d7-b9e6-4710-a536-8dca9e8341ae&l_pb_bid_id=25a4801cfb9b70a%3B2621f18d4d358ba%3B27d6b01ea7839b4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.32622679783098496 Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 68e3c3a84c61559fa475f86f176809f43a96a2b9dd12b76b311b99594ca7b87e Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 28 Aug 2022 18:44:08 GMT Server nginx/1.21.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.bg3.co Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 472 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H/1.1	400 Bad Request	auction Show response rtb.adxpremium.services/openrtb2/	59 B 396 B	2871ms 1498ms	XHR text/plain	135.125.163.79
General Check archive.org Show headers Download Go to Full URL https://rtb.adxpremium.services/openrtb2/auction Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 135.125.163.79 -, , ASN (), Reverse DNS Software / Resource Hash 1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT x-prebid pbs-go/unknown vary Origin content-type text/plain; charset=utf-8 access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 59 expires 0
POST H2	204	cdb Show response bidder.criteo.com/	0 212 B	521ms 173ms	XHR text/plain	182.161.73.145 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=96858292892 Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 28 Aug 2022 18:44:07 GMT server Finatra vary Origin access-control-allow-origin https://www.bg3.co access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	200	adreq Show response ads.servenobid.com/	405 B 552 B	1034ms 343ms	XHR application/json	52.31.51.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=4479 Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.51.240 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-51-240.eu-west-1.compute.amazonaws.com Software / Resource Hash 91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip amp-access-control-allow-source-origin * vary accept-encoding content-type application/json access-control-allow-origin https://www.bg3.co access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 504 B	765ms 419ms	XHR application/json	54.169.199.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&tmax=3000 Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.169.199.37 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-169-199-37.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT accept-ch sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua content-type application/json; charset=utf-8 access-control-allow-origin https://www.bg3.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
POST		v1 hb-api.omnitagjs.com/hb-api/prebid/	0 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	50 KB 13 KB	918ms 456ms	XHR application/json	104.254.151.60 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net Software nginx/1.21.3 / Resource Hash 7c17795a9cc86330c011f6f3aa2f930c77117b75f21564f497a77b8371273b88 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Sun, 28 Aug 2022 18:44:08 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 103.209.254.23; 103.209.254.23; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 4628ead3-e2b6-4f32-832b-e3107231434f Server nginx/1.21.3 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.bg3.co Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	37 B 315 B	504ms 323ms	XHR application/json	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227089eda86855e2d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2277edd8fdc4b077e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2280cf89d2cce3bc6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228125eb98b403366%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221a0cb664-01ab-4fd5-b5b3-be9f956fe130%22%7D%5D%7D%5D%7D%7D Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2d876f9a0932d68c6e2cf0cd0cbdef384646d284a5c2141a7cedc4e972eafca Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 28 Aug 2022 18:44:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 37 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVjSRmfoME3Rmh5%2Fs57Ic%2Bdrf7KZdjEikSoqJT2KhzXk%2Bi%2FJwxE7wDg4O14ZOHa%2F80tUGlt9uhfiZTbmJiUcCG3Di8a%2F4AVgAscuqXGwq3CoPspCWswJWyT%2B67OarU9Wne2e%2Bq16"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://www.bg3.co cache-control no-cache access-control-allow-credentials true cf-ray 741f324c5cff5a7f-MEL expires 0
GET H2	200	cygnus Show response htlb.casalemedia.com/	37 B 641 B	475ms 295ms	XHR application/json	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227089eda86855e2d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2280cf89d2cce3bc6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%228125eb98b403366%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221a0cb664-01ab-4fd5-b5b3-be9f956fe130%22%7D%5D%7D%5D%7D%7D Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2d876f9a0932d68c6e2cf0cd0cbdef384646d284a5c2141a7cedc4e972eafca Request headers Referer https://www.bg3.co/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 28 Aug 2022 18:44:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 37 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3nnCDRnMAwYJHv6%2FCU%2F%2Bf0cwG0WqIpm8%2F2cPUZxgQW6UpXKwwqHsbTGcgzL%2BU7ph7PGGOOoqMstLas3DVkzOTgjGQL292urLCTkLZIKTHHSViVdIkHnEQCD8JmoleVa35wF2q%2FT"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://www.bg3.co cache-control no-cache access-control-allow-credentials true cf-ray 741f324c5d005a7f-MEL expires 0
GET H2	200	quant.js Show response secure.quantserve.com/	26 KB 10 KB	539ms 171ms	Script application/javascript	103.229.10.171 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip etag "TFjIU174W8I7nbu1DVEZpA==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Sun, 04 Sep 2022 18:44:07 GMT
GET H3	200	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame 12B5	118 KB 39 KB	207ms 207ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: adx.holmesmind.com URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 53523756e54b3d0c8cd78936865aeab1e66b7f355ff1875661d5fe240fc9f72a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://adx.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40294 x-xss-protection 0 server cafe etag 16681115101578455588 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 28 Aug 2022 18:44:07 GMT
GET H3	200	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame C99D	117 KB 39 KB	187ms 187ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: adx.holmesmind.com URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 4307b2db591e6ae04eb18c14868f9f1162adb168e136af56b7caf856cf8e8882 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://adx.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40160 x-xss-protection 0 server cafe etag 8571853963213642920 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 28 Aug 2022 18:44:07 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/ Frame C99D	342 KB 120 KB	193ms 192ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069171 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 2a379fe0d0f9e2a712c68a422bd41931d373dac9d71b289387d1a2d77d969231 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://adx.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 123324 x-xss-protection 0 server cafe etag 6175185036218229348 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 28 Aug 2022 18:44:07 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 0F07	17 KB 7 KB	524ms 174ms	Script text/javascript	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 28 Aug 2022 18:44:08 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/ Frame 12B5	343 KB 120 KB	212ms 211ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash ffecc1c0a3117844bcbcf2976a9b349b2698a309293aeb45e008d254361aabb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://adx.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 123233 x-xss-protection 0 server cafe etag 2976376256055090852 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 28 Aug 2022 18:44:07 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 9C78	17 KB 6 KB	506ms 192ms	Script text/javascript	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 28 Aug 2022 18:44:08 GMT
GET H2	200	integrator.js Show response adservice.google.com.au/adsid/ Frame C99D	107 B 165 B	476ms 174ms	Script application/javascript	142.251.12.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069171 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://adx.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame C99D	107 B 122 B	171ms 171ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069171 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://adx.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 4EED	17 KB 9 KB	335ms 334ms	Document text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069171 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 7bcb892452a5c71558f6425bb74cd07ff3764eb6e6aef254bd77c89cf2991d16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adx.holmesmind.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 9668 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:08 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	rules-p-54Nt-1NAaEEe0.js Show response rules.quantcount.com/	209 B 682 B	525ms 172ms	Script application/javascript	13.227.254.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-108.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:06:10 GMT via 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront) age 2279 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 209 last-modified Fri, 26 Aug 2022 18:04:08 GMT server AmazonS3 etag "f6459e80de21135a46e02ad9e79f6802" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop SIN52-C3 accept-ranges bytes x-amz-cf-id FSwIvUP5yFHFAofGtrAyxckG4dJNJP0MwXRdMHUVsLpaym1Mh9ztOQ==
GET H3	200	integrator.js Show response adservice.google.com.au/adsid/ Frame 12B5	107 B 122 B	425ms 174ms	Script application/javascript	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://adx.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 12B5	107 B 122 B	171ms 171ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://adx.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 17AD	18 KB 10 KB	331ms 330ms	Document text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash c9f8b85ffed035413e330a1b50f402bd8201a8a552be762dc98e895f61b4a9bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adx.holmesmind.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 9915 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:08 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0DC3	13 KB 5 KB	476ms 173ms	Document text/html	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 137100 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 27 Aug 2022 04:39:08 GMT expires Sun, 27 Aug 2023 04:39:08 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 17AA	783 B 738 B	532ms 182ms	Document text/html	142.251.10.105 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.105 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f105.1e100.net Software GSE / Resource Hash 7ba858c39ba2d4ba87a329bcc76d0b16c9dabd0a91722828d19e148b9542a3f1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2SbC0gtPoXeEqFgIP7Dcpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-2SbC0gtPoXeEqFgIP7Dcpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:08 GMT expires Sun, 28 Aug 2022 18:44:08 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7228	13 KB 5 KB	481ms 180ms	Document text/html	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 137100 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 27 Aug 2022 04:39:08 GMT expires Sun, 27 Aug 2023 04:39:08 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 94F0	783 B 1 KB	518ms 181ms	Document text/html	142.251.10.105 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.105 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f105.1e100.net Software GSE / Resource Hash caf49fe0aec684f11b552a4590998a87056acce1231da415b31d28e03866fde0 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-DLSe6odOOGkJ9MMg05q6wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-DLSe6odOOGkJ9MMg05q6wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:08 GMT expires Sun, 28 Aug 2022 18:44:08 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4EED	42 B 63 B	175ms 175ms	Image image/gif	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQrinkkzczMp_K_BLAz84hcNrIRW84pWgJHavlW1MBjZqUQsT8HXqIA-T6CYdMMlEVs9dOKbfRtS1Sjz7ievlQ2dhAt22o-HmiogtQ_2JpZDxM3gE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4EED	3 KB 1 KB	483ms 241ms	Script text/javascript	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:16:40 GMT content-encoding gzip x-content-type-options nosniff age 1648 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Sep 2022 18:16:40 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4EED	17 KB 7 KB	446ms 204ms	Script text/javascript	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:44:58 GMT content-encoding gzip x-content-type-options nosniff age 7150 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Sep 2022 16:44:58 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 4EED	0 0	460ms 216ms	Image text/html	142.251.10.105 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTypWT_wE5mTTOKXtgNFeWONCeLzikhNbydcNuR51n4zn3aNqn2rhDUVBI-SbZrs6KvPyBfdG3Dqac3WH2SdMack7itow Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.105 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f105.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4EED	140 KB 44 KB	1345ms 994ms	Script text/javascript	142.251.12.156
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.156 -, , ASN (), Reverse DNS Software sffe / Resource Hash 40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:09 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44079 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1661341966742178" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 28 Aug 2022 18:44:09 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame D874	624 B 297 B	177ms 177ms	Document text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUAU4h-cNQ9OnnKKNifntQ6vJKC4xVf8OUzQjMai05l_4P-W3gYbo3p9tDZjX7ios8CtfdrSGQFaQi5OjecTl079YFSZw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:08 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 4EED	66 KB 32 KB	200ms 200ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNdWNXexE4vcR9l5wgCbrFWAPWurtJUnLOye7PTvrS6iX1zPN04DXal5AxMPAUcQ6R-89sehCUBU54VXINrKAyJqkCBA&cry=1&dbm_d=AKAmf-CCJSe55kA1RJHsRGQ7s5a35f5b03syvhWawoHCvS-mFM_XDwC2hzYKfi6qli9W-akWn_F7taT2KXFFJIethHFroJgwMb_WpSDEVtx8F2Q_cZV_N60hlZyWjQup6P-1NEAUXbJ7YOp_iNNyGjpOQZFX6lEEPJFERWYH_-u9-0G0uItbLuO15enN4GRfncsCiqU7NqzY_vC2Pqi3AnBaT_R3zltngSUvJGI5fYHSzW-TX-bF6oQXQ4jPWsJ4m7vr0Vt07af0OgkRHlTET-pHErrhmPfbtdUGZYe3oF80i5hYQUSJ4yMUY4vrH-21806i07-1WVpp5vzAllWd64U1f2X9pr5CQeGq3S--4CWyfuDYO9A97xCWQH2Xygkzh-gllxY6h1DoQcBb1bQhRSQtSk5M-XT-TjYpHoZ7TIzZYiJm5vjRrhIIG1EzLUPnhdfv4xNHV35MrIqCvviwY9IYToWHV_reOhaQhLVJw_vgSCWc8e3dljMWvBfXFvkkFZaRAjQFGSZ0dT1xHn-9_MzfKT5dSxqmGrmsriDNKP3-brahDPjNR-LlV5q7_udilO7sXQbd0cxeuuHEoqbY7oDE8RBwuKy-Zi5AZqExytDz_-amhB5NDfbyoT8GDmmJepSzEThwuaAh2UIMQqJZ3PMFoXnICGKbgMcYjB-BgXXu9Flchv_dDkuYkhxRVwcGICn2019j00t0cizZmNNdVB6QW29KQJj0KWku1CNj9s9SPNz_1Wb1_eIURMrUGvKF_cJIS5q52bYNIJ4w7OBCXAux6WaCAv1LlesSNGieQccTXcV0kYAwmneEuOsBjc2X7uoe-VCAVzxtZ-JJ4bnINHLmmAan1Td8jp5ip5BAYHLZRP6yXqOGp_Pp8rOueupvY230t22XnUQkRnOLBUsCdCVW-64t_326M-cvbJc5-QdPU1DhkYtelnxt5ENNQfbPOCnbl4TGZISRW6_KY2hZBu1VqNW9245I8zNlUROeKhSTjEtj1npReSvle_-U05l4jRlLCTBTt03GELjLg0ZNbXOWXJVZhLCT51JlW-wEBokEiDkfAAbuIQ_gj3iYic6c0Uz0D6sqt9HzKVLVtnZhx14s1BjinQ9619C_js5en7hAzSOycD1moA6Wxmuh3_4PTopOe-S3SjxzmcA3LPKWK2O7Wr1tTMjHFBYYDCsU4vkIgnaQNQR4KJlBhssuaI8EZ63MaSt8LjbmdSy67jiaTd-Syh95YZIWUhkLUeTdONXCAu8CoCglA0e5dvKNee0LBxcweLqez7UguBpUxsb2GcuxQLhF0Rsq3tH2XUrN9-BPNhiEXpD_MtDpDDYDydJnW6ZJxZ_yJno6R6T8mwpPe0UNQ_roW1Oy2ZtkNGfiBjt0una3ExvzSSPlVvjpl0Ale_HRoVgGsAx4b_krb60ZsOCRveESLaJ1GL0V7H6zX4e9PCBSS2BM_RbTj7ulnu0NxhzWsU0sPOXzHqmJSwsWrJFea7xGOgXl_HvH8cYlsI9jxkz3pcLOm8M-23_BGQQAZ2EpMzOsvVwVCn3njXtMMxWUiqu3XAIXW8TWWS235xtRNm-6UBvwLU0yt-ch6uMvBzsLUL0uBU5VAhcQTYGMoYMxm65M_Fanq4LPtj6lnnwi2x-nELnE2IK_JvISmHNvbHtXLZqgoSrVNT-EAGxS88HEh9JowPtXChaNv8zS26J6biLWFOXEt2AovK3CysT3yJ7-EeGi6fHmrDOvzRnIYF0OCqH0oLmNhjGgPhGVp0iXgzkqvlj4zGkPLP-YoXTUT50P2msoXeEOZNAzgwXmPKkHa5Y1SZ1sdK5rLDd3xFu1YRFN1rRCxMhFT1Hq5EuSZaVeb5Xe_H862zSsPFIuL83L4jdZ-dYFcLHkqYXEPneCj1CdDyn17cF8c0pD5mdabJpLB3To3HBJCoyHRBSD-Skha4KVKd3oqtieRCEPAopwEJmuUluJna95dQsowcJlrl4fLpYdeCwq4jZrvWg2k8e0BQxoKSz3DjuK2AOuyaNNPb4mc84eV8OXvFG052rKWX4K7kFFE6TrvaxqB462PMrBZbwIp6dg2nXA4rGilVh9uBfWNq8pWfZVfbhwvogBiAoHw53I2SMXf98ThmT4BRtr5HcJIA9g753Zc6TQw1iO1aGqrT1f-4hXfJnZTP63VBWHwm0xPM-y_RCsAbihNCfcu1RUdvtOZcLm3HJmazImlwk0AI-B4LwDi96K-NgkLJgVMdNn7bH8GJe8Jh1DsidEjxmDJGoJrFpl7hy5u7xVWnxuEgMCAASeg8ibc_zAfqmwB460VzXI30G70pv4AoEsdWFDYEH-zBXqpbslvyQ2f6D_t8ff_rHiletPbEyT4knzM-hSXCt4DtvEKmYVYGRD-aAwA2cpMCXhtfV3pBTAohpAvadIjFaXhgsG4rzTpOw98uPxJflnyY7844bAHajSPa269TYKf7tsk4pxenA9Bv-fWD8NG3KS0Wudbd7e5IOsGzR5BYWwqtODavhgPUcxmNCff5MRPtzaR-qXBxT6wy7maIh7JIknOfAd599FVHQukEcYdsAoU52-pxoDp2lvCKbTe27gdbqKwmJ7elY4DRB2WH7taJa12f8EHeAWy_ymIEM6NcLbEhAQ3qVGopvRm_qbEYjP9HKBCxKlBmHZCqu-pu5ItH-uOQzH8yhbhT3mzMorLPNZ1-Nofu7MpIJEBXEwzHEWthE6zPKsqGUMWcK3d3TlFOs4bK9DuORYE75aH4zB4wq4IJQ4yruhYqStWGzcxIFR9vv6bq32PsiM2f6TL4lKfgBVPoW3sPo8hma62HXmvDXWL6Zm3p7BRnSnuKTZViysjUswAOWGjI9bK7KrCgDTd93r4av0X8r5NSEKzG1PNY5h_WKPnp3WjuMgi36MuS5l8EPAwKmDfXodjWsGrpA8CnaFggm-7LGBbTTTgypYv6BEHOH6BiVqL5TJl_5OZBX8IxZug4mU39o4Awk7RWKObCz0pnVQgSjF9SdRaqsJEs61td9RveRfrzEQ9Dnni2W0Qjdf4rErH6Tq9k9YKvqcHt6Ghdn1sQU-Iid_QNDkPHIm9vCv3E-OUOn6zlOGjZUDZCZHoEab7Uv6cDpaHJaoPhI5obeSYe_Usm0i8kljhlgS-HVEhtksL_zvW2oxTuGd_jSQtbPpwjL1uvksmKqJHr0&cid=CAASEuRoC4C-0ZzhoqCuVTxNmzvN0A&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash bde9d3121f2372292471373f661ee0052368448362319b5b08f6219387241298 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32767 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 17AD	42 B 63 B	175ms 174ms	Image image/gif	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZTI8VmO20sFY9j8oFDnJt9Jj3U5sZeZP5gCLCFFh-uasd26zyXQgtUfpB3DY95nOoEeGT_bLj0nNPXUu1AkG2EOtASKRB-XuKLFXWZyYbBLL-i2A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 17AD	3 KB 1 KB	392ms 237ms	Script text/javascript	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:16:40 GMT content-encoding gzip x-content-type-options nosniff age 1648 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Sep 2022 18:16:40 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 17AD	17 KB 7 KB	331ms 176ms	Script text/javascript	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:44:58 GMT content-encoding gzip x-content-type-options nosniff age 7150 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Sep 2022 16:44:58 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 17AD	140 KB 43 KB	1484ms 1220ms	Script text/javascript	142.251.12.156
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.156 -, , ASN (), Reverse DNS Software sffe / Resource Hash 40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:09 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44079 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1661341966742178" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 28 Aug 2022 18:44:09 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 69C8	640 B 316 B	178ms 177ms	Document text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNV5w-oH3XFNB7SWifqslwdBWXgPtCWCGtLP51H9JuKp1Y_dlUcIpwKHQ9phQdEurP-bMw3QHBApuR6Zbh3u4nSQr5GYOQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 295 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:08 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 17AD	66 KB 32 KB	202ms 202ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-L4dZ9OiuXu11RyaVUA6wEGwRoRh5zpJaVA5HQY7j5Jxm2jhKtNVqvXKVfKEi54ySdkgpgtWjLS4ZROexuHFKn2NpWg&cry=1&dbm_d=AKAmf-CAkuygV2oaVqsIbItXN7XcBnQ18C_tr5iSQReHlEasG3txOs2O-VN7QFeEJccTbIx6KQAEBxMlzF8koA6ALYHQ8cgh1WSYZumFVDytF1wykg-SOkJmtUxgUWuN7xsR4ywP41vbPCcvoSs8XiPRWv7vvdpLD0PsGdzGtjtO9toeytXQyjzmT1ikv85mr0N7iTTkQu-E2s_ZdG59iks7_sCvyL82AlgJZn78nuL8AoGwOsMjbc4ChRdHFnqBSI59h9AIVoZwjO3r1-xkUPcJDi4E1rMWN9GzESjplQknZQsbsUMLTox77ppsHNQzQYR175GDs4nnj71JSmfxfrIPxJ81JoM10Pr9gL5VMnz9-7gJSC71NXUrkSdqDOFyPy5LlZ5GVtWns7lRUWwGSfGLfBQeXY0fxECJjxImdR3i1tAUfMElrHLlVPhuWfwsA4msF7dTlmh-dH0cfDxLEwOhLVrGm35bIc8aXFrGk1F0-I2u89cCOaThp72JqcXtP18omM1X91bJX2OXtlCQ9yi-oHOu8U0dtEDrIGfCfAM1kyRoPyp4PjQrAyJtry9xBYc-mXA7wwEMuTSNLfCD4vmMIK9C_SjbeloLkk6wD_HO5HaKyIgpdEGWCEH1jnK33l-ZvF4p-9banQ94B8vYFBUE-GCUzDPMwpK-1OMcMIBL5bXTc7cg3G9Kfw3lHLH8uGIb9ASkJ707ZrVgxNS-JVmKB7sbssXljU9KVOZpjsEBYiJvQGiJMxca-aHTFJoZ2qfOIFdAW440XFOxSOE2FFI1xwnT0sinfJgrtoC4rtMDz5HrHcSclCArN52XXZHQuqe-V5y0bjxRAd4sJlEzL8wrGfDAGGR-ryf3fRDHNNEDmjcl0GC22rZGRiVvvqXA91Oj0AbS35K324m6QrfQhZYQ021rkmt8LbQlMJ0mCbtfVYiIAFHzh-dNH31kln3hBit9STbU1-aGoD-lgV7QYr8ZR-s31Dp91-pGnYua33WnJnvPtP6F5URrBXBuJHhlOuwpIE7jn4mb3bi7o9K5Klyx83BQGjU2Xan7wvbHBJGELPn9cVLn_PP3sUTnTkUq9k_CMNWzeUckRDowspNLp-7WYlpR7qUPgvsKClFKwA1VEKyuE30Y4p1gF4xdqxE7iGL7QferUjueRjUFe2QKhUxuiXgDs-eLckONPaiOFHOyZS7d59iA4Zlq9b6IlXJVT55XqPeF7p5IZRLa35WqEbz7cU9krszvcz5t36IhPV1bmybeZd0CtZNcgGr6qoJC87ob0ZbSGdOD3I8hb5Zv5U6mcCyFb5fuhvm6XsHJGW987fL9EAg9KrpWCQ_Wkt3eMiOgsEpz8YyLNeHa6o85JFpnDdTlroZlxorIfQumUqQGLfXYxgiYnwVHjnINE3cGTaZcudQ9_wzWDUXwU7SXjlGQgqu8Moo1DSqCZ2qK-SFHn-P5W96320wh6LO84ppfDDpXWYdRyCNPDKefbxC66tdFpYKEwMeOuqm11evqOq3EM1L16XuBQInuYZAq73o8XxIZTvBsnwwp8laeiRKhC3grgJ8-W2goKRpb3R81KNU_nu4BisUeJDEflXZJFNkFZ_TOmsyD595PZ_GQkDPb4eI9rjaXtwffy6c8Q2an8xpBfrHPNBplZfCRuMsKWmiyRIVpHy50l_r_gaXENrFEVga6ev-yX0QeXBb7sxYr27ZNoCxJ_z5ZhfGNJstXwkcs4cQVk6KGsyfh7_V_8_lf_YeHLHHkpfg-lRr-x2z7sh53_GUT5Mz8oPvpXvSelZKEiY3x8fH5zZJ-Vw2CgwoD5i6dapHvjRFGgSBx4OsdumAW0SAB1APSd6Txc8_o6CFdlmfj7UH7nrvPBQN28RALV27dnO0LMF4K9v39gsyn6BSnvATCIsUxHIjBxrtt6h36sQZ4-12xVsz9nbQx3cVBtAcokjY8mQNkWiaC_eO0ouor5FECmNXjvKSNawywZKzQSssq1ibTWZ52IdFott67vqOga1qrMfcbGQe3GY6NQoWq-8Ki7W4LKjPGFOp3il5oO2yGCou-evTd3wy_KjUMycl4sK5Ofx5BsgrIkgsB74M6qdZ49YfivvQfSBVoloORn1iXGRy-ke9YnMiDRJCM_8UQZVIL2CkgG1grmq8VA9jnYJjZQfldq4PICL08M6NEcEkGFdhb88Dqtr2rMG1azhYcCHLn9cKpkP0UVza9zjD0Ww9_wcGRtRrsqdZdYc606_RTzeUw9jE1X0d57dCTo9pdthqwTfaZbwNXYBz_7WejC1KTyH3MtWnO6bna2lDgEEsD1kyRB4yB2upkHzgCpcKLdjTV1ZclB9ZuLnLpayU1TZ1YSYpPhAjMSsX5fPYTJ3WUuu1Q6Fhwhpkk9yKz4rDZgx5yisaAA_bnD7vcNISTk9yBGloxB-WFF4lpQH2Jx-4tHt7vQwNB-wTyUWpyZTAUYVDYGtsdpGufMhp8G2vcu0ZeE0wQM20I_mVRcIySpR1IPvODdmhETdxuSZDB7B3Y0r3WCJ3ThjNOigOJX8mphGHAowtdRaOsQDHYhqJn_x-L2ZaWjtfz5z9YSr7-_HNtw1AfBR0xHP9wxiKPFbb5YTlsXfuFF1uAphVW8Mxpz51t2r9B2ttfE6gECKKQJt1VklKuvLFICxA90Oil7vrhK8ahccBvyKGvB86fsuIgSmW40y_1cEjX9qQhPm4hGmX9DEyBd4SzLZCUVFoh9Fx4RikN1-4dF84buBeMysDCx3Up_6wl3PK1eiX2iv7hYx8kApZNMihaaDmnCCTi6_gThEM7dqA3vqPoGIQiwBeoMynblPytYq3x0J_kn8Rl2WNEx17Bnz4e4wkwk5YzDGkexl_k1ONtGS4nOVC8ryEM9f4H-QG4wnkOz1WefCGYT8dZgLYONmW4_PmlfSsjwQrR_EMtyz5a57VGRyss6ORRb_rjTIlHghAbELLNgIWu1gi_eMVWXzQZpWsuXHdJaAYvlQM1z3Up6iLHkaWqlt4Kyy1cRzmMEN9sI2SQJ0UgxWwR8CL7zwYiv5olI7xuSpjLNAt-SOR-9xUFvIaHKten5jyTUDVry6De69jlw77edox8-5cVaWwZnWFlRD4wCp_n5yDVMKRn7RRiWumTNurG5COYGYWLXBUa58zMU1IEVWnS3Xj4y4qMdEC-D2D7f7BWg5jnmU_JcIA&cid=CAASEuRoOU1ZtqLmle-0iyt6y1cH6Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash d1377d56c008a225de53c96dad7deaa88d99e8f6229421d396fc0962edba4852 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32627 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame D874 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1&C=1	43 B 909 B	328ms 237ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUAU4h-cNQ9OnnKKNifntQ6vJKC4xVf8OUzQjMai05l_4P-W3gYbo3p9tDZjX7ios8CtfdrSGQFaQi5OjecTl079YFSZw Protocol H3 Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cf-ray 741f32553dee5a9c-MEL pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGeeBgzh6YBUjz4PLzwQUj%2B6nHjLkPA7MujeqjFlMTkXZOmH4OAHQenf15w0w41W4vu37TGnfE6BWsLSykPuh6%2FickPG5KCtzwZ6Zqcu%2BhbCUsY0UAfJGJcL7p%2FtWyq7DoOGP4xkKqAz1g%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BelY4NqCWcneUHBz4Gf5yHaUjlAH8RuKQNDGSOxb734KZEEgQ7yg1davQkVFXInPEr5qLXpb8VhlEJCcnv%2FuxnkZG6PEuCiescFcMmVq3IKjxem0LRY0RXI4v%2FmJOh%2B6IvRlOe%2BJxuWpvQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1&C=1 cache-control no-cache cf-ray 741f32533bdb17ca-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame D874 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywu3eIqvCeQB.X3n-s5X0wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1&google_hm=2	43 B 912 B	277ms 277ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUAU4h-cNQ9OnnKKNifntQ6vJKC4xVf8OUzQjMai05l_4P-W3gYbo3p9tDZjX7ios8CtfdrSGQFaQi5OjecTl079YFSZw Protocol H3 Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cf-ray 741f3257cf045a9c-MEL pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIVjMjgY48ULjN4aDL%2FyVrJ8zzdTirNDgTcBU6LpKmzqo2hvEExv%2BXUN84qQ6tfgMY%2B90dsJI9L0GhvhZWQZiep5ROxWBQGvWFFvtvnG8ItCdezh%2B3H0I1%2F8jni22SE10H9KIXZFu%2BV15g%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkep85Qmt4cRTjt9M5aP-s&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame D874 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEM1xMx0XBl2MFZGocNqwzPM&google_cver=1	43 B 1018 B	290ms 229ms	Image image/gif	104.254.151.60 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEM1xMx0XBl2MFZGocNqwzPM&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUAU4h-cNQ9OnnKKNifntQ6vJKC4xVf8OUzQjMai05l_4P-W3gYbo3p9tDZjX7ios8CtfdrSGQFaQi5OjecTl079YFSZw Protocol HTTP/1.1 Server 104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Aug 2022 18:44:08 GMT X-Proxy-Origin 103.209.254.23; 103.209.254.23; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com AN-X-Request-Uuid b1e21006-a1a9-4a4a-a98b-e0396cd5ec70 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEM1xMx0XBl2MFZGocNqwzPM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame D874 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY0Njc2MjY3OTcyMjgwMjc3OA%3D%3D	170 B 188 B	174ms 173ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY0Njc2MjY3OTcyMjgwMjc3OA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUAU4h-cNQ9OnnKKNifntQ6vJKC4xVf8OUzQjMai05l_4P-W3gYbo3p9tDZjX7ios8CtfdrSGQFaQi5OjecTl079YFSZw Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 28 Aug 2022 18:44:08 GMT X-Proxy-Origin 103.209.254.23; 103.209.254.23; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com AN-X-Request-Uuid 0d0d4305-eff3-4ef5-b497-0d643349f710 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY0Njc2MjY3OTcyMjgwMjc3OA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 4EED	30 KB 12 KB	173ms 173ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNdWNXexE4vcR9l5wgCbrFWAPWurtJUnLOye7PTvrS6iX1zPN04DXal5AxMPAUcQ6R-89sehCUBU54VXINrKAyJqkCBA&cry=1&dbm_d=AKAmf-CCJSe55kA1RJHsRGQ7s5a35f5b03syvhWawoHCvS-mFM_XDwC2hzYKfi6qli9W-akWn_F7taT2KXFFJIethHFroJgwMb_WpSDEVtx8F2Q_cZV_N60hlZyWjQup6P-1NEAUXbJ7YOp_iNNyGjpOQZFX6lEEPJFERWYH_-u9-0G0uItbLuO15enN4GRfncsCiqU7NqzY_vC2Pqi3AnBaT_R3zltngSUvJGI5fYHSzW-TX-bF6oQXQ4jPWsJ4m7vr0Vt07af0OgkRHlTET-pHErrhmPfbtdUGZYe3oF80i5hYQUSJ4yMUY4vrH-21806i07-1WVpp5vzAllWd64U1f2X9pr5CQeGq3S--4CWyfuDYO9A97xCWQH2Xygkzh-gllxY6h1DoQcBb1bQhRSQtSk5M-XT-TjYpHoZ7TIzZYiJm5vjRrhIIG1EzLUPnhdfv4xNHV35MrIqCvviwY9IYToWHV_reOhaQhLVJw_vgSCWc8e3dljMWvBfXFvkkFZaRAjQFGSZ0dT1xHn-9_MzfKT5dSxqmGrmsriDNKP3-brahDPjNR-LlV5q7_udilO7sXQbd0cxeuuHEoqbY7oDE8RBwuKy-Zi5AZqExytDz_-amhB5NDfbyoT8GDmmJepSzEThwuaAh2UIMQqJZ3PMFoXnICGKbgMcYjB-BgXXu9Flchv_dDkuYkhxRVwcGICn2019j00t0cizZmNNdVB6QW29KQJj0KWku1CNj9s9SPNz_1Wb1_eIURMrUGvKF_cJIS5q52bYNIJ4w7OBCXAux6WaCAv1LlesSNGieQccTXcV0kYAwmneEuOsBjc2X7uoe-VCAVzxtZ-JJ4bnINHLmmAan1Td8jp5ip5BAYHLZRP6yXqOGp_Pp8rOueupvY230t22XnUQkRnOLBUsCdCVW-64t_326M-cvbJc5-QdPU1DhkYtelnxt5ENNQfbPOCnbl4TGZISRW6_KY2hZBu1VqNW9245I8zNlUROeKhSTjEtj1npReSvle_-U05l4jRlLCTBTt03GELjLg0ZNbXOWXJVZhLCT51JlW-wEBokEiDkfAAbuIQ_gj3iYic6c0Uz0D6sqt9HzKVLVtnZhx14s1BjinQ9619C_js5en7hAzSOycD1moA6Wxmuh3_4PTopOe-S3SjxzmcA3LPKWK2O7Wr1tTMjHFBYYDCsU4vkIgnaQNQR4KJlBhssuaI8EZ63MaSt8LjbmdSy67jiaTd-Syh95YZIWUhkLUeTdONXCAu8CoCglA0e5dvKNee0LBxcweLqez7UguBpUxsb2GcuxQLhF0Rsq3tH2XUrN9-BPNhiEXpD_MtDpDDYDydJnW6ZJxZ_yJno6R6T8mwpPe0UNQ_roW1Oy2ZtkNGfiBjt0una3ExvzSSPlVvjpl0Ale_HRoVgGsAx4b_krb60ZsOCRveESLaJ1GL0V7H6zX4e9PCBSS2BM_RbTj7ulnu0NxhzWsU0sPOXzHqmJSwsWrJFea7xGOgXl_HvH8cYlsI9jxkz3pcLOm8M-23_BGQQAZ2EpMzOsvVwVCn3njXtMMxWUiqu3XAIXW8TWWS235xtRNm-6UBvwLU0yt-ch6uMvBzsLUL0uBU5VAhcQTYGMoYMxm65M_Fanq4LPtj6lnnwi2x-nELnE2IK_JvISmHNvbHtXLZqgoSrVNT-EAGxS88HEh9JowPtXChaNv8zS26J6biLWFOXEt2AovK3CysT3yJ7-EeGi6fHmrDOvzRnIYF0OCqH0oLmNhjGgPhGVp0iXgzkqvlj4zGkPLP-YoXTUT50P2msoXeEOZNAzgwXmPKkHa5Y1SZ1sdK5rLDd3xFu1YRFN1rRCxMhFT1Hq5EuSZaVeb5Xe_H862zSsPFIuL83L4jdZ-dYFcLHkqYXEPneCj1CdDyn17cF8c0pD5mdabJpLB3To3HBJCoyHRBSD-Skha4KVKd3oqtieRCEPAopwEJmuUluJna95dQsowcJlrl4fLpYdeCwq4jZrvWg2k8e0BQxoKSz3DjuK2AOuyaNNPb4mc84eV8OXvFG052rKWX4K7kFFE6TrvaxqB462PMrBZbwIp6dg2nXA4rGilVh9uBfWNq8pWfZVfbhwvogBiAoHw53I2SMXf98ThmT4BRtr5HcJIA9g753Zc6TQw1iO1aGqrT1f-4hXfJnZTP63VBWHwm0xPM-y_RCsAbihNCfcu1RUdvtOZcLm3HJmazImlwk0AI-B4LwDi96K-NgkLJgVMdNn7bH8GJe8Jh1DsidEjxmDJGoJrFpl7hy5u7xVWnxuEgMCAASeg8ibc_zAfqmwB460VzXI30G70pv4AoEsdWFDYEH-zBXqpbslvyQ2f6D_t8ff_rHiletPbEyT4knzM-hSXCt4DtvEKmYVYGRD-aAwA2cpMCXhtfV3pBTAohpAvadIjFaXhgsG4rzTpOw98uPxJflnyY7844bAHajSPa269TYKf7tsk4pxenA9Bv-fWD8NG3KS0Wudbd7e5IOsGzR5BYWwqtODavhgPUcxmNCff5MRPtzaR-qXBxT6wy7maIh7JIknOfAd599FVHQukEcYdsAoU52-pxoDp2lvCKbTe27gdbqKwmJ7elY4DRB2WH7taJa12f8EHeAWy_ymIEM6NcLbEhAQ3qVGopvRm_qbEYjP9HKBCxKlBmHZCqu-pu5ItH-uOQzH8yhbhT3mzMorLPNZ1-Nofu7MpIJEBXEwzHEWthE6zPKsqGUMWcK3d3TlFOs4bK9DuORYE75aH4zB4wq4IJQ4yruhYqStWGzcxIFR9vv6bq32PsiM2f6TL4lKfgBVPoW3sPo8hma62HXmvDXWL6Zm3p7BRnSnuKTZViysjUswAOWGjI9bK7KrCgDTd93r4av0X8r5NSEKzG1PNY5h_WKPnp3WjuMgi36MuS5l8EPAwKmDfXodjWsGrpA8CnaFggm-7LGBbTTTgypYv6BEHOH6BiVqL5TJl_5OZBX8IxZug4mU39o4Awk7RWKObCz0pnVQgSjF9SdRaqsJEs61td9RveRfrzEQ9Dnni2W0Qjdf4rErH6Tq9k9YKvqcHt6Ghdn1sQU-Iid_QNDkPHIm9vCv3E-OUOn6zlOGjZUDZCZHoEab7Uv6cDpaHJaoPhI5obeSYe_Usm0i8kljhlgS-HVEhtksL_zvW2oxTuGd_jSQtbPpwjL1uvksmKqJHr0&cid=CAASEuRoC4C-0ZzhoqCuVTxNmzvN0A&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 17:39:36 GMT content-encoding gzip x-content-type-options nosniff age 3872 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11819 x-xss-protection 0 server cafe etag 10563440404697844360 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Sep 2022 17:39:36 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 4EED	8 KB 3 KB	176ms 175ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNdWNXexE4vcR9l5wgCbrFWAPWurtJUnLOye7PTvrS6iX1zPN04DXal5AxMPAUcQ6R-89sehCUBU54VXINrKAyJqkCBA&cry=1&dbm_d=AKAmf-CCJSe55kA1RJHsRGQ7s5a35f5b03syvhWawoHCvS-mFM_XDwC2hzYKfi6qli9W-akWn_F7taT2KXFFJIethHFroJgwMb_WpSDEVtx8F2Q_cZV_N60hlZyWjQup6P-1NEAUXbJ7YOp_iNNyGjpOQZFX6lEEPJFERWYH_-u9-0G0uItbLuO15enN4GRfncsCiqU7NqzY_vC2Pqi3AnBaT_R3zltngSUvJGI5fYHSzW-TX-bF6oQXQ4jPWsJ4m7vr0Vt07af0OgkRHlTET-pHErrhmPfbtdUGZYe3oF80i5hYQUSJ4yMUY4vrH-21806i07-1WVpp5vzAllWd64U1f2X9pr5CQeGq3S--4CWyfuDYO9A97xCWQH2Xygkzh-gllxY6h1DoQcBb1bQhRSQtSk5M-XT-TjYpHoZ7TIzZYiJm5vjRrhIIG1EzLUPnhdfv4xNHV35MrIqCvviwY9IYToWHV_reOhaQhLVJw_vgSCWc8e3dljMWvBfXFvkkFZaRAjQFGSZ0dT1xHn-9_MzfKT5dSxqmGrmsriDNKP3-brahDPjNR-LlV5q7_udilO7sXQbd0cxeuuHEoqbY7oDE8RBwuKy-Zi5AZqExytDz_-amhB5NDfbyoT8GDmmJepSzEThwuaAh2UIMQqJZ3PMFoXnICGKbgMcYjB-BgXXu9Flchv_dDkuYkhxRVwcGICn2019j00t0cizZmNNdVB6QW29KQJj0KWku1CNj9s9SPNz_1Wb1_eIURMrUGvKF_cJIS5q52bYNIJ4w7OBCXAux6WaCAv1LlesSNGieQccTXcV0kYAwmneEuOsBjc2X7uoe-VCAVzxtZ-JJ4bnINHLmmAan1Td8jp5ip5BAYHLZRP6yXqOGp_Pp8rOueupvY230t22XnUQkRnOLBUsCdCVW-64t_326M-cvbJc5-QdPU1DhkYtelnxt5ENNQfbPOCnbl4TGZISRW6_KY2hZBu1VqNW9245I8zNlUROeKhSTjEtj1npReSvle_-U05l4jRlLCTBTt03GELjLg0ZNbXOWXJVZhLCT51JlW-wEBokEiDkfAAbuIQ_gj3iYic6c0Uz0D6sqt9HzKVLVtnZhx14s1BjinQ9619C_js5en7hAzSOycD1moA6Wxmuh3_4PTopOe-S3SjxzmcA3LPKWK2O7Wr1tTMjHFBYYDCsU4vkIgnaQNQR4KJlBhssuaI8EZ63MaSt8LjbmdSy67jiaTd-Syh95YZIWUhkLUeTdONXCAu8CoCglA0e5dvKNee0LBxcweLqez7UguBpUxsb2GcuxQLhF0Rsq3tH2XUrN9-BPNhiEXpD_MtDpDDYDydJnW6ZJxZ_yJno6R6T8mwpPe0UNQ_roW1Oy2ZtkNGfiBjt0una3ExvzSSPlVvjpl0Ale_HRoVgGsAx4b_krb60ZsOCRveESLaJ1GL0V7H6zX4e9PCBSS2BM_RbTj7ulnu0NxhzWsU0sPOXzHqmJSwsWrJFea7xGOgXl_HvH8cYlsI9jxkz3pcLOm8M-23_BGQQAZ2EpMzOsvVwVCn3njXtMMxWUiqu3XAIXW8TWWS235xtRNm-6UBvwLU0yt-ch6uMvBzsLUL0uBU5VAhcQTYGMoYMxm65M_Fanq4LPtj6lnnwi2x-nELnE2IK_JvISmHNvbHtXLZqgoSrVNT-EAGxS88HEh9JowPtXChaNv8zS26J6biLWFOXEt2AovK3CysT3yJ7-EeGi6fHmrDOvzRnIYF0OCqH0oLmNhjGgPhGVp0iXgzkqvlj4zGkPLP-YoXTUT50P2msoXeEOZNAzgwXmPKkHa5Y1SZ1sdK5rLDd3xFu1YRFN1rRCxMhFT1Hq5EuSZaVeb5Xe_H862zSsPFIuL83L4jdZ-dYFcLHkqYXEPneCj1CdDyn17cF8c0pD5mdabJpLB3To3HBJCoyHRBSD-Skha4KVKd3oqtieRCEPAopwEJmuUluJna95dQsowcJlrl4fLpYdeCwq4jZrvWg2k8e0BQxoKSz3DjuK2AOuyaNNPb4mc84eV8OXvFG052rKWX4K7kFFE6TrvaxqB462PMrBZbwIp6dg2nXA4rGilVh9uBfWNq8pWfZVfbhwvogBiAoHw53I2SMXf98ThmT4BRtr5HcJIA9g753Zc6TQw1iO1aGqrT1f-4hXfJnZTP63VBWHwm0xPM-y_RCsAbihNCfcu1RUdvtOZcLm3HJmazImlwk0AI-B4LwDi96K-NgkLJgVMdNn7bH8GJe8Jh1DsidEjxmDJGoJrFpl7hy5u7xVWnxuEgMCAASeg8ibc_zAfqmwB460VzXI30G70pv4AoEsdWFDYEH-zBXqpbslvyQ2f6D_t8ff_rHiletPbEyT4knzM-hSXCt4DtvEKmYVYGRD-aAwA2cpMCXhtfV3pBTAohpAvadIjFaXhgsG4rzTpOw98uPxJflnyY7844bAHajSPa269TYKf7tsk4pxenA9Bv-fWD8NG3KS0Wudbd7e5IOsGzR5BYWwqtODavhgPUcxmNCff5MRPtzaR-qXBxT6wy7maIh7JIknOfAd599FVHQukEcYdsAoU52-pxoDp2lvCKbTe27gdbqKwmJ7elY4DRB2WH7taJa12f8EHeAWy_ymIEM6NcLbEhAQ3qVGopvRm_qbEYjP9HKBCxKlBmHZCqu-pu5ItH-uOQzH8yhbhT3mzMorLPNZ1-Nofu7MpIJEBXEwzHEWthE6zPKsqGUMWcK3d3TlFOs4bK9DuORYE75aH4zB4wq4IJQ4yruhYqStWGzcxIFR9vv6bq32PsiM2f6TL4lKfgBVPoW3sPo8hma62HXmvDXWL6Zm3p7BRnSnuKTZViysjUswAOWGjI9bK7KrCgDTd93r4av0X8r5NSEKzG1PNY5h_WKPnp3WjuMgi36MuS5l8EPAwKmDfXodjWsGrpA8CnaFggm-7LGBbTTTgypYv6BEHOH6BiVqL5TJl_5OZBX8IxZug4mU39o4Awk7RWKObCz0pnVQgSjF9SdRaqsJEs61td9RveRfrzEQ9Dnni2W0Qjdf4rErH6Tq9k9YKvqcHt6Ghdn1sQU-Iid_QNDkPHIm9vCv3E-OUOn6zlOGjZUDZCZHoEab7Uv6cDpaHJaoPhI5obeSYe_Usm0i8kljhlgS-HVEhtksL_zvW2oxTuGd_jSQtbPpwjL1uvksmKqJHr0&cid=CAASEuRoC4C-0ZzhoqCuVTxNmzvN0A&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 17:40:03 GMT content-encoding gzip x-content-type-options nosniff age 3845 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3181 x-xss-protection 0 server cafe etag 18418590997839133011 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Sep 2022 17:40:03 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 4EED	0 64 B	528ms 182ms	Ping image/gif	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujbcAPICAO8U-U9uqpmclV19cIlZVVpMvZoJ2wcmzBdPyq-V-WUQZpoKBl4ZKwf1AOduX-2E7ivEl7Yjad1DIHbWjYt9iotaFMHjkwygPpuCwq2F4VKOVGe3TWyfcGxwlwnj3QW0bAXBUxmmKnKqAhEWe1jXXSn4o3HhRAk-guyd6K-k9TtCQT6qTzVYXlIvslg03nRj6eN33l2zEjLfuNJr7YZjj3wzsmxLniUkPFRIYcnnk9YE_f-cntD3lzDi9kmwVA-5TUD9Tvfi05-0S5A33oQDrF230Xm42oxVmeh_TMhGv518DOGn1zB375qbkXRqNd09qaX2WgMjB27kLa_0XMweW66-lrATwYr5xno-KMn2vfVoGbsQwDss9N5szTRUQy5kWk6-WzynKgn-nMJDaBZoyrfmqf14eUjrRAFI6lvtY3ZcINaWAYuq2pNwuHnnDC57J_DUQfpzFSWKB8R5eEqEMo5owS1y7sKtH68wj7yhk1Q8pK423tRTS4_NnJ2UKO583SMeEXdlXTocQEzs11dEd_PBbUBQjpgZzg3dyWx6GPVNBe032y3NUfGfT9IyOCLXAWAyUvPqtsSAcBq1ItiY3BOvjNB-d6P1Xplm53aNubN-ZgioYImNZ3Cw_ZNPv1yHU-261cR_7M3M4IFzHHw7QYpaecMZktmGDCi_G9Cvm2F-HOYd4Jr0jsbNzcUzNlIJdsstzWFt13cs6R_39Ls7vk01MLq4kim7eIqoXFloNdHom5oeV2w9Xvnqk40dYhzr5BNFXvrR6IflNCUWhlpNkMeGj0_eOKaZ05OFHJxlBqYhhx37DaSgh5-Ny2vYUc6PRDiABlJ9LOPbtnQbwFDCcSpRpVA-mslgOz1eY7Hh4CsWbQdEpxIzgR2CV2q4hQk1wJmP_dHfh2vZUa9oABQwA6I2FJKOSw2KOainsbVb8Krj4bnDYvJMLRN8O60FvkT8fgWAQiw8JGeaNlDSmASvgnMTTceL5ZEs231Z-Tn8tpKdiJi30sMnpLUMlEOVGxQCeIqTtzWY5XsDcLq1Y6oTs62grnZLGQnU4YNGYkngPk9U3G0NLTps3f6l41mLVUBb5INqKIFsRRrhk-PNo0Jknu83ZSEwSypAq5tUs2pE6_yJW0cul2cWD8tv_YlOdn3pS3liy0SeH48tfqORm-jASycPd6CZ5_zfQx1Ow6ixtBKQ1R5IUUxe2nq3Yur9bNRGN423lYItRVfFJP49euY516AxZwVMYiQqlmS6NLudMmc8_QbAqw6maNtqvdCNiVyoGOCrKb&sai=AMfl-YSf-8H7PVnopw6Cl4fs_MLbJd2dLVk4eFTxWc22I0RPnTFQAUoa9rZQxwt0278wysP6WSCtj-XyGufNUj_HNEAKdhFhOjprqZUpPOKFrB4tQuJcdkBX66Atplyj_yt6Zhx7c2tLsIHvyK72Lq2MZVtdQg8Jdw&sig=Cg0ArKJSzL8OIY0L4ReUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220822.85328&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNdWNXexE4vcR9l5wgCbrFWAPWurtJUnLOye7PTvrS6iX1zPN04DXal5AxMPAUcQ6R-89sehCUBU54VXINrKAyJqkCBA&cry=1&dbm_d=AKAmf-CCJSe55kA1RJHsRGQ7s5a35f5b03syvhWawoHCvS-mFM_XDwC2hzYKfi6qli9W-akWn_F7taT2KXFFJIethHFroJgwMb_WpSDEVtx8F2Q_cZV_N60hlZyWjQup6P-1NEAUXbJ7YOp_iNNyGjpOQZFX6lEEPJFERWYH_-u9-0G0uItbLuO15enN4GRfncsCiqU7NqzY_vC2Pqi3AnBaT_R3zltngSUvJGI5fYHSzW-TX-bF6oQXQ4jPWsJ4m7vr0Vt07af0OgkRHlTET-pHErrhmPfbtdUGZYe3oF80i5hYQUSJ4yMUY4vrH-21806i07-1WVpp5vzAllWd64U1f2X9pr5CQeGq3S--4CWyfuDYO9A97xCWQH2Xygkzh-gllxY6h1DoQcBb1bQhRSQtSk5M-XT-TjYpHoZ7TIzZYiJm5vjRrhIIG1EzLUPnhdfv4xNHV35MrIqCvviwY9IYToWHV_reOhaQhLVJw_vgSCWc8e3dljMWvBfXFvkkFZaRAjQFGSZ0dT1xHn-9_MzfKT5dSxqmGrmsriDNKP3-brahDPjNR-LlV5q7_udilO7sXQbd0cxeuuHEoqbY7oDE8RBwuKy-Zi5AZqExytDz_-amhB5NDfbyoT8GDmmJepSzEThwuaAh2UIMQqJZ3PMFoXnICGKbgMcYjB-BgXXu9Flchv_dDkuYkhxRVwcGICn2019j00t0cizZmNNdVB6QW29KQJj0KWku1CNj9s9SPNz_1Wb1_eIURMrUGvKF_cJIS5q52bYNIJ4w7OBCXAux6WaCAv1LlesSNGieQccTXcV0kYAwmneEuOsBjc2X7uoe-VCAVzxtZ-JJ4bnINHLmmAan1Td8jp5ip5BAYHLZRP6yXqOGp_Pp8rOueupvY230t22XnUQkRnOLBUsCdCVW-64t_326M-cvbJc5-QdPU1DhkYtelnxt5ENNQfbPOCnbl4TGZISRW6_KY2hZBu1VqNW9245I8zNlUROeKhSTjEtj1npReSvle_-U05l4jRlLCTBTt03GELjLg0ZNbXOWXJVZhLCT51JlW-wEBokEiDkfAAbuIQ_gj3iYic6c0Uz0D6sqt9HzKVLVtnZhx14s1BjinQ9619C_js5en7hAzSOycD1moA6Wxmuh3_4PTopOe-S3SjxzmcA3LPKWK2O7Wr1tTMjHFBYYDCsU4vkIgnaQNQR4KJlBhssuaI8EZ63MaSt8LjbmdSy67jiaTd-Syh95YZIWUhkLUeTdONXCAu8CoCglA0e5dvKNee0LBxcweLqez7UguBpUxsb2GcuxQLhF0Rsq3tH2XUrN9-BPNhiEXpD_MtDpDDYDydJnW6ZJxZ_yJno6R6T8mwpPe0UNQ_roW1Oy2ZtkNGfiBjt0una3ExvzSSPlVvjpl0Ale_HRoVgGsAx4b_krb60ZsOCRveESLaJ1GL0V7H6zX4e9PCBSS2BM_RbTj7ulnu0NxhzWsU0sPOXzHqmJSwsWrJFea7xGOgXl_HvH8cYlsI9jxkz3pcLOm8M-23_BGQQAZ2EpMzOsvVwVCn3njXtMMxWUiqu3XAIXW8TWWS235xtRNm-6UBvwLU0yt-ch6uMvBzsLUL0uBU5VAhcQTYGMoYMxm65M_Fanq4LPtj6lnnwi2x-nELnE2IK_JvISmHNvbHtXLZqgoSrVNT-EAGxS88HEh9JowPtXChaNv8zS26J6biLWFOXEt2AovK3CysT3yJ7-EeGi6fHmrDOvzRnIYF0OCqH0oLmNhjGgPhGVp0iXgzkqvlj4zGkPLP-YoXTUT50P2msoXeEOZNAzgwXmPKkHa5Y1SZ1sdK5rLDd3xFu1YRFN1rRCxMhFT1Hq5EuSZaVeb5Xe_H862zSsPFIuL83L4jdZ-dYFcLHkqYXEPneCj1CdDyn17cF8c0pD5mdabJpLB3To3HBJCoyHRBSD-Skha4KVKd3oqtieRCEPAopwEJmuUluJna95dQsowcJlrl4fLpYdeCwq4jZrvWg2k8e0BQxoKSz3DjuK2AOuyaNNPb4mc84eV8OXvFG052rKWX4K7kFFE6TrvaxqB462PMrBZbwIp6dg2nXA4rGilVh9uBfWNq8pWfZVfbhwvogBiAoHw53I2SMXf98ThmT4BRtr5HcJIA9g753Zc6TQw1iO1aGqrT1f-4hXfJnZTP63VBWHwm0xPM-y_RCsAbihNCfcu1RUdvtOZcLm3HJmazImlwk0AI-B4LwDi96K-NgkLJgVMdNn7bH8GJe8Jh1DsidEjxmDJGoJrFpl7hy5u7xVWnxuEgMCAASeg8ibc_zAfqmwB460VzXI30G70pv4AoEsdWFDYEH-zBXqpbslvyQ2f6D_t8ff_rHiletPbEyT4knzM-hSXCt4DtvEKmYVYGRD-aAwA2cpMCXhtfV3pBTAohpAvadIjFaXhgsG4rzTpOw98uPxJflnyY7844bAHajSPa269TYKf7tsk4pxenA9Bv-fWD8NG3KS0Wudbd7e5IOsGzR5BYWwqtODavhgPUcxmNCff5MRPtzaR-qXBxT6wy7maIh7JIknOfAd599FVHQukEcYdsAoU52-pxoDp2lvCKbTe27gdbqKwmJ7elY4DRB2WH7taJa12f8EHeAWy_ymIEM6NcLbEhAQ3qVGopvRm_qbEYjP9HKBCxKlBmHZCqu-pu5ItH-uOQzH8yhbhT3mzMorLPNZ1-Nofu7MpIJEBXEwzHEWthE6zPKsqGUMWcK3d3TlFOs4bK9DuORYE75aH4zB4wq4IJQ4yruhYqStWGzcxIFR9vv6bq32PsiM2f6TL4lKfgBVPoW3sPo8hma62HXmvDXWL6Zm3p7BRnSnuKTZViysjUswAOWGjI9bK7KrCgDTd93r4av0X8r5NSEKzG1PNY5h_WKPnp3WjuMgi36MuS5l8EPAwKmDfXodjWsGrpA8CnaFggm-7LGBbTTTgypYv6BEHOH6BiVqL5TJl_5OZBX8IxZug4mU39o4Awk7RWKObCz0pnVQgSjF9SdRaqsJEs61td9RveRfrzEQ9Dnni2W0Qjdf4rErH6Tq9k9YKvqcHt6Ghdn1sQU-Iid_QNDkPHIm9vCv3E-OUOn6zlOGjZUDZCZHoEab7Uv6cDpaHJaoPhI5obeSYe_Usm0i8kljhlgS-HVEhtksL_zvW2oxTuGd_jSQtbPpwjL1uvksmKqJHr0&cid=CAASEuRoC4C-0ZzhoqCuVTxNmzvN0A&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 date Sun, 28 Aug 2022 18:44:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame 4EED	8 KB 4 KB	532ms 173ms	Script application/javascript	23.36.254.7 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNdWNXexE4vcR9l5wgCbrFWAPWurtJUnLOye7PTvrS6iX1zPN04DXal5AxMPAUcQ6R-89sehCUBU54VXINrKAyJqkCBA&cry=1&dbm_d=AKAmf-CCJSe55kA1RJHsRGQ7s5a35f5b03syvhWawoHCvS-mFM_XDwC2hzYKfi6qli9W-akWn_F7taT2KXFFJIethHFroJgwMb_WpSDEVtx8F2Q_cZV_N60hlZyWjQup6P-1NEAUXbJ7YOp_iNNyGjpOQZFX6lEEPJFERWYH_-u9-0G0uItbLuO15enN4GRfncsCiqU7NqzY_vC2Pqi3AnBaT_R3zltngSUvJGI5fYHSzW-TX-bF6oQXQ4jPWsJ4m7vr0Vt07af0OgkRHlTET-pHErrhmPfbtdUGZYe3oF80i5hYQUSJ4yMUY4vrH-21806i07-1WVpp5vzAllWd64U1f2X9pr5CQeGq3S--4CWyfuDYO9A97xCWQH2Xygkzh-gllxY6h1DoQcBb1bQhRSQtSk5M-XT-TjYpHoZ7TIzZYiJm5vjRrhIIG1EzLUPnhdfv4xNHV35MrIqCvviwY9IYToWHV_reOhaQhLVJw_vgSCWc8e3dljMWvBfXFvkkFZaRAjQFGSZ0dT1xHn-9_MzfKT5dSxqmGrmsriDNKP3-brahDPjNR-LlV5q7_udilO7sXQbd0cxeuuHEoqbY7oDE8RBwuKy-Zi5AZqExytDz_-amhB5NDfbyoT8GDmmJepSzEThwuaAh2UIMQqJZ3PMFoXnICGKbgMcYjB-BgXXu9Flchv_dDkuYkhxRVwcGICn2019j00t0cizZmNNdVB6QW29KQJj0KWku1CNj9s9SPNz_1Wb1_eIURMrUGvKF_cJIS5q52bYNIJ4w7OBCXAux6WaCAv1LlesSNGieQccTXcV0kYAwmneEuOsBjc2X7uoe-VCAVzxtZ-JJ4bnINHLmmAan1Td8jp5ip5BAYHLZRP6yXqOGp_Pp8rOueupvY230t22XnUQkRnOLBUsCdCVW-64t_326M-cvbJc5-QdPU1DhkYtelnxt5ENNQfbPOCnbl4TGZISRW6_KY2hZBu1VqNW9245I8zNlUROeKhSTjEtj1npReSvle_-U05l4jRlLCTBTt03GELjLg0ZNbXOWXJVZhLCT51JlW-wEBokEiDkfAAbuIQ_gj3iYic6c0Uz0D6sqt9HzKVLVtnZhx14s1BjinQ9619C_js5en7hAzSOycD1moA6Wxmuh3_4PTopOe-S3SjxzmcA3LPKWK2O7Wr1tTMjHFBYYDCsU4vkIgnaQNQR4KJlBhssuaI8EZ63MaSt8LjbmdSy67jiaTd-Syh95YZIWUhkLUeTdONXCAu8CoCglA0e5dvKNee0LBxcweLqez7UguBpUxsb2GcuxQLhF0Rsq3tH2XUrN9-BPNhiEXpD_MtDpDDYDydJnW6ZJxZ_yJno6R6T8mwpPe0UNQ_roW1Oy2ZtkNGfiBjt0una3ExvzSSPlVvjpl0Ale_HRoVgGsAx4b_krb60ZsOCRveESLaJ1GL0V7H6zX4e9PCBSS2BM_RbTj7ulnu0NxhzWsU0sPOXzHqmJSwsWrJFea7xGOgXl_HvH8cYlsI9jxkz3pcLOm8M-23_BGQQAZ2EpMzOsvVwVCn3njXtMMxWUiqu3XAIXW8TWWS235xtRNm-6UBvwLU0yt-ch6uMvBzsLUL0uBU5VAhcQTYGMoYMxm65M_Fanq4LPtj6lnnwi2x-nELnE2IK_JvISmHNvbHtXLZqgoSrVNT-EAGxS88HEh9JowPtXChaNv8zS26J6biLWFOXEt2AovK3CysT3yJ7-EeGi6fHmrDOvzRnIYF0OCqH0oLmNhjGgPhGVp0iXgzkqvlj4zGkPLP-YoXTUT50P2msoXeEOZNAzgwXmPKkHa5Y1SZ1sdK5rLDd3xFu1YRFN1rRCxMhFT1Hq5EuSZaVeb5Xe_H862zSsPFIuL83L4jdZ-dYFcLHkqYXEPneCj1CdDyn17cF8c0pD5mdabJpLB3To3HBJCoyHRBSD-Skha4KVKd3oqtieRCEPAopwEJmuUluJna95dQsowcJlrl4fLpYdeCwq4jZrvWg2k8e0BQxoKSz3DjuK2AOuyaNNPb4mc84eV8OXvFG052rKWX4K7kFFE6TrvaxqB462PMrBZbwIp6dg2nXA4rGilVh9uBfWNq8pWfZVfbhwvogBiAoHw53I2SMXf98ThmT4BRtr5HcJIA9g753Zc6TQw1iO1aGqrT1f-4hXfJnZTP63VBWHwm0xPM-y_RCsAbihNCfcu1RUdvtOZcLm3HJmazImlwk0AI-B4LwDi96K-NgkLJgVMdNn7bH8GJe8Jh1DsidEjxmDJGoJrFpl7hy5u7xVWnxuEgMCAASeg8ibc_zAfqmwB460VzXI30G70pv4AoEsdWFDYEH-zBXqpbslvyQ2f6D_t8ff_rHiletPbEyT4knzM-hSXCt4DtvEKmYVYGRD-aAwA2cpMCXhtfV3pBTAohpAvadIjFaXhgsG4rzTpOw98uPxJflnyY7844bAHajSPa269TYKf7tsk4pxenA9Bv-fWD8NG3KS0Wudbd7e5IOsGzR5BYWwqtODavhgPUcxmNCff5MRPtzaR-qXBxT6wy7maIh7JIknOfAd599FVHQukEcYdsAoU52-pxoDp2lvCKbTe27gdbqKwmJ7elY4DRB2WH7taJa12f8EHeAWy_ymIEM6NcLbEhAQ3qVGopvRm_qbEYjP9HKBCxKlBmHZCqu-pu5ItH-uOQzH8yhbhT3mzMorLPNZ1-Nofu7MpIJEBXEwzHEWthE6zPKsqGUMWcK3d3TlFOs4bK9DuORYE75aH4zB4wq4IJQ4yruhYqStWGzcxIFR9vv6bq32PsiM2f6TL4lKfgBVPoW3sPo8hma62HXmvDXWL6Zm3p7BRnSnuKTZViysjUswAOWGjI9bK7KrCgDTd93r4av0X8r5NSEKzG1PNY5h_WKPnp3WjuMgi36MuS5l8EPAwKmDfXodjWsGrpA8CnaFggm-7LGBbTTTgypYv6BEHOH6BiVqL5TJl_5OZBX8IxZug4mU39o4Awk7RWKObCz0pnVQgSjF9SdRaqsJEs61td9RveRfrzEQ9Dnni2W0Qjdf4rErH6Tq9k9YKvqcHt6Ghdn1sQU-Iid_QNDkPHIm9vCv3E-OUOn6zlOGjZUDZCZHoEab7Uv6cDpaHJaoPhI5obeSYe_Usm0i8kljhlgS-HVEhtksL_zvW2oxTuGd_jSQtbPpwjL1uvksmKqJHr0&cid=CAASEuRoC4C-0ZzhoqCuVTxNmzvN0A&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.36.254.7 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-254-7.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / Resource Hash 86f990ecc6f910b3c0fad186ee3b59f1a62760a1d2602a23cc687dc25fe5c4bd Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:09 GMT Content-Encoding gzip Last-Modified Thu, 25 Aug 2022 09:18:53 GMT Server Microsoft-IIS/10.0 ETag "80fcb2b163b8d81:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3314
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 4EED	41 KB 15 KB	193ms 172ms	Script text/javascript	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNdWNXexE4vcR9l5wgCbrFWAPWurtJUnLOye7PTvrS6iX1zPN04DXal5AxMPAUcQ6R-89sehCUBU54VXINrKAyJqkCBA&cry=1&dbm_d=AKAmf-CCJSe55kA1RJHsRGQ7s5a35f5b03syvhWawoHCvS-mFM_XDwC2hzYKfi6qli9W-akWn_F7taT2KXFFJIethHFroJgwMb_WpSDEVtx8F2Q_cZV_N60hlZyWjQup6P-1NEAUXbJ7YOp_iNNyGjpOQZFX6lEEPJFERWYH_-u9-0G0uItbLuO15enN4GRfncsCiqU7NqzY_vC2Pqi3AnBaT_R3zltngSUvJGI5fYHSzW-TX-bF6oQXQ4jPWsJ4m7vr0Vt07af0OgkRHlTET-pHErrhmPfbtdUGZYe3oF80i5hYQUSJ4yMUY4vrH-21806i07-1WVpp5vzAllWd64U1f2X9pr5CQeGq3S--4CWyfuDYO9A97xCWQH2Xygkzh-gllxY6h1DoQcBb1bQhRSQtSk5M-XT-TjYpHoZ7TIzZYiJm5vjRrhIIG1EzLUPnhdfv4xNHV35MrIqCvviwY9IYToWHV_reOhaQhLVJw_vgSCWc8e3dljMWvBfXFvkkFZaRAjQFGSZ0dT1xHn-9_MzfKT5dSxqmGrmsriDNKP3-brahDPjNR-LlV5q7_udilO7sXQbd0cxeuuHEoqbY7oDE8RBwuKy-Zi5AZqExytDz_-amhB5NDfbyoT8GDmmJepSzEThwuaAh2UIMQqJZ3PMFoXnICGKbgMcYjB-BgXXu9Flchv_dDkuYkhxRVwcGICn2019j00t0cizZmNNdVB6QW29KQJj0KWku1CNj9s9SPNz_1Wb1_eIURMrUGvKF_cJIS5q52bYNIJ4w7OBCXAux6WaCAv1LlesSNGieQccTXcV0kYAwmneEuOsBjc2X7uoe-VCAVzxtZ-JJ4bnINHLmmAan1Td8jp5ip5BAYHLZRP6yXqOGp_Pp8rOueupvY230t22XnUQkRnOLBUsCdCVW-64t_326M-cvbJc5-QdPU1DhkYtelnxt5ENNQfbPOCnbl4TGZISRW6_KY2hZBu1VqNW9245I8zNlUROeKhSTjEtj1npReSvle_-U05l4jRlLCTBTt03GELjLg0ZNbXOWXJVZhLCT51JlW-wEBokEiDkfAAbuIQ_gj3iYic6c0Uz0D6sqt9HzKVLVtnZhx14s1BjinQ9619C_js5en7hAzSOycD1moA6Wxmuh3_4PTopOe-S3SjxzmcA3LPKWK2O7Wr1tTMjHFBYYDCsU4vkIgnaQNQR4KJlBhssuaI8EZ63MaSt8LjbmdSy67jiaTd-Syh95YZIWUhkLUeTdONXCAu8CoCglA0e5dvKNee0LBxcweLqez7UguBpUxsb2GcuxQLhF0Rsq3tH2XUrN9-BPNhiEXpD_MtDpDDYDydJnW6ZJxZ_yJno6R6T8mwpPe0UNQ_roW1Oy2ZtkNGfiBjt0una3ExvzSSPlVvjpl0Ale_HRoVgGsAx4b_krb60ZsOCRveESLaJ1GL0V7H6zX4e9PCBSS2BM_RbTj7ulnu0NxhzWsU0sPOXzHqmJSwsWrJFea7xGOgXl_HvH8cYlsI9jxkz3pcLOm8M-23_BGQQAZ2EpMzOsvVwVCn3njXtMMxWUiqu3XAIXW8TWWS235xtRNm-6UBvwLU0yt-ch6uMvBzsLUL0uBU5VAhcQTYGMoYMxm65M_Fanq4LPtj6lnnwi2x-nELnE2IK_JvISmHNvbHtXLZqgoSrVNT-EAGxS88HEh9JowPtXChaNv8zS26J6biLWFOXEt2AovK3CysT3yJ7-EeGi6fHmrDOvzRnIYF0OCqH0oLmNhjGgPhGVp0iXgzkqvlj4zGkPLP-YoXTUT50P2msoXeEOZNAzgwXmPKkHa5Y1SZ1sdK5rLDd3xFu1YRFN1rRCxMhFT1Hq5EuSZaVeb5Xe_H862zSsPFIuL83L4jdZ-dYFcLHkqYXEPneCj1CdDyn17cF8c0pD5mdabJpLB3To3HBJCoyHRBSD-Skha4KVKd3oqtieRCEPAopwEJmuUluJna95dQsowcJlrl4fLpYdeCwq4jZrvWg2k8e0BQxoKSz3DjuK2AOuyaNNPb4mc84eV8OXvFG052rKWX4K7kFFE6TrvaxqB462PMrBZbwIp6dg2nXA4rGilVh9uBfWNq8pWfZVfbhwvogBiAoHw53I2SMXf98ThmT4BRtr5HcJIA9g753Zc6TQw1iO1aGqrT1f-4hXfJnZTP63VBWHwm0xPM-y_RCsAbihNCfcu1RUdvtOZcLm3HJmazImlwk0AI-B4LwDi96K-NgkLJgVMdNn7bH8GJe8Jh1DsidEjxmDJGoJrFpl7hy5u7xVWnxuEgMCAASeg8ibc_zAfqmwB460VzXI30G70pv4AoEsdWFDYEH-zBXqpbslvyQ2f6D_t8ff_rHiletPbEyT4knzM-hSXCt4DtvEKmYVYGRD-aAwA2cpMCXhtfV3pBTAohpAvadIjFaXhgsG4rzTpOw98uPxJflnyY7844bAHajSPa269TYKf7tsk4pxenA9Bv-fWD8NG3KS0Wudbd7e5IOsGzR5BYWwqtODavhgPUcxmNCff5MRPtzaR-qXBxT6wy7maIh7JIknOfAd599FVHQukEcYdsAoU52-pxoDp2lvCKbTe27gdbqKwmJ7elY4DRB2WH7taJa12f8EHeAWy_ymIEM6NcLbEhAQ3qVGopvRm_qbEYjP9HKBCxKlBmHZCqu-pu5ItH-uOQzH8yhbhT3mzMorLPNZ1-Nofu7MpIJEBXEwzHEWthE6zPKsqGUMWcK3d3TlFOs4bK9DuORYE75aH4zB4wq4IJQ4yruhYqStWGzcxIFR9vv6bq32PsiM2f6TL4lKfgBVPoW3sPo8hma62HXmvDXWL6Zm3p7BRnSnuKTZViysjUswAOWGjI9bK7KrCgDTd93r4av0X8r5NSEKzG1PNY5h_WKPnp3WjuMgi36MuS5l8EPAwKmDfXodjWsGrpA8CnaFggm-7LGBbTTTgypYv6BEHOH6BiVqL5TJl_5OZBX8IxZug4mU39o4Awk7RWKObCz0pnVQgSjF9SdRaqsJEs61td9RveRfrzEQ9Dnni2W0Qjdf4rErH6Tq9k9YKvqcHt6Ghdn1sQU-Iid_QNDkPHIm9vCv3E-OUOn6zlOGjZUDZCZHoEab7Uv6cDpaHJaoPhI5obeSYe_Usm0i8kljhlgS-HVEhtksL_zvW2oxTuGd_jSQtbPpwjL1uvksmKqJHr0&cid=CAASEuRoC4C-0ZzhoqCuVTxNmzvN0A&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 27 Aug 2022 06:29:34 GMT content-encoding gzip x-content-type-options nosniff age 130474 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 27 Aug 2023 06:29:34 GMT
GET H2	200	11885153762611253657 s0.2mdn.net/simgad/ Frame 4EED	55 KB 56 KB	523ms 172ms	Image image/png	74.125.68.148 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/11885153762611253657 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.148 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f148.1e100.net Software sffe / Resource Hash 4f55b782e0d266e744eaeabd954db9e0221284265c264097206f7bcef361c1e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 Aug 2022 08:31:45 GMT x-content-type-options nosniff age 209544 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56771 x-xss-protection 0 last-modified Mon, 01 Aug 2022 05:01:30 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 26 Aug 2023 08:31:45 GMT
GET H2	200	pixel pxl.qccerttest.com/	35 B 547 B	525ms 171ms	Image image/gif	13.227.254.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.qccerttest.com/pixel?r=2044150339;fpan=1;fpa=P0-75686168-1661712248629;pbc=1a0cb664-01ab-4fd5-b5b3-be9f956fe130;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1661712248629;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html;ogl= Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-109.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 17:11:41 GMT via 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront) x-content-type-options nosniff age 5549 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000 content-length 35 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 04 Aug 2022 16:01:04 GMT server AmazonS3 x-frame-options SAMEORIGIN etag "55d25e9dc950d5db4d53a3b195c046c6" vary Accept-Encoding, Origin content-type image/gif x-amz-cf-pop SIN52-C3 accept-ranges bytes x-amz-cf-id 3dE4GGwB99GFtsrLgHa_WCVKgX3a28fU-isZsfSiLWhP2oqxOTxo5w==
GET H2	200	pixel;r=1113980798;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html;uh=e51ed67dfb8... pixel.quantserve.com/	35 B 372 B	179ms 174ms	Image image/gif	103.229.10.171 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1113980798;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-75686168-1661712248629;pbc=1a0cb664-01ab-4fd5-b5b3-be9f956fe130;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1661712248632;tzo=0;ogl=;ses=28e45805-7df0-4b70-b780-e53ecfa1c863 Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
POST H2	204	log aplogger.adpushup.com/	0 54 B	670ms 220ms	Ping text/plain	104.211.156.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI1ODgyMDZfMTY2MTcxMjI0ODY1NSIsInVzZXJJZCI6Ijg3MDIwOV8xNjYxNzEyMjQ4NjU1Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMTc1Njk1XzE2NjE3MTIyNDg2NTUiLCJwYWdlUGF0aCI6IiUyRmElMkZ6aGVuZy1tZWktY2FuLXh1YW4tcmVuLWJhaS1wYWktamlhby14dWUtemFvLXBpLW1haS1yb3UtbGlhbmctcmVuLXh1ZS1saS1wdS1ndWFuZy1zaHVpLXd1LWh1YS1udS14aW5nLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGemhlbmctbWVpLWNhbi14dWFuLXJlbi1iYWktcGFpLWppYW8teHVlLXphby1waS1tYWktcm91LWxpYW5nLXJlbi14dWUtbGktcHUtZ3Vhbmctc2h1aS13dS1odWEtbnUteGluZy5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2MTcxMjI0ODY1NX0= Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/42753/linkPreview.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:09 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	L2EvemhlbmctbWVpLWNhbi14dWFuLXJlbi1iYWktcGFpLWppYW8teHVlLXphby1waS1tYWktcm91LWxpYW5nLXJlbi14dWUtbGktcHUtZ3Vhbmctc2h1aS13dS1odWEtbnUteGluZy5odG1s.json Show response cdn.adpushup.com/42753/	142 KB 62 KB	1186ms 1186ms	XHR application/json	42.99.140.161 ASN-TELSTRA-GLOBA...
General Check archive.org Show headers Download Go to Full URL https://cdn.adpushup.com/42753/L2EvemhlbmctbWVpLWNhbi14dWFuLXJlbi1iYWktcGFpLWppYW8teHVlLXphby1waS1tYWktcm91LWxpYW5nLXJlbi14dWUtbGktcHUtZ3Vhbmctc2h1aS13dS1odWEtbnUteGluZy5odG1s.json Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/42753/linkPreview.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK), Reverse DNS ip-42-99-140-161.pacnet.net Software nginx/1.18.0 / Resource Hash 241ec40a2aaba6a463ada93a8d7490a82e2ba1d9ea02dfbf61cecb35ce5d8d90 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-akamai-country AU date Sun, 28 Aug 2022 18:44:09 GMT content-encoding gzip last-modified Fri, 26 Aug 2022 13:28:38 GMT server nginx/1.18.0 etag "6308ca86-2377d" vary Accept-Encoding x-akamai-device mobile:false&tablet:false access-control-allow-origin * cache-control max-age=3600 server-timing cdn-cache; desc=MISS, edge; dur=5, origin; dur=429 accept-ranges bytes content-type application/json expires Sun, 28 Aug 2022 19:44:09 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 69C8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECfyscxTgyExVjb2hsjkqu8&google_cver=1	43 B 114 B	170ms 170ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECfyscxTgyExVjb2hsjkqu8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNV5w-oH3XFNB7SWifqslwdBWXgPtCWCGtLP51H9JuKp1Y_dlUcIpwKHQ9phQdEurP-bMw3QHBApuR6Zbh3u4nSQr5GYOQ Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT via 1.1 google server OXGW/0.0.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECfyscxTgyExVjb2hsjkqu8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 69C8 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTVjZjVhZjctNjE1Yi0yZTg2LWZhODUtMmNjZTNiYWExY2Fk	170 B 188 B	174ms 174ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTVjZjVhZjctNjE1Yi0yZTg2LWZhODUtMmNjZTNiYWExY2Fk Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNV5w-oH3XFNB7SWifqslwdBWXgPtCWCGtLP51H9JuKp1Y_dlUcIpwKHQ9phQdEurP-bMw3QHBApuR6Zbh3u4nSQr5GYOQ Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 28 Aug 2022 18:44:08 GMT content-encoding gzip server OXGW/0.0.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTVjZjVhZjctNjE1Yi0yZTg2LWZhODUtMmNjZTNiYWExY2Fk content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 via 1.1 google
GET H2	200	um sync.teads.tv/ Frame 69C8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm https://sync.teads.tv/um?eid=3&uid=CAESEG1zCzCCOvCQr91AKTusps4&google_cver=1	23 B 172 B	635ms 257ms	Image image/gif	23.9.178.47 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=CAESEG1zCzCCOvCQr91AKTusps4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNV5w-oH3XFNB7SWifqslwdBWXgPtCWCGtLP51H9JuKp1Y_dlUcIpwKHQ9phQdEurP-bMw3QHBApuR6Zbh3u4nSQr5GYOQ Protocol H2 Server 23.9.178.47 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-9-178-47.deploy.static.akamaitechnologies.com Software akka-http/10.2.8 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT cache-control max-age=0, no-cache, no-store expires Sun, 28 Aug 2022 18:44:09 GMT server akka-http/10.2.8 content-length 23 content-type image/gif Redirect headers pragma no-cache date Sun, 28 Aug 2022 18:44:08 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync.teads.tv/um?eid=3&uid=CAESEG1zCzCCOvCQr91AKTusps4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 281 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 69C8 Redirect Chain https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDE4YmU1YzQtNzc2Yi00ODljLTk5YTMtOWU5ZjdkZmE0NTQ1	170 B 188 B	174ms 173ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDE4YmU1YzQtNzc2Yi00ODljLTk5YTMtOWU5ZjdkZmE0NTQ1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNV5w-oH3XFNB7SWifqslwdBWXgPtCWCGtLP51H9JuKp1Y_dlUcIpwKHQ9phQdEurP-bMw3QHBApuR6Zbh3u4nSQr5GYOQ Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT server akka-http/10.2.8 content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDE4YmU1YzQtNzc2Yi00ODljLTk5YTMtOWU5ZjdkZmE0NTQ1 cache-control max-age=0, no-cache, no-store content-length 189 expires Sun, 28 Aug 2022 18:44:09 GMT
GET H2	200	11885153762611253657 s0.2mdn.net/simgad/ Frame 17AD	55 KB 56 KB	637ms 369ms	Image image/png	74.125.68.148 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/11885153762611253657 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-L4dZ9OiuXu11RyaVUA6wEGwRoRh5zpJaVA5HQY7j5Jxm2jhKtNVqvXKVfKEi54ySdkgpgtWjLS4ZROexuHFKn2NpWg&cry=1&dbm_d=AKAmf-CAkuygV2oaVqsIbItXN7XcBnQ18C_tr5iSQReHlEasG3txOs2O-VN7QFeEJccTbIx6KQAEBxMlzF8koA6ALYHQ8cgh1WSYZumFVDytF1wykg-SOkJmtUxgUWuN7xsR4ywP41vbPCcvoSs8XiPRWv7vvdpLD0PsGdzGtjtO9toeytXQyjzmT1ikv85mr0N7iTTkQu-E2s_ZdG59iks7_sCvyL82AlgJZn78nuL8AoGwOsMjbc4ChRdHFnqBSI59h9AIVoZwjO3r1-xkUPcJDi4E1rMWN9GzESjplQknZQsbsUMLTox77ppsHNQzQYR175GDs4nnj71JSmfxfrIPxJ81JoM10Pr9gL5VMnz9-7gJSC71NXUrkSdqDOFyPy5LlZ5GVtWns7lRUWwGSfGLfBQeXY0fxECJjxImdR3i1tAUfMElrHLlVPhuWfwsA4msF7dTlmh-dH0cfDxLEwOhLVrGm35bIc8aXFrGk1F0-I2u89cCOaThp72JqcXtP18omM1X91bJX2OXtlCQ9yi-oHOu8U0dtEDrIGfCfAM1kyRoPyp4PjQrAyJtry9xBYc-mXA7wwEMuTSNLfCD4vmMIK9C_SjbeloLkk6wD_HO5HaKyIgpdEGWCEH1jnK33l-ZvF4p-9banQ94B8vYFBUE-GCUzDPMwpK-1OMcMIBL5bXTc7cg3G9Kfw3lHLH8uGIb9ASkJ707ZrVgxNS-JVmKB7sbssXljU9KVOZpjsEBYiJvQGiJMxca-aHTFJoZ2qfOIFdAW440XFOxSOE2FFI1xwnT0sinfJgrtoC4rtMDz5HrHcSclCArN52XXZHQuqe-V5y0bjxRAd4sJlEzL8wrGfDAGGR-ryf3fRDHNNEDmjcl0GC22rZGRiVvvqXA91Oj0AbS35K324m6QrfQhZYQ021rkmt8LbQlMJ0mCbtfVYiIAFHzh-dNH31kln3hBit9STbU1-aGoD-lgV7QYr8ZR-s31Dp91-pGnYua33WnJnvPtP6F5URrBXBuJHhlOuwpIE7jn4mb3bi7o9K5Klyx83BQGjU2Xan7wvbHBJGELPn9cVLn_PP3sUTnTkUq9k_CMNWzeUckRDowspNLp-7WYlpR7qUPgvsKClFKwA1VEKyuE30Y4p1gF4xdqxE7iGL7QferUjueRjUFe2QKhUxuiXgDs-eLckONPaiOFHOyZS7d59iA4Zlq9b6IlXJVT55XqPeF7p5IZRLa35WqEbz7cU9krszvcz5t36IhPV1bmybeZd0CtZNcgGr6qoJC87ob0ZbSGdOD3I8hb5Zv5U6mcCyFb5fuhvm6XsHJGW987fL9EAg9KrpWCQ_Wkt3eMiOgsEpz8YyLNeHa6o85JFpnDdTlroZlxorIfQumUqQGLfXYxgiYnwVHjnINE3cGTaZcudQ9_wzWDUXwU7SXjlGQgqu8Moo1DSqCZ2qK-SFHn-P5W96320wh6LO84ppfDDpXWYdRyCNPDKefbxC66tdFpYKEwMeOuqm11evqOq3EM1L16XuBQInuYZAq73o8XxIZTvBsnwwp8laeiRKhC3grgJ8-W2goKRpb3R81KNU_nu4BisUeJDEflXZJFNkFZ_TOmsyD595PZ_GQkDPb4eI9rjaXtwffy6c8Q2an8xpBfrHPNBplZfCRuMsKWmiyRIVpHy50l_r_gaXENrFEVga6ev-yX0QeXBb7sxYr27ZNoCxJ_z5ZhfGNJstXwkcs4cQVk6KGsyfh7_V_8_lf_YeHLHHkpfg-lRr-x2z7sh53_GUT5Mz8oPvpXvSelZKEiY3x8fH5zZJ-Vw2CgwoD5i6dapHvjRFGgSBx4OsdumAW0SAB1APSd6Txc8_o6CFdlmfj7UH7nrvPBQN28RALV27dnO0LMF4K9v39gsyn6BSnvATCIsUxHIjBxrtt6h36sQZ4-12xVsz9nbQx3cVBtAcokjY8mQNkWiaC_eO0ouor5FECmNXjvKSNawywZKzQSssq1ibTWZ52IdFott67vqOga1qrMfcbGQe3GY6NQoWq-8Ki7W4LKjPGFOp3il5oO2yGCou-evTd3wy_KjUMycl4sK5Ofx5BsgrIkgsB74M6qdZ49YfivvQfSBVoloORn1iXGRy-ke9YnMiDRJCM_8UQZVIL2CkgG1grmq8VA9jnYJjZQfldq4PICL08M6NEcEkGFdhb88Dqtr2rMG1azhYcCHLn9cKpkP0UVza9zjD0Ww9_wcGRtRrsqdZdYc606_RTzeUw9jE1X0d57dCTo9pdthqwTfaZbwNXYBz_7WejC1KTyH3MtWnO6bna2lDgEEsD1kyRB4yB2upkHzgCpcKLdjTV1ZclB9ZuLnLpayU1TZ1YSYpPhAjMSsX5fPYTJ3WUuu1Q6Fhwhpkk9yKz4rDZgx5yisaAA_bnD7vcNISTk9yBGloxB-WFF4lpQH2Jx-4tHt7vQwNB-wTyUWpyZTAUYVDYGtsdpGufMhp8G2vcu0ZeE0wQM20I_mVRcIySpR1IPvODdmhETdxuSZDB7B3Y0r3WCJ3ThjNOigOJX8mphGHAowtdRaOsQDHYhqJn_x-L2ZaWjtfz5z9YSr7-_HNtw1AfBR0xHP9wxiKPFbb5YTlsXfuFF1uAphVW8Mxpz51t2r9B2ttfE6gECKKQJt1VklKuvLFICxA90Oil7vrhK8ahccBvyKGvB86fsuIgSmW40y_1cEjX9qQhPm4hGmX9DEyBd4SzLZCUVFoh9Fx4RikN1-4dF84buBeMysDCx3Up_6wl3PK1eiX2iv7hYx8kApZNMihaaDmnCCTi6_gThEM7dqA3vqPoGIQiwBeoMynblPytYq3x0J_kn8Rl2WNEx17Bnz4e4wkwk5YzDGkexl_k1ONtGS4nOVC8ryEM9f4H-QG4wnkOz1WefCGYT8dZgLYONmW4_PmlfSsjwQrR_EMtyz5a57VGRyss6ORRb_rjTIlHghAbELLNgIWu1gi_eMVWXzQZpWsuXHdJaAYvlQM1z3Up6iLHkaWqlt4Kyy1cRzmMEN9sI2SQJ0UgxWwR8CL7zwYiv5olI7xuSpjLNAt-SOR-9xUFvIaHKten5jyTUDVry6De69jlw77edox8-5cVaWwZnWFlRD4wCp_n5yDVMKRn7RRiWumTNurG5COYGYWLXBUa58zMU1IEVWnS3Xj4y4qMdEC-D2D7f7BWg5jnmU_JcIA&cid=CAASEuRoOU1ZtqLmle-0iyt6y1cH6Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.148 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f148.1e100.net Software sffe / Resource Hash 4f55b782e0d266e744eaeabd954db9e0221284265c264097206f7bcef361c1e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 Aug 2022 08:31:45 GMT x-content-type-options nosniff age 209544 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56771 x-xss-protection 0 last-modified Mon, 01 Aug 2022 05:01:30 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 26 Aug 2023 08:31:45 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 17AD	30 KB 12 KB	173ms 173ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-L4dZ9OiuXu11RyaVUA6wEGwRoRh5zpJaVA5HQY7j5Jxm2jhKtNVqvXKVfKEi54ySdkgpgtWjLS4ZROexuHFKn2NpWg&cry=1&dbm_d=AKAmf-CAkuygV2oaVqsIbItXN7XcBnQ18C_tr5iSQReHlEasG3txOs2O-VN7QFeEJccTbIx6KQAEBxMlzF8koA6ALYHQ8cgh1WSYZumFVDytF1wykg-SOkJmtUxgUWuN7xsR4ywP41vbPCcvoSs8XiPRWv7vvdpLD0PsGdzGtjtO9toeytXQyjzmT1ikv85mr0N7iTTkQu-E2s_ZdG59iks7_sCvyL82AlgJZn78nuL8AoGwOsMjbc4ChRdHFnqBSI59h9AIVoZwjO3r1-xkUPcJDi4E1rMWN9GzESjplQknZQsbsUMLTox77ppsHNQzQYR175GDs4nnj71JSmfxfrIPxJ81JoM10Pr9gL5VMnz9-7gJSC71NXUrkSdqDOFyPy5LlZ5GVtWns7lRUWwGSfGLfBQeXY0fxECJjxImdR3i1tAUfMElrHLlVPhuWfwsA4msF7dTlmh-dH0cfDxLEwOhLVrGm35bIc8aXFrGk1F0-I2u89cCOaThp72JqcXtP18omM1X91bJX2OXtlCQ9yi-oHOu8U0dtEDrIGfCfAM1kyRoPyp4PjQrAyJtry9xBYc-mXA7wwEMuTSNLfCD4vmMIK9C_SjbeloLkk6wD_HO5HaKyIgpdEGWCEH1jnK33l-ZvF4p-9banQ94B8vYFBUE-GCUzDPMwpK-1OMcMIBL5bXTc7cg3G9Kfw3lHLH8uGIb9ASkJ707ZrVgxNS-JVmKB7sbssXljU9KVOZpjsEBYiJvQGiJMxca-aHTFJoZ2qfOIFdAW440XFOxSOE2FFI1xwnT0sinfJgrtoC4rtMDz5HrHcSclCArN52XXZHQuqe-V5y0bjxRAd4sJlEzL8wrGfDAGGR-ryf3fRDHNNEDmjcl0GC22rZGRiVvvqXA91Oj0AbS35K324m6QrfQhZYQ021rkmt8LbQlMJ0mCbtfVYiIAFHzh-dNH31kln3hBit9STbU1-aGoD-lgV7QYr8ZR-s31Dp91-pGnYua33WnJnvPtP6F5URrBXBuJHhlOuwpIE7jn4mb3bi7o9K5Klyx83BQGjU2Xan7wvbHBJGELPn9cVLn_PP3sUTnTkUq9k_CMNWzeUckRDowspNLp-7WYlpR7qUPgvsKClFKwA1VEKyuE30Y4p1gF4xdqxE7iGL7QferUjueRjUFe2QKhUxuiXgDs-eLckONPaiOFHOyZS7d59iA4Zlq9b6IlXJVT55XqPeF7p5IZRLa35WqEbz7cU9krszvcz5t36IhPV1bmybeZd0CtZNcgGr6qoJC87ob0ZbSGdOD3I8hb5Zv5U6mcCyFb5fuhvm6XsHJGW987fL9EAg9KrpWCQ_Wkt3eMiOgsEpz8YyLNeHa6o85JFpnDdTlroZlxorIfQumUqQGLfXYxgiYnwVHjnINE3cGTaZcudQ9_wzWDUXwU7SXjlGQgqu8Moo1DSqCZ2qK-SFHn-P5W96320wh6LO84ppfDDpXWYdRyCNPDKefbxC66tdFpYKEwMeOuqm11evqOq3EM1L16XuBQInuYZAq73o8XxIZTvBsnwwp8laeiRKhC3grgJ8-W2goKRpb3R81KNU_nu4BisUeJDEflXZJFNkFZ_TOmsyD595PZ_GQkDPb4eI9rjaXtwffy6c8Q2an8xpBfrHPNBplZfCRuMsKWmiyRIVpHy50l_r_gaXENrFEVga6ev-yX0QeXBb7sxYr27ZNoCxJ_z5ZhfGNJstXwkcs4cQVk6KGsyfh7_V_8_lf_YeHLHHkpfg-lRr-x2z7sh53_GUT5Mz8oPvpXvSelZKEiY3x8fH5zZJ-Vw2CgwoD5i6dapHvjRFGgSBx4OsdumAW0SAB1APSd6Txc8_o6CFdlmfj7UH7nrvPBQN28RALV27dnO0LMF4K9v39gsyn6BSnvATCIsUxHIjBxrtt6h36sQZ4-12xVsz9nbQx3cVBtAcokjY8mQNkWiaC_eO0ouor5FECmNXjvKSNawywZKzQSssq1ibTWZ52IdFott67vqOga1qrMfcbGQe3GY6NQoWq-8Ki7W4LKjPGFOp3il5oO2yGCou-evTd3wy_KjUMycl4sK5Ofx5BsgrIkgsB74M6qdZ49YfivvQfSBVoloORn1iXGRy-ke9YnMiDRJCM_8UQZVIL2CkgG1grmq8VA9jnYJjZQfldq4PICL08M6NEcEkGFdhb88Dqtr2rMG1azhYcCHLn9cKpkP0UVza9zjD0Ww9_wcGRtRrsqdZdYc606_RTzeUw9jE1X0d57dCTo9pdthqwTfaZbwNXYBz_7WejC1KTyH3MtWnO6bna2lDgEEsD1kyRB4yB2upkHzgCpcKLdjTV1ZclB9ZuLnLpayU1TZ1YSYpPhAjMSsX5fPYTJ3WUuu1Q6Fhwhpkk9yKz4rDZgx5yisaAA_bnD7vcNISTk9yBGloxB-WFF4lpQH2Jx-4tHt7vQwNB-wTyUWpyZTAUYVDYGtsdpGufMhp8G2vcu0ZeE0wQM20I_mVRcIySpR1IPvODdmhETdxuSZDB7B3Y0r3WCJ3ThjNOigOJX8mphGHAowtdRaOsQDHYhqJn_x-L2ZaWjtfz5z9YSr7-_HNtw1AfBR0xHP9wxiKPFbb5YTlsXfuFF1uAphVW8Mxpz51t2r9B2ttfE6gECKKQJt1VklKuvLFICxA90Oil7vrhK8ahccBvyKGvB86fsuIgSmW40y_1cEjX9qQhPm4hGmX9DEyBd4SzLZCUVFoh9Fx4RikN1-4dF84buBeMysDCx3Up_6wl3PK1eiX2iv7hYx8kApZNMihaaDmnCCTi6_gThEM7dqA3vqPoGIQiwBeoMynblPytYq3x0J_kn8Rl2WNEx17Bnz4e4wkwk5YzDGkexl_k1ONtGS4nOVC8ryEM9f4H-QG4wnkOz1WefCGYT8dZgLYONmW4_PmlfSsjwQrR_EMtyz5a57VGRyss6ORRb_rjTIlHghAbELLNgIWu1gi_eMVWXzQZpWsuXHdJaAYvlQM1z3Up6iLHkaWqlt4Kyy1cRzmMEN9sI2SQJ0UgxWwR8CL7zwYiv5olI7xuSpjLNAt-SOR-9xUFvIaHKten5jyTUDVry6De69jlw77edox8-5cVaWwZnWFlRD4wCp_n5yDVMKRn7RRiWumTNurG5COYGYWLXBUa58zMU1IEVWnS3Xj4y4qMdEC-D2D7f7BWg5jnmU_JcIA&cid=CAASEuRoOU1ZtqLmle-0iyt6y1cH6Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 17:39:36 GMT content-encoding gzip x-content-type-options nosniff age 3872 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11819 x-xss-protection 0 server cafe etag 10563440404697844360 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Sep 2022 17:39:36 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 17AD	8 KB 3 KB	176ms 176ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-L4dZ9OiuXu11RyaVUA6wEGwRoRh5zpJaVA5HQY7j5Jxm2jhKtNVqvXKVfKEi54ySdkgpgtWjLS4ZROexuHFKn2NpWg&cry=1&dbm_d=AKAmf-CAkuygV2oaVqsIbItXN7XcBnQ18C_tr5iSQReHlEasG3txOs2O-VN7QFeEJccTbIx6KQAEBxMlzF8koA6ALYHQ8cgh1WSYZumFVDytF1wykg-SOkJmtUxgUWuN7xsR4ywP41vbPCcvoSs8XiPRWv7vvdpLD0PsGdzGtjtO9toeytXQyjzmT1ikv85mr0N7iTTkQu-E2s_ZdG59iks7_sCvyL82AlgJZn78nuL8AoGwOsMjbc4ChRdHFnqBSI59h9AIVoZwjO3r1-xkUPcJDi4E1rMWN9GzESjplQknZQsbsUMLTox77ppsHNQzQYR175GDs4nnj71JSmfxfrIPxJ81JoM10Pr9gL5VMnz9-7gJSC71NXUrkSdqDOFyPy5LlZ5GVtWns7lRUWwGSfGLfBQeXY0fxECJjxImdR3i1tAUfMElrHLlVPhuWfwsA4msF7dTlmh-dH0cfDxLEwOhLVrGm35bIc8aXFrGk1F0-I2u89cCOaThp72JqcXtP18omM1X91bJX2OXtlCQ9yi-oHOu8U0dtEDrIGfCfAM1kyRoPyp4PjQrAyJtry9xBYc-mXA7wwEMuTSNLfCD4vmMIK9C_SjbeloLkk6wD_HO5HaKyIgpdEGWCEH1jnK33l-ZvF4p-9banQ94B8vYFBUE-GCUzDPMwpK-1OMcMIBL5bXTc7cg3G9Kfw3lHLH8uGIb9ASkJ707ZrVgxNS-JVmKB7sbssXljU9KVOZpjsEBYiJvQGiJMxca-aHTFJoZ2qfOIFdAW440XFOxSOE2FFI1xwnT0sinfJgrtoC4rtMDz5HrHcSclCArN52XXZHQuqe-V5y0bjxRAd4sJlEzL8wrGfDAGGR-ryf3fRDHNNEDmjcl0GC22rZGRiVvvqXA91Oj0AbS35K324m6QrfQhZYQ021rkmt8LbQlMJ0mCbtfVYiIAFHzh-dNH31kln3hBit9STbU1-aGoD-lgV7QYr8ZR-s31Dp91-pGnYua33WnJnvPtP6F5URrBXBuJHhlOuwpIE7jn4mb3bi7o9K5Klyx83BQGjU2Xan7wvbHBJGELPn9cVLn_PP3sUTnTkUq9k_CMNWzeUckRDowspNLp-7WYlpR7qUPgvsKClFKwA1VEKyuE30Y4p1gF4xdqxE7iGL7QferUjueRjUFe2QKhUxuiXgDs-eLckONPaiOFHOyZS7d59iA4Zlq9b6IlXJVT55XqPeF7p5IZRLa35WqEbz7cU9krszvcz5t36IhPV1bmybeZd0CtZNcgGr6qoJC87ob0ZbSGdOD3I8hb5Zv5U6mcCyFb5fuhvm6XsHJGW987fL9EAg9KrpWCQ_Wkt3eMiOgsEpz8YyLNeHa6o85JFpnDdTlroZlxorIfQumUqQGLfXYxgiYnwVHjnINE3cGTaZcudQ9_wzWDUXwU7SXjlGQgqu8Moo1DSqCZ2qK-SFHn-P5W96320wh6LO84ppfDDpXWYdRyCNPDKefbxC66tdFpYKEwMeOuqm11evqOq3EM1L16XuBQInuYZAq73o8XxIZTvBsnwwp8laeiRKhC3grgJ8-W2goKRpb3R81KNU_nu4BisUeJDEflXZJFNkFZ_TOmsyD595PZ_GQkDPb4eI9rjaXtwffy6c8Q2an8xpBfrHPNBplZfCRuMsKWmiyRIVpHy50l_r_gaXENrFEVga6ev-yX0QeXBb7sxYr27ZNoCxJ_z5ZhfGNJstXwkcs4cQVk6KGsyfh7_V_8_lf_YeHLHHkpfg-lRr-x2z7sh53_GUT5Mz8oPvpXvSelZKEiY3x8fH5zZJ-Vw2CgwoD5i6dapHvjRFGgSBx4OsdumAW0SAB1APSd6Txc8_o6CFdlmfj7UH7nrvPBQN28RALV27dnO0LMF4K9v39gsyn6BSnvATCIsUxHIjBxrtt6h36sQZ4-12xVsz9nbQx3cVBtAcokjY8mQNkWiaC_eO0ouor5FECmNXjvKSNawywZKzQSssq1ibTWZ52IdFott67vqOga1qrMfcbGQe3GY6NQoWq-8Ki7W4LKjPGFOp3il5oO2yGCou-evTd3wy_KjUMycl4sK5Ofx5BsgrIkgsB74M6qdZ49YfivvQfSBVoloORn1iXGRy-ke9YnMiDRJCM_8UQZVIL2CkgG1grmq8VA9jnYJjZQfldq4PICL08M6NEcEkGFdhb88Dqtr2rMG1azhYcCHLn9cKpkP0UVza9zjD0Ww9_wcGRtRrsqdZdYc606_RTzeUw9jE1X0d57dCTo9pdthqwTfaZbwNXYBz_7WejC1KTyH3MtWnO6bna2lDgEEsD1kyRB4yB2upkHzgCpcKLdjTV1ZclB9ZuLnLpayU1TZ1YSYpPhAjMSsX5fPYTJ3WUuu1Q6Fhwhpkk9yKz4rDZgx5yisaAA_bnD7vcNISTk9yBGloxB-WFF4lpQH2Jx-4tHt7vQwNB-wTyUWpyZTAUYVDYGtsdpGufMhp8G2vcu0ZeE0wQM20I_mVRcIySpR1IPvODdmhETdxuSZDB7B3Y0r3WCJ3ThjNOigOJX8mphGHAowtdRaOsQDHYhqJn_x-L2ZaWjtfz5z9YSr7-_HNtw1AfBR0xHP9wxiKPFbb5YTlsXfuFF1uAphVW8Mxpz51t2r9B2ttfE6gECKKQJt1VklKuvLFICxA90Oil7vrhK8ahccBvyKGvB86fsuIgSmW40y_1cEjX9qQhPm4hGmX9DEyBd4SzLZCUVFoh9Fx4RikN1-4dF84buBeMysDCx3Up_6wl3PK1eiX2iv7hYx8kApZNMihaaDmnCCTi6_gThEM7dqA3vqPoGIQiwBeoMynblPytYq3x0J_kn8Rl2WNEx17Bnz4e4wkwk5YzDGkexl_k1ONtGS4nOVC8ryEM9f4H-QG4wnkOz1WefCGYT8dZgLYONmW4_PmlfSsjwQrR_EMtyz5a57VGRyss6ORRb_rjTIlHghAbELLNgIWu1gi_eMVWXzQZpWsuXHdJaAYvlQM1z3Up6iLHkaWqlt4Kyy1cRzmMEN9sI2SQJ0UgxWwR8CL7zwYiv5olI7xuSpjLNAt-SOR-9xUFvIaHKten5jyTUDVry6De69jlw77edox8-5cVaWwZnWFlRD4wCp_n5yDVMKRn7RRiWumTNurG5COYGYWLXBUa58zMU1IEVWnS3Xj4y4qMdEC-D2D7f7BWg5jnmU_JcIA&cid=CAASEuRoOU1ZtqLmle-0iyt6y1cH6Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 17:40:03 GMT content-encoding gzip x-content-type-options nosniff age 3845 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3181 x-xss-protection 0 server cafe etag 18418590997839133011 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Sep 2022 17:40:03 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 17AD	0 622 B	437ms 179ms	Ping image/gif	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVgrOp0YKfPhmSLVTAaiwQeiOOTefPotrANP5_cClpnxbHuHar-Q4wkjXAd2j_oVLaDAQYoqgtYbXTIhVc8jEuyUPMv8-lbYbIiryYiwyY3Y0pjnim1sRRt-uxEhRGSN2_VbOVrEdQeFSNm98IkjmJ1y5fPZyLMJD-OrIT_ZcLTQVJgqqza-5vuQnqYrtTA8Npuw2ByMqbUgyx_JxbGVROQpABO9kAzHs2a0GBBL4vF8FB8WLv2vaQ8Ahq5sUc04ijlthKiXtr7QYFK0yI-ktEWml24e3Msg0alLf24xRefeXhK8f7h0pDnYa8uTL9yUeQwY6TFyVRMfdJkqDAmlPplD298Ws8GB857lrz2EMI_DF7rpIR7NhGExAj6tO0kEFmweUBxhfe2Kjj4k_DcHIz5cmhm3gzceMvzDxUvyZAlktcsLWBtoM66hK4Rf_3tSs0pz3zmXzmgEWjcgE6kffYyCJv8YVv58sI3AcYZqpHGIE8kuwB8xKM-grXZlqS8nGYtLpi0rx7Vv-ydk1kNdoV00WdQTfcusXhD698qzC58i90AdIofC5BAFLcX1oi5k7Yo0USTiwwdkGlrhIlPrtv-FDsHxaI1BkHNYwd3Y2rqManMXn4iESE9Riv8i_UsoZGnWxktc4mDat8J5YqS9Nwikoh18mrgTNsBDMzto2Etz1BWV9mLdcbGG0NkvznG7r7Ze6lbGYcRoGuw23MoO6FbCitsiCpRap1pshTB8dvclMihgP016z56Sf48woOLw39NMLssL2GmMEBQJdZiFagduFJ2V8prJCh71DY5bG-9Ax0iPp5B6AaDcwq0EJlTM2lX-52A3JyfZmF0zYons61gjDSY1IB-Ez0IE8pQhPFnFCuKG_9Kg7RGUKs6gseHSIQGIcMRxXemOVlY58xmy2tB_fIscvV3O0NUaK0pTujFaaKRa4R_ua4ZLhrcRVXI2Cq8k16G5BT8QoVJjeHchbDFSYSsMPzbgCFtme0gCeVHJmqdzbQlcAOv0jzZjulj6MeJF94CI4sLXLRSQ4Qj0SHoM6VdzdxyV1nT__8BwwQj7Rg4u6pfl13QJzTuAZg0FsLA7XGrQVT0g2dt4Eyi3d7-Tw-7xbQBlImwC1HObbdzIxhJO_Ait-tcKqOaW4WHkiTHM_5v_o2rIuS9QcLUDUUgTX2EyZfDGALXV57nCSCsrBE8PiU36pjXDccCbG8febnHZ_7L6Zl6vmu-Hx4TnG3_jNnrB4rE7Tlu_lfkp8k9L7ziszYYcMr7AMn0QCqv8pAxTMwiNudEho&sai=AMfl-YTGmoSw8bhD1j8DJLab_vCMRbE7c19j5kuQI0_6YLXQGZqgvIrQBJnrkGsyL5dzQfzaEhKLvZuXYGZkeXH59zBmytpJ5R8PTZBvcunYNWUnomE40ahxQD4ONfm_g_F79POI84z_C1zibeanDV1zcZSmwfiv2A&sig=Cg0ArKJSzOjI7ozvnALEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220822.97844&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-L4dZ9OiuXu11RyaVUA6wEGwRoRh5zpJaVA5HQY7j5Jxm2jhKtNVqvXKVfKEi54ySdkgpgtWjLS4ZROexuHFKn2NpWg&cry=1&dbm_d=AKAmf-CAkuygV2oaVqsIbItXN7XcBnQ18C_tr5iSQReHlEasG3txOs2O-VN7QFeEJccTbIx6KQAEBxMlzF8koA6ALYHQ8cgh1WSYZumFVDytF1wykg-SOkJmtUxgUWuN7xsR4ywP41vbPCcvoSs8XiPRWv7vvdpLD0PsGdzGtjtO9toeytXQyjzmT1ikv85mr0N7iTTkQu-E2s_ZdG59iks7_sCvyL82AlgJZn78nuL8AoGwOsMjbc4ChRdHFnqBSI59h9AIVoZwjO3r1-xkUPcJDi4E1rMWN9GzESjplQknZQsbsUMLTox77ppsHNQzQYR175GDs4nnj71JSmfxfrIPxJ81JoM10Pr9gL5VMnz9-7gJSC71NXUrkSdqDOFyPy5LlZ5GVtWns7lRUWwGSfGLfBQeXY0fxECJjxImdR3i1tAUfMElrHLlVPhuWfwsA4msF7dTlmh-dH0cfDxLEwOhLVrGm35bIc8aXFrGk1F0-I2u89cCOaThp72JqcXtP18omM1X91bJX2OXtlCQ9yi-oHOu8U0dtEDrIGfCfAM1kyRoPyp4PjQrAyJtry9xBYc-mXA7wwEMuTSNLfCD4vmMIK9C_SjbeloLkk6wD_HO5HaKyIgpdEGWCEH1jnK33l-ZvF4p-9banQ94B8vYFBUE-GCUzDPMwpK-1OMcMIBL5bXTc7cg3G9Kfw3lHLH8uGIb9ASkJ707ZrVgxNS-JVmKB7sbssXljU9KVOZpjsEBYiJvQGiJMxca-aHTFJoZ2qfOIFdAW440XFOxSOE2FFI1xwnT0sinfJgrtoC4rtMDz5HrHcSclCArN52XXZHQuqe-V5y0bjxRAd4sJlEzL8wrGfDAGGR-ryf3fRDHNNEDmjcl0GC22rZGRiVvvqXA91Oj0AbS35K324m6QrfQhZYQ021rkmt8LbQlMJ0mCbtfVYiIAFHzh-dNH31kln3hBit9STbU1-aGoD-lgV7QYr8ZR-s31Dp91-pGnYua33WnJnvPtP6F5URrBXBuJHhlOuwpIE7jn4mb3bi7o9K5Klyx83BQGjU2Xan7wvbHBJGELPn9cVLn_PP3sUTnTkUq9k_CMNWzeUckRDowspNLp-7WYlpR7qUPgvsKClFKwA1VEKyuE30Y4p1gF4xdqxE7iGL7QferUjueRjUFe2QKhUxuiXgDs-eLckONPaiOFHOyZS7d59iA4Zlq9b6IlXJVT55XqPeF7p5IZRLa35WqEbz7cU9krszvcz5t36IhPV1bmybeZd0CtZNcgGr6qoJC87ob0ZbSGdOD3I8hb5Zv5U6mcCyFb5fuhvm6XsHJGW987fL9EAg9KrpWCQ_Wkt3eMiOgsEpz8YyLNeHa6o85JFpnDdTlroZlxorIfQumUqQGLfXYxgiYnwVHjnINE3cGTaZcudQ9_wzWDUXwU7SXjlGQgqu8Moo1DSqCZ2qK-SFHn-P5W96320wh6LO84ppfDDpXWYdRyCNPDKefbxC66tdFpYKEwMeOuqm11evqOq3EM1L16XuBQInuYZAq73o8XxIZTvBsnwwp8laeiRKhC3grgJ8-W2goKRpb3R81KNU_nu4BisUeJDEflXZJFNkFZ_TOmsyD595PZ_GQkDPb4eI9rjaXtwffy6c8Q2an8xpBfrHPNBplZfCRuMsKWmiyRIVpHy50l_r_gaXENrFEVga6ev-yX0QeXBb7sxYr27ZNoCxJ_z5ZhfGNJstXwkcs4cQVk6KGsyfh7_V_8_lf_YeHLHHkpfg-lRr-x2z7sh53_GUT5Mz8oPvpXvSelZKEiY3x8fH5zZJ-Vw2CgwoD5i6dapHvjRFGgSBx4OsdumAW0SAB1APSd6Txc8_o6CFdlmfj7UH7nrvPBQN28RALV27dnO0LMF4K9v39gsyn6BSnvATCIsUxHIjBxrtt6h36sQZ4-12xVsz9nbQx3cVBtAcokjY8mQNkWiaC_eO0ouor5FECmNXjvKSNawywZKzQSssq1ibTWZ52IdFott67vqOga1qrMfcbGQe3GY6NQoWq-8Ki7W4LKjPGFOp3il5oO2yGCou-evTd3wy_KjUMycl4sK5Ofx5BsgrIkgsB74M6qdZ49YfivvQfSBVoloORn1iXGRy-ke9YnMiDRJCM_8UQZVIL2CkgG1grmq8VA9jnYJjZQfldq4PICL08M6NEcEkGFdhb88Dqtr2rMG1azhYcCHLn9cKpkP0UVza9zjD0Ww9_wcGRtRrsqdZdYc606_RTzeUw9jE1X0d57dCTo9pdthqwTfaZbwNXYBz_7WejC1KTyH3MtWnO6bna2lDgEEsD1kyRB4yB2upkHzgCpcKLdjTV1ZclB9ZuLnLpayU1TZ1YSYpPhAjMSsX5fPYTJ3WUuu1Q6Fhwhpkk9yKz4rDZgx5yisaAA_bnD7vcNISTk9yBGloxB-WFF4lpQH2Jx-4tHt7vQwNB-wTyUWpyZTAUYVDYGtsdpGufMhp8G2vcu0ZeE0wQM20I_mVRcIySpR1IPvODdmhETdxuSZDB7B3Y0r3WCJ3ThjNOigOJX8mphGHAowtdRaOsQDHYhqJn_x-L2ZaWjtfz5z9YSr7-_HNtw1AfBR0xHP9wxiKPFbb5YTlsXfuFF1uAphVW8Mxpz51t2r9B2ttfE6gECKKQJt1VklKuvLFICxA90Oil7vrhK8ahccBvyKGvB86fsuIgSmW40y_1cEjX9qQhPm4hGmX9DEyBd4SzLZCUVFoh9Fx4RikN1-4dF84buBeMysDCx3Up_6wl3PK1eiX2iv7hYx8kApZNMihaaDmnCCTi6_gThEM7dqA3vqPoGIQiwBeoMynblPytYq3x0J_kn8Rl2WNEx17Bnz4e4wkwk5YzDGkexl_k1ONtGS4nOVC8ryEM9f4H-QG4wnkOz1WefCGYT8dZgLYONmW4_PmlfSsjwQrR_EMtyz5a57VGRyss6ORRb_rjTIlHghAbELLNgIWu1gi_eMVWXzQZpWsuXHdJaAYvlQM1z3Up6iLHkaWqlt4Kyy1cRzmMEN9sI2SQJ0UgxWwR8CL7zwYiv5olI7xuSpjLNAt-SOR-9xUFvIaHKten5jyTUDVry6De69jlw77edox8-5cVaWwZnWFlRD4wCp_n5yDVMKRn7RRiWumTNurG5COYGYWLXBUa58zMU1IEVWnS3Xj4y4qMdEC-D2D7f7BWg5jnmU_JcIA&cid=CAASEuRoOU1ZtqLmle-0iyt6y1cH6Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 date Sun, 28 Aug 2022 18:44:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame 17AD	8 KB 4 KB	516ms 172ms	Script application/javascript	23.36.254.7 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-L4dZ9OiuXu11RyaVUA6wEGwRoRh5zpJaVA5HQY7j5Jxm2jhKtNVqvXKVfKEi54ySdkgpgtWjLS4ZROexuHFKn2NpWg&cry=1&dbm_d=AKAmf-CAkuygV2oaVqsIbItXN7XcBnQ18C_tr5iSQReHlEasG3txOs2O-VN7QFeEJccTbIx6KQAEBxMlzF8koA6ALYHQ8cgh1WSYZumFVDytF1wykg-SOkJmtUxgUWuN7xsR4ywP41vbPCcvoSs8XiPRWv7vvdpLD0PsGdzGtjtO9toeytXQyjzmT1ikv85mr0N7iTTkQu-E2s_ZdG59iks7_sCvyL82AlgJZn78nuL8AoGwOsMjbc4ChRdHFnqBSI59h9AIVoZwjO3r1-xkUPcJDi4E1rMWN9GzESjplQknZQsbsUMLTox77ppsHNQzQYR175GDs4nnj71JSmfxfrIPxJ81JoM10Pr9gL5VMnz9-7gJSC71NXUrkSdqDOFyPy5LlZ5GVtWns7lRUWwGSfGLfBQeXY0fxECJjxImdR3i1tAUfMElrHLlVPhuWfwsA4msF7dTlmh-dH0cfDxLEwOhLVrGm35bIc8aXFrGk1F0-I2u89cCOaThp72JqcXtP18omM1X91bJX2OXtlCQ9yi-oHOu8U0dtEDrIGfCfAM1kyRoPyp4PjQrAyJtry9xBYc-mXA7wwEMuTSNLfCD4vmMIK9C_SjbeloLkk6wD_HO5HaKyIgpdEGWCEH1jnK33l-ZvF4p-9banQ94B8vYFBUE-GCUzDPMwpK-1OMcMIBL5bXTc7cg3G9Kfw3lHLH8uGIb9ASkJ707ZrVgxNS-JVmKB7sbssXljU9KVOZpjsEBYiJvQGiJMxca-aHTFJoZ2qfOIFdAW440XFOxSOE2FFI1xwnT0sinfJgrtoC4rtMDz5HrHcSclCArN52XXZHQuqe-V5y0bjxRAd4sJlEzL8wrGfDAGGR-ryf3fRDHNNEDmjcl0GC22rZGRiVvvqXA91Oj0AbS35K324m6QrfQhZYQ021rkmt8LbQlMJ0mCbtfVYiIAFHzh-dNH31kln3hBit9STbU1-aGoD-lgV7QYr8ZR-s31Dp91-pGnYua33WnJnvPtP6F5URrBXBuJHhlOuwpIE7jn4mb3bi7o9K5Klyx83BQGjU2Xan7wvbHBJGELPn9cVLn_PP3sUTnTkUq9k_CMNWzeUckRDowspNLp-7WYlpR7qUPgvsKClFKwA1VEKyuE30Y4p1gF4xdqxE7iGL7QferUjueRjUFe2QKhUxuiXgDs-eLckONPaiOFHOyZS7d59iA4Zlq9b6IlXJVT55XqPeF7p5IZRLa35WqEbz7cU9krszvcz5t36IhPV1bmybeZd0CtZNcgGr6qoJC87ob0ZbSGdOD3I8hb5Zv5U6mcCyFb5fuhvm6XsHJGW987fL9EAg9KrpWCQ_Wkt3eMiOgsEpz8YyLNeHa6o85JFpnDdTlroZlxorIfQumUqQGLfXYxgiYnwVHjnINE3cGTaZcudQ9_wzWDUXwU7SXjlGQgqu8Moo1DSqCZ2qK-SFHn-P5W96320wh6LO84ppfDDpXWYdRyCNPDKefbxC66tdFpYKEwMeOuqm11evqOq3EM1L16XuBQInuYZAq73o8XxIZTvBsnwwp8laeiRKhC3grgJ8-W2goKRpb3R81KNU_nu4BisUeJDEflXZJFNkFZ_TOmsyD595PZ_GQkDPb4eI9rjaXtwffy6c8Q2an8xpBfrHPNBplZfCRuMsKWmiyRIVpHy50l_r_gaXENrFEVga6ev-yX0QeXBb7sxYr27ZNoCxJ_z5ZhfGNJstXwkcs4cQVk6KGsyfh7_V_8_lf_YeHLHHkpfg-lRr-x2z7sh53_GUT5Mz8oPvpXvSelZKEiY3x8fH5zZJ-Vw2CgwoD5i6dapHvjRFGgSBx4OsdumAW0SAB1APSd6Txc8_o6CFdlmfj7UH7nrvPBQN28RALV27dnO0LMF4K9v39gsyn6BSnvATCIsUxHIjBxrtt6h36sQZ4-12xVsz9nbQx3cVBtAcokjY8mQNkWiaC_eO0ouor5FECmNXjvKSNawywZKzQSssq1ibTWZ52IdFott67vqOga1qrMfcbGQe3GY6NQoWq-8Ki7W4LKjPGFOp3il5oO2yGCou-evTd3wy_KjUMycl4sK5Ofx5BsgrIkgsB74M6qdZ49YfivvQfSBVoloORn1iXGRy-ke9YnMiDRJCM_8UQZVIL2CkgG1grmq8VA9jnYJjZQfldq4PICL08M6NEcEkGFdhb88Dqtr2rMG1azhYcCHLn9cKpkP0UVza9zjD0Ww9_wcGRtRrsqdZdYc606_RTzeUw9jE1X0d57dCTo9pdthqwTfaZbwNXYBz_7WejC1KTyH3MtWnO6bna2lDgEEsD1kyRB4yB2upkHzgCpcKLdjTV1ZclB9ZuLnLpayU1TZ1YSYpPhAjMSsX5fPYTJ3WUuu1Q6Fhwhpkk9yKz4rDZgx5yisaAA_bnD7vcNISTk9yBGloxB-WFF4lpQH2Jx-4tHt7vQwNB-wTyUWpyZTAUYVDYGtsdpGufMhp8G2vcu0ZeE0wQM20I_mVRcIySpR1IPvODdmhETdxuSZDB7B3Y0r3WCJ3ThjNOigOJX8mphGHAowtdRaOsQDHYhqJn_x-L2ZaWjtfz5z9YSr7-_HNtw1AfBR0xHP9wxiKPFbb5YTlsXfuFF1uAphVW8Mxpz51t2r9B2ttfE6gECKKQJt1VklKuvLFICxA90Oil7vrhK8ahccBvyKGvB86fsuIgSmW40y_1cEjX9qQhPm4hGmX9DEyBd4SzLZCUVFoh9Fx4RikN1-4dF84buBeMysDCx3Up_6wl3PK1eiX2iv7hYx8kApZNMihaaDmnCCTi6_gThEM7dqA3vqPoGIQiwBeoMynblPytYq3x0J_kn8Rl2WNEx17Bnz4e4wkwk5YzDGkexl_k1ONtGS4nOVC8ryEM9f4H-QG4wnkOz1WefCGYT8dZgLYONmW4_PmlfSsjwQrR_EMtyz5a57VGRyss6ORRb_rjTIlHghAbELLNgIWu1gi_eMVWXzQZpWsuXHdJaAYvlQM1z3Up6iLHkaWqlt4Kyy1cRzmMEN9sI2SQJ0UgxWwR8CL7zwYiv5olI7xuSpjLNAt-SOR-9xUFvIaHKten5jyTUDVry6De69jlw77edox8-5cVaWwZnWFlRD4wCp_n5yDVMKRn7RRiWumTNurG5COYGYWLXBUa58zMU1IEVWnS3Xj4y4qMdEC-D2D7f7BWg5jnmU_JcIA&cid=CAASEuRoOU1ZtqLmle-0iyt6y1cH6Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.36.254.7 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-254-7.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / Resource Hash 86f990ecc6f910b3c0fad186ee3b59f1a62760a1d2602a23cc687dc25fe5c4bd Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:09 GMT Content-Encoding gzip Last-Modified Thu, 25 Aug 2022 09:18:53 GMT Server Microsoft-IIS/10.0 ETag "80fcb2b163b8d81:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3314
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 17AD	41 KB 15 KB	228ms 228ms	Script text/javascript	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-L4dZ9OiuXu11RyaVUA6wEGwRoRh5zpJaVA5HQY7j5Jxm2jhKtNVqvXKVfKEi54ySdkgpgtWjLS4ZROexuHFKn2NpWg&cry=1&dbm_d=AKAmf-CAkuygV2oaVqsIbItXN7XcBnQ18C_tr5iSQReHlEasG3txOs2O-VN7QFeEJccTbIx6KQAEBxMlzF8koA6ALYHQ8cgh1WSYZumFVDytF1wykg-SOkJmtUxgUWuN7xsR4ywP41vbPCcvoSs8XiPRWv7vvdpLD0PsGdzGtjtO9toeytXQyjzmT1ikv85mr0N7iTTkQu-E2s_ZdG59iks7_sCvyL82AlgJZn78nuL8AoGwOsMjbc4ChRdHFnqBSI59h9AIVoZwjO3r1-xkUPcJDi4E1rMWN9GzESjplQknZQsbsUMLTox77ppsHNQzQYR175GDs4nnj71JSmfxfrIPxJ81JoM10Pr9gL5VMnz9-7gJSC71NXUrkSdqDOFyPy5LlZ5GVtWns7lRUWwGSfGLfBQeXY0fxECJjxImdR3i1tAUfMElrHLlVPhuWfwsA4msF7dTlmh-dH0cfDxLEwOhLVrGm35bIc8aXFrGk1F0-I2u89cCOaThp72JqcXtP18omM1X91bJX2OXtlCQ9yi-oHOu8U0dtEDrIGfCfAM1kyRoPyp4PjQrAyJtry9xBYc-mXA7wwEMuTSNLfCD4vmMIK9C_SjbeloLkk6wD_HO5HaKyIgpdEGWCEH1jnK33l-ZvF4p-9banQ94B8vYFBUE-GCUzDPMwpK-1OMcMIBL5bXTc7cg3G9Kfw3lHLH8uGIb9ASkJ707ZrVgxNS-JVmKB7sbssXljU9KVOZpjsEBYiJvQGiJMxca-aHTFJoZ2qfOIFdAW440XFOxSOE2FFI1xwnT0sinfJgrtoC4rtMDz5HrHcSclCArN52XXZHQuqe-V5y0bjxRAd4sJlEzL8wrGfDAGGR-ryf3fRDHNNEDmjcl0GC22rZGRiVvvqXA91Oj0AbS35K324m6QrfQhZYQ021rkmt8LbQlMJ0mCbtfVYiIAFHzh-dNH31kln3hBit9STbU1-aGoD-lgV7QYr8ZR-s31Dp91-pGnYua33WnJnvPtP6F5URrBXBuJHhlOuwpIE7jn4mb3bi7o9K5Klyx83BQGjU2Xan7wvbHBJGELPn9cVLn_PP3sUTnTkUq9k_CMNWzeUckRDowspNLp-7WYlpR7qUPgvsKClFKwA1VEKyuE30Y4p1gF4xdqxE7iGL7QferUjueRjUFe2QKhUxuiXgDs-eLckONPaiOFHOyZS7d59iA4Zlq9b6IlXJVT55XqPeF7p5IZRLa35WqEbz7cU9krszvcz5t36IhPV1bmybeZd0CtZNcgGr6qoJC87ob0ZbSGdOD3I8hb5Zv5U6mcCyFb5fuhvm6XsHJGW987fL9EAg9KrpWCQ_Wkt3eMiOgsEpz8YyLNeHa6o85JFpnDdTlroZlxorIfQumUqQGLfXYxgiYnwVHjnINE3cGTaZcudQ9_wzWDUXwU7SXjlGQgqu8Moo1DSqCZ2qK-SFHn-P5W96320wh6LO84ppfDDpXWYdRyCNPDKefbxC66tdFpYKEwMeOuqm11evqOq3EM1L16XuBQInuYZAq73o8XxIZTvBsnwwp8laeiRKhC3grgJ8-W2goKRpb3R81KNU_nu4BisUeJDEflXZJFNkFZ_TOmsyD595PZ_GQkDPb4eI9rjaXtwffy6c8Q2an8xpBfrHPNBplZfCRuMsKWmiyRIVpHy50l_r_gaXENrFEVga6ev-yX0QeXBb7sxYr27ZNoCxJ_z5ZhfGNJstXwkcs4cQVk6KGsyfh7_V_8_lf_YeHLHHkpfg-lRr-x2z7sh53_GUT5Mz8oPvpXvSelZKEiY3x8fH5zZJ-Vw2CgwoD5i6dapHvjRFGgSBx4OsdumAW0SAB1APSd6Txc8_o6CFdlmfj7UH7nrvPBQN28RALV27dnO0LMF4K9v39gsyn6BSnvATCIsUxHIjBxrtt6h36sQZ4-12xVsz9nbQx3cVBtAcokjY8mQNkWiaC_eO0ouor5FECmNXjvKSNawywZKzQSssq1ibTWZ52IdFott67vqOga1qrMfcbGQe3GY6NQoWq-8Ki7W4LKjPGFOp3il5oO2yGCou-evTd3wy_KjUMycl4sK5Ofx5BsgrIkgsB74M6qdZ49YfivvQfSBVoloORn1iXGRy-ke9YnMiDRJCM_8UQZVIL2CkgG1grmq8VA9jnYJjZQfldq4PICL08M6NEcEkGFdhb88Dqtr2rMG1azhYcCHLn9cKpkP0UVza9zjD0Ww9_wcGRtRrsqdZdYc606_RTzeUw9jE1X0d57dCTo9pdthqwTfaZbwNXYBz_7WejC1KTyH3MtWnO6bna2lDgEEsD1kyRB4yB2upkHzgCpcKLdjTV1ZclB9ZuLnLpayU1TZ1YSYpPhAjMSsX5fPYTJ3WUuu1Q6Fhwhpkk9yKz4rDZgx5yisaAA_bnD7vcNISTk9yBGloxB-WFF4lpQH2Jx-4tHt7vQwNB-wTyUWpyZTAUYVDYGtsdpGufMhp8G2vcu0ZeE0wQM20I_mVRcIySpR1IPvODdmhETdxuSZDB7B3Y0r3WCJ3ThjNOigOJX8mphGHAowtdRaOsQDHYhqJn_x-L2ZaWjtfz5z9YSr7-_HNtw1AfBR0xHP9wxiKPFbb5YTlsXfuFF1uAphVW8Mxpz51t2r9B2ttfE6gECKKQJt1VklKuvLFICxA90Oil7vrhK8ahccBvyKGvB86fsuIgSmW40y_1cEjX9qQhPm4hGmX9DEyBd4SzLZCUVFoh9Fx4RikN1-4dF84buBeMysDCx3Up_6wl3PK1eiX2iv7hYx8kApZNMihaaDmnCCTi6_gThEM7dqA3vqPoGIQiwBeoMynblPytYq3x0J_kn8Rl2WNEx17Bnz4e4wkwk5YzDGkexl_k1ONtGS4nOVC8ryEM9f4H-QG4wnkOz1WefCGYT8dZgLYONmW4_PmlfSsjwQrR_EMtyz5a57VGRyss6ORRb_rjTIlHghAbELLNgIWu1gi_eMVWXzQZpWsuXHdJaAYvlQM1z3Up6iLHkaWqlt4Kyy1cRzmMEN9sI2SQJ0UgxWwR8CL7zwYiv5olI7xuSpjLNAt-SOR-9xUFvIaHKten5jyTUDVry6De69jlw77edox8-5cVaWwZnWFlRD4wCp_n5yDVMKRn7RRiWumTNurG5COYGYWLXBUa58zMU1IEVWnS3Xj4y4qMdEC-D2D7f7BWg5jnmU_JcIA&cid=CAASEuRoOU1ZtqLmle-0iyt6y1cH6Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 27 Aug 2022 06:29:34 GMT content-encoding gzip x-content-type-options nosniff age 130474 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 27 Aug 2023 06:29:34 GMT
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame 0DC3	36 KB 14 KB	175ms 174ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 27 Aug 2022 09:39:37 GMT content-encoding br x-content-type-options nosniff age 119071 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 27 Aug 2023 09:39:37 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame CB21	1 KB 752 B	174ms 173ms	Document text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 54369 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 724 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 03:37:59 GMT etag 48472445140208031 expires Mon, 29 Aug 2022 03:37:59 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame 7228	36 KB 14 KB	173ms 173ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 27 Aug 2022 09:39:37 GMT content-encoding br x-content-type-options nosniff age 119071 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 27 Aug 2023 09:39:37 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 94F0	0 0	178ms 178ms	Image text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=1861024363498360&rc= Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 17AA	0 0	175ms 175ms	Image text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082302&jk=816637484102105&rc= Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 4EED	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 30241e4e41470e48e28d339884d6dcf88a21afc9b82d6bf3896381d4370d69d3 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame B051	1 KB 752 B	174ms 173ms	Document text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 54369 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 724 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 03:37:59 GMT etag 48472445140208031 expires Mon, 29 Aug 2022 03:37:59 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 17AD	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6620b2469e09be678df78df026292a88de1c90665f12ae3ee1407059060c19c1 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 8B14	22 KB 8 KB	172ms 172ms	Document text/html	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 13526 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 14:58:43 GMT expires Mon, 28 Aug 2023 14:58:43 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	dpixel cms.quantserve.com/ Frame CB21	35 B 362 B	187ms 172ms	Image image/gif	103.229.10.171 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM1Y7S-CfF5Nv7--L71LO_0&google_cver=1&google_push=AehlK4Bcc5_U4MuySY7CkOpMxFBef1e4K3-pTdzoZh8AHTM4Y0icBNHG8dvHt4mRlbI9C-Usq7ZT2LU1bbXTTxeVhXM_1YFkpylFio-q_6r4RYG_LT2qKEPmzJZtObkcpjisJOFJHhphYxEBabQ_YgC02QM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame CB21 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKy2g4k862yYEjczEW_g7RE&google_cver=1&google_push=AehlK4A8cqtsGxlCZg29o7Ryjx-9WSfeqbz5OBIXsAH6PoV6XO1EbIaEm8CWjSAEo9S_P_jorqFAVKVKA0E83WxU... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4A8cqtsGxlCZg29o7Ryjx-9WSfeqbz5OBIXsAH6PoV6XO1EbIaEm8CWjSAEo9S_P_jorqFAVKVKA0E83WxUt0ZrQ525ivs8RbTQ7V9x36U_SdsJBT...	170 B 188 B	176ms 175ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4A8cqtsGxlCZg29o7Ryjx-9WSfeqbz5OBIXsAH6PoV6XO1EbIaEm8CWjSAEo9S_P_jorqFAVKVKA0E83WxUt0ZrQ525ivs8RbTQ7V9x36U_SdsJBTBL14e-TFdvEW12ctKevtUkthHjqijl9CIqdms Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sun, 28 Aug 2022 18:44:09 GMT Server MT3 4505 5b23575 master nrt-pixel-x19 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4A8cqtsGxlCZg29o7Ryjx-9WSfeqbz5OBIXsAH6PoV6XO1EbIaEm8CWjSAEo9S_P_jorqFAVKVKA0E83WxUt0ZrQ525ivs8RbTQ7V9x36U_SdsJBTBL14e-TFdvEW12ctKevtUkthHjqijl9CIqdms Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Sun, 28 Aug 2022 18:44:08 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame CB21 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEMAoRtq_xhIEJreoerSDbrw&google_cver=1&google_push=AehlK4DTmGWGX00DxcsvGGpYU75rmaVFIa1ZWN9Nq3HiTw3TlX0hVx5SMzBdApkdpSEn8SbvfdPX3M9suwfhe1TrBXNZ0CGXX05hTy... https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E9700BD027DA4A4AB62D546AEC99B060&google_push=AehlK4DTmGWGX00DxcsvGGpYU75rmaVFIa1ZWN9Nq3HiTw3TlX0hVx5SMzBdApkdpSEn8SbvfdPX3M9suwfhe1T...	170 B 188 B	176ms 174ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E9700BD027DA4A4AB62D546AEC99B060&google_push=AehlK4DTmGWGX00DxcsvGGpYU75rmaVFIa1ZWN9Nq3HiTw3TlX0hVx5SMzBdApkdpSEn8SbvfdPX3M9suwfhe1TrBXNZ0CGXX05hTyK4cWwuVBX0NlAzO_BstZTrWG6YO7S8e2K1mBAlgJfHY1Y7qgPmTd4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 28 Aug 2022 18:44:09 GMT x-content-type-options nosniff server nginx location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E9700BD027DA4A4AB62D546AEC99B060&google_push=AehlK4DTmGWGX00DxcsvGGpYU75rmaVFIa1ZWN9Nq3HiTw3TlX0hVx5SMzBdApkdpSEn8SbvfdPX3M9suwfhe1TrBXNZ0CGXX05hTyK4cWwuVBX0NlAzO_BstZTrWG6YO7S8e2K1mBAlgJfHY1Y7qgPmTd4 strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 138 expires Sat, 27 Aug 2022 18:44:09 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame CB21 Redirect Chain https://a.c.appier.net/gcm?google_gid=CAESEJYhmir7_j2MYw3sgjIqbJw&google_cver=1&google_push=AehlK4CPa4sOtwuGTFVhbhAN1Pq4mYLDM4zYOvs6l6SrfF7epB1bE0_S5EttQ1_7qx9V-ZwCiC5MpOLTvMKwiBVh9p2WannaqbtLvp6Um... https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MnpNZmFTM0JCREd5dGF2amViY0xZdw%3D%3D&google_push=AehlK4CPa4sOtwuGTFVhbhAN1Pq4mYLDM4zYOvs6l6SrfF7epB1bE0_S5EttQ1_7qx9V-ZwCiC5MpOLTvMKwi...	170 B 188 B	174ms 174ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MnpNZmFTM0JCREd5dGF2amViY0xZdw%3D%3D&google_push=AehlK4CPa4sOtwuGTFVhbhAN1Pq4mYLDM4zYOvs6l6SrfF7epB1bE0_S5EttQ1_7qx9V-ZwCiC5MpOLTvMKwiBVh9p2WannaqbtLvp6Um_cdnHU1BYoBw5vsvIzVJJBeBz9trHJ9_wF0ZzItvIqWbd6vSVQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MnpNZmFTM0JCREd5dGF2amViY0xZdw%3D%3D&google_push=AehlK4CPa4sOtwuGTFVhbhAN1Pq4mYLDM4zYOvs6l6SrfF7epB1bE0_S5EttQ1_7qx9V-ZwCiC5MpOLTvMKwiBVh9p2WannaqbtLvp6Um_cdnHU1BYoBw5vsvIzVJJBeBz9trHJ9_wF0ZzItvIqWbd6vSVQ date Sun, 28 Aug 2022 18:44:09 GMT cache-control no-store server nginx content-type text/html; charset=utf-8 content-length 298 p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GET H3	200	pixel cm.g.doubleclick.net/ Frame CB21 Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECmkFLu4ZpjVGRGURsnh7jM&google_cver=1&google_push=AehlK4Dq01md2ArujwKXHiEkbo_ld_TBadS-NdCBUlYV2KgtUGfeOQhX3hmwoa1kCZVZZbnz7PVL5w3bY23ih... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECmkFLu4ZpjVGRGURsnh7jM&google_push=AehlK4Dq01md2ArujwKXHiEkbo_ld_TBadS-NdCBUlYV2KgtUGfeOQhX3hmwoa1kCZVZZbnz7PVL5w3bY23ih... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4Dq01md2ArujwKXHiEkbo_ld_TBadS-NdCBUlYV2KgtUGfeOQhX3hmwoa1kCZVZZbnz7PVL5w3bY23ihL23fpnDSC-nAKc_kk8FOsYleObsD5Gvnuv7CB0yem1so9V...	170 B 188 B	179ms 178ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4Dq01md2ArujwKXHiEkbo_ld_TBadS-NdCBUlYV2KgtUGfeOQhX3hmwoa1kCZVZZbnz7PVL5w3bY23ihL23fpnDSC-nAKc_kk8FOsYleObsD5Gvnuv7CB0yem1so9VIjItpegytkGbL03PYGJNxuNU&google_hm=VkN6QVgxbEhLdGdHUkpDZmFVb2Y= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 28 Aug 2022 18:44:10 GMT P3p CP="We do not support P3P header." Location https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4Dq01md2ArujwKXHiEkbo_ld_TBadS-NdCBUlYV2KgtUGfeOQhX3hmwoa1kCZVZZbnz7PVL5w3bY23ihL23fpnDSC-nAKc_kk8FOsYleObsD5Gvnuv7CB0yem1so9VIjItpegytkGbL03PYGJNxuNU&google_hm=VkN6QVgxbEhLdGdHUkpDZmFVb2Y= Cache-Control no-cache, no-store, must-revalidate Content-Type text/html; charset=utf-8 Content-Length 291 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET		/ b1sync.zemanta.com/usersync/googleadx/ Frame CB21 Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMoWMg-ufAobo9Ph2T4268Q&google_cver=1&google_push=AehlK4BQT4VWBYPoaThBJFjAJ7Zc7Yn8wfBkT2kD47s8KOAGj3umYUFflWn2JZoEWaDApvQc6pZ_JtiTdhCgE... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMoWMg-ufAobo9Ph2T4268Q&google_push=AehlK4BQT4VWBYPoaThBJFjAJ7Zc7Yn8wfBkT2kD47s8KOAGj3umYUFflWn2JZoEWaDApvQc6pZ_JtiTdhCgE... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BQT4VWBYPoaThBJFjAJ7Zc7Yn8wfBkT2kD47s8KOAGj3umYUFflWn2JZoEWaDApvQc6pZ_JtiTdhCgE3bUrkZF2ll7nVRU09RIrAsPCxBbhOkUbzLbsSK3uFQ30ZL... https://b1sync.zemanta.com/usersync/googleadx/?google_error=5	0 0
GET		spacer.gif an.yandex.ru/resource/ Frame CB21 Redirect Chain https://an.yandex.ru/mapuid/google/CAESEIiLXHSWo_XJm_NklQtrqX4?ext-param=AehlK4DLoe781NGmVUf3Xthj2SIvkaSGOxmpCAYP03Dxvuludj3FE5BTRj54qYOAspzKK55-3G0BcBUWh5lAcss6KxjvhByGFFW9_2iBTetwUdYg8S6L7GuYDDp3... https://an.yandex.ru/mapuid/google/CAESEIiLXHSWo_XJm_NklQtrqX4?redir-setuniq=1&ext-param=AehlK4DLoe781NGmVUf3Xthj2SIvkaSGOxmpCAYP03Dxvuludj3FE5BTRj54qYOAspzKK55-3G0BcBUWh5lAcss6KxjvhByGFFW9_2iBTetw... https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIiLXHSWo_XJm_NklQtrqX4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://an.yandex.ru/resource/spacer.gif	0 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame CB21	0 12 B	173ms 171ms	Image text/html	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwshmhZWmdwsQpcEQ5ImcOayNZYu9mZIC0KV6T-srLGyLjgC6d6aFhyxXNriTOyXllrMRYpAM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:09 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 53E2	22 KB 8 KB	172ms 171ms	Document text/html	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 13526 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 14:58:43 GMT expires Mon, 28 Aug 2023 14:58:43 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 0DC3	0 10 B	171ms 171ms	Image text/plain	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?BJJSaw Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:09 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame B051 Redirect Chain https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHVQQRkgcaO5Zsg1rIEeNOM&google_cver=1&google_push=AehlK4CCNUh3AwLMD8uWzUsaTqM1ti2sq-ufI9FHXDy4-mZMsZj3uQZ... https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1f3e190bebc020bb&is_secure=true&networkId=14000&version=1&google_gid=CAESEHVQQRkgcaO5Zsg1rIEeNOM&google_cver=1&google_push=AehlK4CCNUh3... https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMOwe_fNZYYQM0IM2nAAAAAAA&expiration=1661798650&google_cver=1&is_secure=true&google_gid=CAESEHVQQRkgcaO5Zsg1rIEeN...	170 B 188 B	174ms 173ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMOwe_fNZYYQM0IM2nAAAAAAA&expiration=1661798650&google_cver=1&is_secure=true&google_gid=CAESEHVQQRkgcaO5Zsg1rIEeNOM&google_push=AehlK4CCNUh3AwLMD8uWzUsaTqM1ti2sq-ufI9FHXDy4-mZMsZj3uQZV6d8PvDG46-78E9iAmLMhAH6pcE5YmYVgnwlgfHUFOZkrVzjMzkG0xLq5cL76y4eYd_yCsiv3N6qCCDrZhWCvaH0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMOwe_fNZYYQM0IM2nAAAAAAA&expiration=1661798650&google_cver=1&is_secure=true&google_gid=CAESEHVQQRkgcaO5Zsg1rIEeNOM&google_push=AehlK4CCNUh3AwLMD8uWzUsaTqM1ti2sq-ufI9FHXDy4-mZMsZj3uQZV6d8PvDG46-78E9iAmLMhAH6pcE5YmYVgnwlgfHUFOZkrVzjMzkG0xLq5cL76y4eYd_yCsiv3N6qCCDrZhWCvaH0 cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame B051 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC9I2Cm6QdCOPjuC01OPaLE&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC9I2Cm6QdCOPjuC01OPaLE&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OFY3cVRPVDQxT3NuZ3Q1&google_gid=CAESEC9I2Cm6QdCOPjuC01OPaLE&google_cver=1&google_push=AehlK4BVrWtl8WRgGcQikRkTEik445W7McxTMyrgi-KZDia...	170 B 188 B	175ms 174ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OFY3cVRPVDQxT3NuZ3Q1&google_gid=CAESEC9I2Cm6QdCOPjuC01OPaLE&google_cver=1&google_push=AehlK4BVrWtl8WRgGcQikRkTEik445W7McxTMyrgi-KZDiaFeww7KC6MSnAaVvhZtOxNLePPgLaLZRHCmSgLnnZHQB3heQHvZCup5qZuYVKL87LKms-90f4BJHP_hOaxAiUsMNvq339UEtB1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 28 Aug 2022 18:44:09 GMT Server PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-06f4f2a63ede655a4@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OFY3cVRPVDQxT3NuZ3Q1&google_gid=CAESEC9I2Cm6QdCOPjuC01OPaLE&google_cver=1&google_push=AehlK4BVrWtl8WRgGcQikRkTEik445W7McxTMyrgi-KZDiaFeww7KC6MSnAaVvhZtOxNLePPgLaLZRHCmSgLnnZHQB3heQHvZCup5qZuYVKL87LKms-90f4BJHP_hOaxAiUsMNvq339UEtB1 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame B051	0 174 B	354ms 176ms	Image text/plain	34.96.105.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG3au-RcrPEAyFuUpofzojo&google_cver=1&google_push=AehlK4B13C9ZhJiYLMnqtFkRkmpBXjmpTwtnI0TMcb8hkUO40wnfWtsKEQEcIvGlnrGS7uBpktECpiZscHeHcd5RqLjP1TJdG0eKCRcMkmhkUt7J5oSlv3_lYTkWg0_uNsrAK-il3YJeGSTK Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:09 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H/1.1	200 OK	sync gdn.socdm.com/rtb/ Frame B051 Redirect Chain https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEB8Pcfcn4shuNNLd2aIQ1Hc&google_cver=1&google_push=AehlK4AuVShzhLyyJm0w1uZSiRmENtk-ctUdR2c3n7naYPVFeSU4x0WLkk_TItMdGbSQ0... https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXd1M2VjQ284WHNBQUNZQTF3b0FBQUFB https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEB8Pcfcn4shuNNLd2aIQ1Hc&google_cver=1	43 B 949 B	712ms 230ms	Image image/gif	124.146.215.3
General Check archive.org Show headers Download Go to Show image Full URL https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEB8Pcfcn4shuNNLd2aIQ1Hc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol HTTP/1.1 Server 124.146.215.3 -, , ASN (), Reverse DNS Software nginx / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:10 GMT X-SO-LB-Data {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEB8Pcfcn4shuNNLd2aIQ1Hc&google_cver=1","cluster_id":17,"gdpr":false,"ipv4":"103.209.254.23","key":"Ywu3ecCo8XsAACYA1woAAAAA","privacy_sensitive":false,"uid":"Ywu3ecCo8XsAACYA1woAAAAA","upstream_id":"m-ad273"} X-SO-Key Ywu3ecCo8XsAACYA1woAAAAA X-SO-Upstream-ID m-ad273 P3P CP="See also http://www.scaleout.jp/privacy/" X-SO-HostName m-ad273.dc4p.scaleout.jp X-SO-UID Ywu3ecCo8XsAACYA1woAAAAA Connection keep-alive Content-Length 43 X-SO-IP 103.209.254.23 X-SO-Cluster-ID 17 Server nginx Content-Type image/gif Cache-Control private X-SO-Ads-Time 7 X-SO-LB-Hostname m-ng14.dc4p.scaleout.jp Redirect headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEB8Pcfcn4shuNNLd2aIQ1Hc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 318 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame B051 Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENGfolD_4hbkc-1Rnhl-Ldg&google_cver=1&google_push=AehlK4BusdSVYczhn6eFchKIQaYL0Q_r-9QJhWsu4D1kGnhGaeRStctd4c3dW16iAG1apFeXRreO3y3VvjuEADlp9YpN... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENGfolD_4hbkc-1Rnhl-Ldg&google_cver=1&google_push=AehlK4BusdSVYczhn6eFchKIQaYL0Q_r-9QJhWsu4D1kGnhGaeRStctd4c3dW16iAG1apFeXRreO3y3VvjuEAD... https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BusdSVYczhn6eFchKIQaYL0Q_r-9QJhWsu4D1kGnhGaeRStctd4c3dW16iAG1apFeXRreO3y3VvjuEADlp9YpNIxf5bdYY6QafjUhPTzldUc0ehrCCHqYET1mgbjZ9bj...	170 B 188 B	174ms 174ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BusdSVYczhn6eFchKIQaYL0Q_r-9QJhWsu4D1kGnhGaeRStctd4c3dW16iAG1apFeXRreO3y3VvjuEADlp9YpNIxf5bdYY6QafjUhPTzldUc0ehrCCHqYET1mgbjZ9bjuze9TSrkM&google_hm=nTfbPnhsQmuLGkFt5bXDOA== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BusdSVYczhn6eFchKIQaYL0Q_r-9QJhWsu4D1kGnhGaeRStctd4c3dW16iAG1apFeXRreO3y3VvjuEADlp9YpNIxf5bdYY6QafjUhPTzldUc0ehrCCHqYET1mgbjZ9bjuze9TSrkM&google_hm=nTfbPnhsQmuLGkFt5bXDOA== Date Sun, 28 Aug 2022 18:44:10 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame B051 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dje4jBngS2mPXvQ0bj6wNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	175ms 173ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dje4jBngS2mPXvQ0bj6wNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DgsVim_cN32DZXwRNAwgCaSDe_po7nbJg75u9BBpcAzmq4jXF6tmOPY_jb1tiSRzY26rPteHKMp7Bk3yC2OVeIGlyRMzVsrqGkWvQnjeRwDxOOtq-CKOdlf3VdM1VWSPuzZBqc4ulX Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dje4jBngS2mPXvQ0bj6wNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DgsVim_cN32DZXwRNAwgCaSDe_po7nbJg75u9BBpcAzmq4jXF6tmOPY_jb1tiSRzY26rPteHKMp7Bk3yC2OVeIGlyRMzVsrqGkWvQnjeRwDxOOtq-CKOdlf3VdM1VWSPuzZBqc4ulX date Sun, 28 Aug 2022 18:44:09 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame B051 Redirect Chain https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEGWH5Zd7q9MkctkgYMr01nk&google_cver=1&google_push=AehlK4DJdy4sLAjOq_ymOc2B6OqN8AzyTUwm_Cf6LFQ6qkBdrt_c6-auA0-dPMUaTctDIfFuF-UtSAkPFvD1qfz3L... https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MTcxYTllNTktMTI3Yi00ZmM0LTgzYTItMWQwYWQ1MTkxNTk4&google_push=AehlK4DJdy4sLAjOq_ymOc2B6OqN8AzyTUwm_Cf6LFQ6qkBdrt_c6-auA0-dPMUa...	170 B 188 B	175ms 174ms	Image image/png	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MTcxYTllNTktMTI3Yi00ZmM0LTgzYTItMWQwYWQ1MTkxNTk4&google_push=AehlK4DJdy4sLAjOq_ymOc2B6OqN8AzyTUwm_Cf6LFQ6qkBdrt_c6-auA0-dPMUaTctDIfFuF-UtSAkPFvD1qfz3Lfb5yt5221hMIF1tx9RSkQqQx25OkQO_sqwmrzIn4VGueWYEXiZQ_BuTQQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MTcxYTllNTktMTI3Yi00ZmM0LTgzYTItMWQwYWQ1MTkxNTk4&google_push=AehlK4DJdy4sLAjOq_ymOc2B6OqN8AzyTUwm_Cf6LFQ6qkBdrt_c6-auA0-dPMUaTctDIfFuF-UtSAkPFvD1qfz3Lfb5yt5221hMIF1tx9RSkQqQx25OkQO_sqwmrzIn4VGueWYEXiZQ_BuTQQ date Sun, 28 Aug 2022 18:44:09 GMT content-length 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame B051	0 12 B	172ms 171ms	Image text/html	74.125.200.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ioe75fuOkzgycAgVNuLDPstZfXx0Jh6rBpylMh0Hf-oc29_NaOCJK-nBOGNs3B6Uk304GLNA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:09 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 7228	0 10 B	171ms 171ms	Image text/plain	142.250.4.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?A1u18g Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:09 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame 8B14	36 KB 14 KB	174ms 173ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 27 Aug 2022 09:39:37 GMT content-encoding br x-content-type-options nosniff age 119072 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 27 Aug 2023 09:39:37 GMT
GET H/1.1	200 OK	dv-measurements2986.js Show response cdn.doubleverify.com/ Frame 2F6A	552 KB 106 KB	195ms 195ms	Script application/javascript	23.36.254.7 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-measurements2986.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.36.254.7 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-254-7.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / Resource Hash 16ddaec8fa914389399e7cdb920faf6124aa4690ec3184b0aca04d5721dba960 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:09 GMT Content-Encoding gzip Last-Modified Wed, 24 Aug 2022 12:01:59 GMT Server Microsoft-IIS/10.0 ETag "80553250b1b7d81:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080900 Connection keep-alive Accept-Ranges bytes Content-Length 107715
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame 53E2	36 KB 14 KB	173ms 173ms	Script text/javascript	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 27 Aug 2022 09:39:37 GMT content-encoding br x-content-type-options nosniff age 119072 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 27 Aug 2023 09:39:37 GMT
GET H/1.1	200 OK	dv-measurements2986.js Show response cdn.doubleverify.com/ Frame 03EA	552 KB 106 KB	195ms 195ms	Script application/javascript	23.36.254.7 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-measurements2986.js Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.36.254.7 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-254-7.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / Resource Hash 16ddaec8fa914389399e7cdb920faf6124aa4690ec3184b0aca04d5721dba960 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 28 Aug 2022 18:44:09 GMT Content-Encoding gzip Last-Modified Wed, 24 Aug 2022 12:01:59 GMT Server Microsoft-IIS/10.0 ETag "80553250b1b7d81:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080900 Connection keep-alive Accept-Ranges bytes Content-Length 107715
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8B14	0 23 B	177ms 176ms	Image image/gif	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7CO9eLcLY73PHoX2owPj04C4CQAAAAA4AeAEAg&bg=!9Pel97PNAAYUOm8VNDo7ACkAdvg8Wiw4AIt2AfghbKdKWv94srbb7B4iVcD4dp3K3eOx7bcT0PSX2QIAAABNUgAAAAJoAQcKAJhpmChlNuccfnFEIYojK_OUd6zme8h18CjgD_VMQfNQqY_-Qtkov-bmCiHi2Q8X1ANVedWK9Bhsay3cURTFgedPrIaEkMU7iK3OAnd3-3b9pHEZamkf38kBP25CCA3voyypUTF5hqvNP83xyvcPXvHO2kwVea4xAQSL3VKjPleL9qBu0wzws_gC-rZoNr_DWHPdo4jn7m9PhpkC5nOPaO6uC3vz5WDgwPGxcdi_i3zK7hG6RYcQnsyINIX1z0ZEECfqOxzA9NN3TzlGAYjgOgn0bb9rYbPwyVaRu1z2Q5nBrPeMq9SCUHAuSDFiEt70u7uiNGmjpDuooLYN83DJuR8GatHwF3rhprlyWnpuged7Z06IWJnUGA3CE0Edmc22cwngJzURevKb-H6ZZ1E4JGP-K2WKyYqN-XreNLTrcmrWkpbHKAYRPCkQndSDaLzioxMZ2qeL0StpXfQEjh3Lfxf4QvB1yCKuTKgwc1IBQqdP0dofru5yvAVyd1yX3Cj2Ym4Gpq07EqR50rRN_YsIQogsVHg2JPbsqJXL0rKMfmE3FWanvVQ57byyvZVcEBV8pohZiDF87O2SrzAPnrHQUaN2gpyPjNX0uxUfgTEldhpYPXnnlVLwaIgiVi1biDNqZWJjVyoQOU38qL83KN4aeMhTEMLe3IweUASYwljmlFRpTvN9ItCGbjZH9A7zl7md6ULWUTZZBHynzXvbgGMvVEeH0RH4QBiaTINCwtPmkPrZ8HMtOfgFs2zHb8LPstlSfQFSR9mlTegR9kuJmn0k_1DYf3qTNFJriJVetbl-KeqzAiv-PPtwVcE61tsG2L6ups428E5SQL2lXXe6oT1Z3Pi6PQS4z2mGAwklIy1Qrp5kJeYtcvEQJxDFmdTwun_kFlwesWhBzxWVcbj7jQdMQV3SPRmvNSlGwaeivk4Qc4FVwH_-MjUSz1hoIijhvKf7k0PWWHecQRbr15aOzFrKGs5OxdzQsdIqYkBXYFGfoitWbb8VD8SfiSWZb2WwCYIlOKDGkbNffbc5jV4vojBkmFY06kX2B8D_6tUDkgdngWIODGvBZB4Xi60IQ27754lsv7q0q9Np7tpHzVoIRVwYOCx4nVw9ibsvj9hAKSbhCEe3IMMzuTYscp9LWFkdXgtrVf6zbJoXIms2YJdbcFQb0DFoxaRLQFt-x96difPJ_GiDQ0Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247734&bpp=13&bdt=215&idt=308&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=4176581387821&frm=8&ife=1&pv=2&ga_vid=835221116.1661712248&ga_sid=1661712248&ga_hid=1642071236&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069063%2C31069171&oid=2&pvsid=2667368053531293&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rwt1wj7fwepg&fsb=1&dtd=323 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 53E2	0 23 B	176ms 176ms	Image image/gif	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-wLdeLcLY7ueJIaE1AbKmYOwCQAAAAA4AeAEAg&bg=!Dg2lDUnNAAYUOm8VNDo7ACkAdvg8WsBM5ncrx4RXbwBdSlj3gvc2vJskzYDIJH6bxheGGAxVsy_07wIAAABeUgAAAAFoAQeZAv7Ad4d742pYhW0_4jl2cXvtpiKmSx_uqtMrebBIdlfyhJ_M7B0Lrm4OIATLzi4E5aY3ESas3zHFhEke6bqZ1HjluK6658yx5wrSRSVb26pjKX25ky9r7aHHsIGqAyt2LMuwhRUkY2sJljBCvezLQDI8aHBQnwxSDs883Cqlk_rXDxi6RKabDjqYXn2NDkqFO2TL9qhunEGSNZt9uTg4PZveZ0zbIEcFMbY6fG8aBhl6GJdRceelvxmdB0johLMxYMbNMXHaoRKxG6rXQE1Ua9W5uFaQ5dZmgRhV1G9pzRHGZ9Mm0orx8PRJiBdIdrxQbu4Z4YyYLngkFbE4wHj0elYNLbjrJSbPV2CFtfJmAvpm75Drk0GIdTOQyfj3ZYyLoIG5KJVpOu7pRVrA4Bq_gkFxIEiLKquIXpsqOGdK54qzIuA8MDnBeY13BGhi6j1fFHSKWTWJ2CfwoBMWecYzmmQKaxb_g6Y017YCdRQAj7qwsIAE73H1HsbCFe7UVrfhi69-IeTZ9GiWXWjfQXTqVeYo0698d9nqZdbWoowRIdVi9VwLQKDXCfnPyReNPXThkzSLkegQ1r3cRsFJdxXUK5Op6qY4GDCyuyLUgBK7vLU6aTjwWxml-zHmH4bv2_svsv3Uyqlk7d3OzQued5vrsz2LcsYjo6oWOCOaiZtqigxXAx7VshDZYn1vFXJOT3RMS6K-ObMSU0EPoL8chmaGUy0abaV06YahRVXMCqNjx4tuqCSPucHlg1yRu3NrdnrKNXT3H-6J_-P5XFkEBNqu5JgBD9H1eJM0RHSzY_EG7Qc4rz6ZqFQB6hMlZVlNtiD5THL6mr88mCKlmu2uBKganKsc2-AbcZcF4t2EYmIQboJDxKqTAlfphht9V4BISr0P_-nmoso4SuACsfyiQW5SXXLhcFhOEPeiI-o2tt7HMTBRABvvxzEZRmAv9_oNKzV6P9nSBN_fpR_sH7H3DVOE4aduLj6AfshfqEF5h1DA4IX8yy7MYouSOOX7QmG9mIdO Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661712247758&bpp=12&bdt=244&idt=376&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=2283826595779&frm=8&ife=1&pv=2&ga_vid=302359985.1661712248&ga_sid=1661712248&ga_hid=1278427619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069108%2C31062931&oid=2&pvsid=3663156369134320&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ch804211xq6z&fsb=1&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 18:44:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 4EED	0 63 B	474ms 173ms	Ping image/gif	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujbcAPICAO8U-U9uqpmclV19cIlZVVpMvZoJ2wcmzBdPyq-V-WUQZpoKBl4ZKwf1AOduX-2E7ivEl7Yjad1DIHbWjYt9iotaFMHjkwygPpuCwq2F4VKOVGe3TWyfcGxwlwnj3QW0bAXBUxmmKnKqAhEWe1jXXSn4o3HhRAk-guyd6K-k9TtCQT6qTzVYXlIvslg03nRj6eN33l2zEjLfuNJr7YZjj3wzsmxLniUkPFRIYcnnk9YE_f-cntD3lzDi9kmwVA-5TUD9Tvfi05-0S5A33oQDrF230Xm42oxVmeh_TMhGv518DOGn1zB375qbkXRqNd09qaX2WgMjB27kLa_0XMweW66-lrATwYr5xno-KMn2vfVoGbsQwDss9N5szTRUQy5kWk6-WzynKgn-nMJDaBZoyrfmqf14eUjrRAFI6lvtY3ZcINaWAYuq2pNwuHnnDC57J_DUQfpzFSWKB8R5eEqEMo5owS1y7sKtH68wj7yhk1Q8pK423tRTS4_NnJ2UKO583SMeEXdlXTocQEzs11dEd_PBbUBQjpgZzg3dyWx6GPVNBe032y3NUfGfT9IyOCLXAWAyUvPqtsSAcBq1ItiY3BOvjNB-d6P1Xplm53aNubN-ZgioYImNZ3Cw_ZNPv1yHU-261cR_7M3M4IFzHHw7QYpaecMZktmGDCi_G9Cvm2F-HOYd4Jr0jsbNzcUzNlIJdsstzWFt13cs6R_39Ls7vk01MLq4kim7eIqoXFloNdHom5oeV2w9Xvnqk40dYhzr5BNFXvrR6IflNCUWhlpNkMeGj0_eOKaZ05OFHJxlBqYhhx37DaSgh5-Ny2vYUc6PRDiABlJ9LOPbtnQbwFDCcSpRpVA-mslgOz1eY7Hh4CsWbQdEpxIzgR2CV2q4hQk1wJmP_dHfh2vZUa9oABQwA6I2FJKOSw2KOainsbVb8Krj4bnDYvJMLRN8O60FvkT8fgWAQiw8JGeaNlDSmASvgnMTTceL5ZEs231Z-Tn8tpKdiJi30sMnpLUMlEOVGxQCeIqTtzWY5XsDcLq1Y6oTs62grnZLGQnU4YNGYkngPk9U3G0NLTps3f6l41mLVUBb5INqKIFsRRrhk-PNo0Jknu83ZSEwSypAq5tUs2pE6_yJW0cul2cWD8tv_YlOdn3pS3liy0SeH48tfqORm-jASycPd6CZ5_zfQx1Ow6ixtBKQ1R5IUUxe2nq3Yur9bNRGN423lYItRVfFJP49euY516AxZwVMYiQqlmS6NLudMmc8_QbAqw6maNtqvdCNiVyoGOCrKb&sai=AMfl-YSf-8H7PVnopw6Cl4fs_MLbJd2dLVk4eFTxWc22I0RPnTFQAUoa9rZQxwt0278wysP6WSCtj-XyGufNUj_HNEAKdhFhOjprqZUpPOKFrB4tQuJcdkBX66Atplyj_yt6Zhx7c2tLsIHvyK72Lq2MZVtdQg8Jdw&sig=Cg0ArKJSzL8OIY0L4ReUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=908&vt=11&dtpt=907&dett=2&cstd=0&cisv=r20220822.85328&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNdWNXexE4vcR9l5wgCbrFWAPWurtJUnLOye7PTvrS6iX1zPN04DXal5AxMPAUcQ6R-89sehCUBU54VXINrKAyJqkCBA&cry=1&dbm_d=AKAmf-CCJSe55kA1RJHsRGQ7s5a35f5b03syvhWawoHCvS-mFM_XDwC2hzYKfi6qli9W-akWn_F7taT2KXFFJIethHFroJgwMb_WpSDEVtx8F2Q_cZV_N60hlZyWjQup6P-1NEAUXbJ7YOp_iNNyGjpOQZFX6lEEPJFERWYH_-u9-0G0uItbLuO15enN4GRfncsCiqU7NqzY_vC2Pqi3AnBaT_R3zltngSUvJGI5fYHSzW-TX-bF6oQXQ4jPWsJ4m7vr0Vt07af0OgkRHlTET-pHErrhmPfbtdUGZYe3oF80i5hYQUSJ4yMUY4vrH-21806i07-1WVpp5vzAllWd64U1f2X9pr5CQeGq3S--4CWyfuDYO9A97xCWQH2Xygkzh-gllxY6h1DoQcBb1bQhRSQtSk5M-XT-TjYpHoZ7TIzZYiJm5vjRrhIIG1EzLUPnhdfv4xNHV35MrIqCvviwY9IYToWHV_reOhaQhLVJw_vgSCWc8e3dljMWvBfXFvkkFZaRAjQFGSZ0dT1xHn-9_MzfKT5dSxqmGrmsriDNKP3-brahDPjNR-LlV5q7_udilO7sXQbd0cxeuuHEoqbY7oDE8RBwuKy-Zi5AZqExytDz_-amhB5NDfbyoT8GDmmJepSzEThwuaAh2UIMQqJZ3PMFoXnICGKbgMcYjB-BgXXu9Flchv_dDkuYkhxRVwcGICn2019j00t0cizZmNNdVB6QW29KQJj0KWku1CNj9s9SPNz_1Wb1_eIURMrUGvKF_cJIS5q52bYNIJ4w7OBCXAux6WaCAv1LlesSNGieQccTXcV0kYAwmneEuOsBjc2X7uoe-VCAVzxtZ-JJ4bnINHLmmAan1Td8jp5ip5BAYHLZRP6yXqOGp_Pp8rOueupvY230t22XnUQkRnOLBUsCdCVW-64t_326M-cvbJc5-QdPU1DhkYtelnxt5ENNQfbPOCnbl4TGZISRW6_KY2hZBu1VqNW9245I8zNlUROeKhSTjEtj1npReSvle_-U05l4jRlLCTBTt03GELjLg0ZNbXOWXJVZhLCT51JlW-wEBokEiDkfAAbuIQ_gj3iYic6c0Uz0D6sqt9HzKVLVtnZhx14s1BjinQ9619C_js5en7hAzSOycD1moA6Wxmuh3_4PTopOe-S3SjxzmcA3LPKWK2O7Wr1tTMjHFBYYDCsU4vkIgnaQNQR4KJlBhssuaI8EZ63MaSt8LjbmdSy67jiaTd-Syh95YZIWUhkLUeTdONXCAu8CoCglA0e5dvKNee0LBxcweLqez7UguBpUxsb2GcuxQLhF0Rsq3tH2XUrN9-BPNhiEXpD_MtDpDDYDydJnW6ZJxZ_yJno6R6T8mwpPe0UNQ_roW1Oy2ZtkNGfiBjt0una3ExvzSSPlVvjpl0Ale_HRoVgGsAx4b_krb60ZsOCRveESLaJ1GL0V7H6zX4e9PCBSS2BM_RbTj7ulnu0NxhzWsU0sPOXzHqmJSwsWrJFea7xGOgXl_HvH8cYlsI9jxkz3pcLOm8M-23_BGQQAZ2EpMzOsvVwVCn3njXtMMxWUiqu3XAIXW8TWWS235xtRNm-6UBvwLU0yt-ch6uMvBzsLUL0uBU5VAhcQTYGMoYMxm65M_Fanq4LPtj6lnnwi2x-nELnE2IK_JvISmHNvbHtXLZqgoSrVNT-EAGxS88HEh9JowPtXChaNv8zS26J6biLWFOXEt2AovK3CysT3yJ7-EeGi6fHmrDOvzRnIYF0OCqH0oLmNhjGgPhGVp0iXgzkqvlj4zGkPLP-YoXTUT50P2msoXeEOZNAzgwXmPKkHa5Y1SZ1sdK5rLDd3xFu1YRFN1rRCxMhFT1Hq5EuSZaVeb5Xe_H862zSsPFIuL83L4jdZ-dYFcLHkqYXEPneCj1CdDyn17cF8c0pD5mdabJpLB3To3HBJCoyHRBSD-Skha4KVKd3oqtieRCEPAopwEJmuUluJna95dQsowcJlrl4fLpYdeCwq4jZrvWg2k8e0BQxoKSz3DjuK2AOuyaNNPb4mc84eV8OXvFG052rKWX4K7kFFE6TrvaxqB462PMrBZbwIp6dg2nXA4rGilVh9uBfWNq8pWfZVfbhwvogBiAoHw53I2SMXf98ThmT4BRtr5HcJIA9g753Zc6TQw1iO1aGqrT1f-4hXfJnZTP63VBWHwm0xPM-y_RCsAbihNCfcu1RUdvtOZcLm3HJmazImlwk0AI-B4LwDi96K-NgkLJgVMdNn7bH8GJe8Jh1DsidEjxmDJGoJrFpl7hy5u7xVWnxuEgMCAASeg8ibc_zAfqmwB460VzXI30G70pv4AoEsdWFDYEH-zBXqpbslvyQ2f6D_t8ff_rHiletPbEyT4knzM-hSXCt4DtvEKmYVYGRD-aAwA2cpMCXhtfV3pBTAohpAvadIjFaXhgsG4rzTpOw98uPxJflnyY7844bAHajSPa269TYKf7tsk4pxenA9Bv-fWD8NG3KS0Wudbd7e5IOsGzR5BYWwqtODavhgPUcxmNCff5MRPtzaR-qXBxT6wy7maIh7JIknOfAd599FVHQukEcYdsAoU52-pxoDp2lvCKbTe27gdbqKwmJ7elY4DRB2WH7taJa12f8EHeAWy_ymIEM6NcLbEhAQ3qVGopvRm_qbEYjP9HKBCxKlBmHZCqu-pu5ItH-uOQzH8yhbhT3mzMorLPNZ1-Nofu7MpIJEBXEwzHEWthE6zPKsqGUMWcK3d3TlFOs4bK9DuORYE75aH4zB4wq4IJQ4yruhYqStWGzcxIFR9vv6bq32PsiM2f6TL4lKfgBVPoW3sPo8hma62HXmvDXWL6Zm3p7BRnSnuKTZViysjUswAOWGjI9bK7KrCgDTd93r4av0X8r5NSEKzG1PNY5h_WKPnp3WjuMgi36MuS5l8EPAwKmDfXodjWsGrpA8CnaFggm-7LGBbTTTgypYv6BEHOH6BiVqL5TJl_5OZBX8IxZug4mU39o4Awk7RWKObCz0pnVQgSjF9SdRaqsJEs61td9RveRfrzEQ9Dnni2W0Qjdf4rErH6Tq9k9YKvqcHt6Ghdn1sQU-Iid_QNDkPHIm9vCv3E-OUOn6zlOGjZUDZCZHoEab7Uv6cDpaHJaoPhI5obeSYe_Usm0i8kljhlgS-HVEhtksL_zvW2oxTuGd_jSQtbPpwjL1uvksmKqJHr0&cid=CAASEuRoC4C-0ZzhoqCuVTxNmzvN0A&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:09 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 17AD	0 26 B	462ms 175ms	Ping image/gif	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVgrOp0YKfPhmSLVTAaiwQeiOOTefPotrANP5_cClpnxbHuHar-Q4wkjXAd2j_oVLaDAQYoqgtYbXTIhVc8jEuyUPMv8-lbYbIiryYiwyY3Y0pjnim1sRRt-uxEhRGSN2_VbOVrEdQeFSNm98IkjmJ1y5fPZyLMJD-OrIT_ZcLTQVJgqqza-5vuQnqYrtTA8Npuw2ByMqbUgyx_JxbGVROQpABO9kAzHs2a0GBBL4vF8FB8WLv2vaQ8Ahq5sUc04ijlthKiXtr7QYFK0yI-ktEWml24e3Msg0alLf24xRefeXhK8f7h0pDnYa8uTL9yUeQwY6TFyVRMfdJkqDAmlPplD298Ws8GB857lrz2EMI_DF7rpIR7NhGExAj6tO0kEFmweUBxhfe2Kjj4k_DcHIz5cmhm3gzceMvzDxUvyZAlktcsLWBtoM66hK4Rf_3tSs0pz3zmXzmgEWjcgE6kffYyCJv8YVv58sI3AcYZqpHGIE8kuwB8xKM-grXZlqS8nGYtLpi0rx7Vv-ydk1kNdoV00WdQTfcusXhD698qzC58i90AdIofC5BAFLcX1oi5k7Yo0USTiwwdkGlrhIlPrtv-FDsHxaI1BkHNYwd3Y2rqManMXn4iESE9Riv8i_UsoZGnWxktc4mDat8J5YqS9Nwikoh18mrgTNsBDMzto2Etz1BWV9mLdcbGG0NkvznG7r7Ze6lbGYcRoGuw23MoO6FbCitsiCpRap1pshTB8dvclMihgP016z56Sf48woOLw39NMLssL2GmMEBQJdZiFagduFJ2V8prJCh71DY5bG-9Ax0iPp5B6AaDcwq0EJlTM2lX-52A3JyfZmF0zYons61gjDSY1IB-Ez0IE8pQhPFnFCuKG_9Kg7RGUKs6gseHSIQGIcMRxXemOVlY58xmy2tB_fIscvV3O0NUaK0pTujFaaKRa4R_ua4ZLhrcRVXI2Cq8k16G5BT8QoVJjeHchbDFSYSsMPzbgCFtme0gCeVHJmqdzbQlcAOv0jzZjulj6MeJF94CI4sLXLRSQ4Qj0SHoM6VdzdxyV1nT__8BwwQj7Rg4u6pfl13QJzTuAZg0FsLA7XGrQVT0g2dt4Eyi3d7-Tw-7xbQBlImwC1HObbdzIxhJO_Ait-tcKqOaW4WHkiTHM_5v_o2rIuS9QcLUDUUgTX2EyZfDGALXV57nCSCsrBE8PiU36pjXDccCbG8febnHZ_7L6Zl6vmu-Hx4TnG3_jNnrB4rE7Tlu_lfkp8k9L7ziszYYcMr7AMn0QCqv8pAxTMwiNudEho&sai=AMfl-YTGmoSw8bhD1j8DJLab_vCMRbE7c19j5kuQI0_6YLXQGZqgvIrQBJnrkGsyL5dzQfzaEhKLvZuXYGZkeXH59zBmytpJ5R8PTZBvcunYNWUnomE40ahxQD4ONfm_g_F79POI84z_C1zibeanDV1zcZSmwfiv2A&sig=Cg0ArKJSzOjI7ozvnALEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=874&vt=11&dtpt=873&dett=2&cstd=0&cisv=r20220822.97844&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-L4dZ9OiuXu11RyaVUA6wEGwRoRh5zpJaVA5HQY7j5Jxm2jhKtNVqvXKVfKEi54ySdkgpgtWjLS4ZROexuHFKn2NpWg&cry=1&dbm_d=AKAmf-CAkuygV2oaVqsIbItXN7XcBnQ18C_tr5iSQReHlEasG3txOs2O-VN7QFeEJccTbIx6KQAEBxMlzF8koA6ALYHQ8cgh1WSYZumFVDytF1wykg-SOkJmtUxgUWuN7xsR4ywP41vbPCcvoSs8XiPRWv7vvdpLD0PsGdzGtjtO9toeytXQyjzmT1ikv85mr0N7iTTkQu-E2s_ZdG59iks7_sCvyL82AlgJZn78nuL8AoGwOsMjbc4ChRdHFnqBSI59h9AIVoZwjO3r1-xkUPcJDi4E1rMWN9GzESjplQknZQsbsUMLTox77ppsHNQzQYR175GDs4nnj71JSmfxfrIPxJ81JoM10Pr9gL5VMnz9-7gJSC71NXUrkSdqDOFyPy5LlZ5GVtWns7lRUWwGSfGLfBQeXY0fxECJjxImdR3i1tAUfMElrHLlVPhuWfwsA4msF7dTlmh-dH0cfDxLEwOhLVrGm35bIc8aXFrGk1F0-I2u89cCOaThp72JqcXtP18omM1X91bJX2OXtlCQ9yi-oHOu8U0dtEDrIGfCfAM1kyRoPyp4PjQrAyJtry9xBYc-mXA7wwEMuTSNLfCD4vmMIK9C_SjbeloLkk6wD_HO5HaKyIgpdEGWCEH1jnK33l-ZvF4p-9banQ94B8vYFBUE-GCUzDPMwpK-1OMcMIBL5bXTc7cg3G9Kfw3lHLH8uGIb9ASkJ707ZrVgxNS-JVmKB7sbssXljU9KVOZpjsEBYiJvQGiJMxca-aHTFJoZ2qfOIFdAW440XFOxSOE2FFI1xwnT0sinfJgrtoC4rtMDz5HrHcSclCArN52XXZHQuqe-V5y0bjxRAd4sJlEzL8wrGfDAGGR-ryf3fRDHNNEDmjcl0GC22rZGRiVvvqXA91Oj0AbS35K324m6QrfQhZYQ021rkmt8LbQlMJ0mCbtfVYiIAFHzh-dNH31kln3hBit9STbU1-aGoD-lgV7QYr8ZR-s31Dp91-pGnYua33WnJnvPtP6F5URrBXBuJHhlOuwpIE7jn4mb3bi7o9K5Klyx83BQGjU2Xan7wvbHBJGELPn9cVLn_PP3sUTnTkUq9k_CMNWzeUckRDowspNLp-7WYlpR7qUPgvsKClFKwA1VEKyuE30Y4p1gF4xdqxE7iGL7QferUjueRjUFe2QKhUxuiXgDs-eLckONPaiOFHOyZS7d59iA4Zlq9b6IlXJVT55XqPeF7p5IZRLa35WqEbz7cU9krszvcz5t36IhPV1bmybeZd0CtZNcgGr6qoJC87ob0ZbSGdOD3I8hb5Zv5U6mcCyFb5fuhvm6XsHJGW987fL9EAg9KrpWCQ_Wkt3eMiOgsEpz8YyLNeHa6o85JFpnDdTlroZlxorIfQumUqQGLfXYxgiYnwVHjnINE3cGTaZcudQ9_wzWDUXwU7SXjlGQgqu8Moo1DSqCZ2qK-SFHn-P5W96320wh6LO84ppfDDpXWYdRyCNPDKefbxC66tdFpYKEwMeOuqm11evqOq3EM1L16XuBQInuYZAq73o8XxIZTvBsnwwp8laeiRKhC3grgJ8-W2goKRpb3R81KNU_nu4BisUeJDEflXZJFNkFZ_TOmsyD595PZ_GQkDPb4eI9rjaXtwffy6c8Q2an8xpBfrHPNBplZfCRuMsKWmiyRIVpHy50l_r_gaXENrFEVga6ev-yX0QeXBb7sxYr27ZNoCxJ_z5ZhfGNJstXwkcs4cQVk6KGsyfh7_V_8_lf_YeHLHHkpfg-lRr-x2z7sh53_GUT5Mz8oPvpXvSelZKEiY3x8fH5zZJ-Vw2CgwoD5i6dapHvjRFGgSBx4OsdumAW0SAB1APSd6Txc8_o6CFdlmfj7UH7nrvPBQN28RALV27dnO0LMF4K9v39gsyn6BSnvATCIsUxHIjBxrtt6h36sQZ4-12xVsz9nbQx3cVBtAcokjY8mQNkWiaC_eO0ouor5FECmNXjvKSNawywZKzQSssq1ibTWZ52IdFott67vqOga1qrMfcbGQe3GY6NQoWq-8Ki7W4LKjPGFOp3il5oO2yGCou-evTd3wy_KjUMycl4sK5Ofx5BsgrIkgsB74M6qdZ49YfivvQfSBVoloORn1iXGRy-ke9YnMiDRJCM_8UQZVIL2CkgG1grmq8VA9jnYJjZQfldq4PICL08M6NEcEkGFdhb88Dqtr2rMG1azhYcCHLn9cKpkP0UVza9zjD0Ww9_wcGRtRrsqdZdYc606_RTzeUw9jE1X0d57dCTo9pdthqwTfaZbwNXYBz_7WejC1KTyH3MtWnO6bna2lDgEEsD1kyRB4yB2upkHzgCpcKLdjTV1ZclB9ZuLnLpayU1TZ1YSYpPhAjMSsX5fPYTJ3WUuu1Q6Fhwhpkk9yKz4rDZgx5yisaAA_bnD7vcNISTk9yBGloxB-WFF4lpQH2Jx-4tHt7vQwNB-wTyUWpyZTAUYVDYGtsdpGufMhp8G2vcu0ZeE0wQM20I_mVRcIySpR1IPvODdmhETdxuSZDB7B3Y0r3WCJ3ThjNOigOJX8mphGHAowtdRaOsQDHYhqJn_x-L2ZaWjtfz5z9YSr7-_HNtw1AfBR0xHP9wxiKPFbb5YTlsXfuFF1uAphVW8Mxpz51t2r9B2ttfE6gECKKQJt1VklKuvLFICxA90Oil7vrhK8ahccBvyKGvB86fsuIgSmW40y_1cEjX9qQhPm4hGmX9DEyBd4SzLZCUVFoh9Fx4RikN1-4dF84buBeMysDCx3Up_6wl3PK1eiX2iv7hYx8kApZNMihaaDmnCCTi6_gThEM7dqA3vqPoGIQiwBeoMynblPytYq3x0J_kn8Rl2WNEx17Bnz4e4wkwk5YzDGkexl_k1ONtGS4nOVC8ryEM9f4H-QG4wnkOz1WefCGYT8dZgLYONmW4_PmlfSsjwQrR_EMtyz5a57VGRyss6ORRb_rjTIlHghAbELLNgIWu1gi_eMVWXzQZpWsuXHdJaAYvlQM1z3Up6iLHkaWqlt4Kyy1cRzmMEN9sI2SQJ0UgxWwR8CL7zwYiv5olI7xuSpjLNAt-SOR-9xUFvIaHKten5jyTUDVry6De69jlw77edox8-5cVaWwZnWFlRD4wCp_n5yDVMKRn7RRiWumTNurG5COYGYWLXBUa58zMU1IEVWnS3Xj4y4qMdEC-D2D7f7BWg5jnmU_JcIA&cid=CAASEuRoOU1ZtqLmle-0iyt6y1cH6Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:09 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 0F07	0 0	176ms 176ms	Image text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082302&jk=816637484102105&bg=!1tWl1ZHNAAYUOm8VNDo7ACkAdvg8WqzbaRTAnTwuFQFHP1C00kNkuo81865IBNrst42fy0sqyUMD-QIAAACJUgAAAAJoAQcKAKTzJ93Ys6eaTZjoOeFf-1WEdWywIrDljYij_YOVjKvpryl88aD8orzlxn9lrD9JLY9PfBGRfNq7Uki-neG7pVBqU-7DNOthoouPdmo94aYbvsg52-Yx_sYiAFV78mnIYY12I5ZkRr_fCBs9sGjHTF2BtVWA0Z8L-x-cXw0Q3naVKX54U60ZZNpOgW_XNN04Z7IXdNRCmQU47HfhaTiupX728UggtpkCsoVs-BM9OiXbSFFvb6SLChzRbT80vU0F2VeP7a0NdTlHbcoEgVlaACXVRctjLBZojYnPciRiRfazvznyf7LVUpFK1FGENRuvPis6YUvi9biWd4Ce-z4mIL_z2Y_ZqbGMo8Y2ghMIRH3-eqmJN-XgH-lthcB4pbwCg7rwZFloEIMcZPr7rJgATlPz-1EwI4o6Wal7z64pbmsNmgXSQE03o2MToBjZPdctP2wL3-t9OAuZZBxTOIAc3aRf-rFv5J5lqcuAbs_vD5e_5wFqDWnaPG_DIAZ8yLzpyyRp-VvefeSozKuueIlMxFLtTyrLwO4uloagKqMFcd0XNtpzoUTGc980y1Shi7wNyEn7ULyeTbu51TBGC4pR4up3krXF_ipwjT991ZJijr_aci7YICQsHhzeTFqmBp-NvNOwwinvfV_-QzWQAdXCxCR7plc-jBhqDGYbTtnTGdrXTjDBlCBgvYqJwgGATP6YMDdPNZ6bhQnlhCh8R7GFTzXrrKexuzUuxTvnIpbZLjE89jvFRpaDyFmjSHq7COrfnI8V9uGRN7aVhfU5eFXEPPEKV411QtCaMnFPBejGiUPAnmQ_KxMDc8rpAs5eJgGGW66RRoFeAlQziOKaY7jpiLFVO1Dw37GvkG29SkHUmJNITwOqXgAUQ8IuXwoXLYNX6JLvYm0c_NCGiJl8MAPGUhbKyLTZI5Fy_dN_udjckK9pU7wqvP7RAhvIuzC_AVdUz3PpFyPIPBrW7PaH7e2n5nNZWWCngMRK9IHgppDw4SfMLm5glV3bRjNAzAzIjqDSG7ZRdwNNzfj2_7-HcCvQ6GIDw7EHfK6wZ_pwp3NXX4lzLtXpqOJx9ADiRa5HCMksUDKiyf-FMMi5fQFBBFfwkFuxXnT9SPXVXAQIVw4Tt0iiFkQB8Q5KNE4wdQ Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 9C78	0 0	177ms 177ms	Image text/html	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=1861024363498360&bg=!39yl3JjNAAYUOm8VNDo7ACkAdvg8WgOPzSnqEg3pGHkZXaDJEOuz3y-XY6Ilr97J4RAlWnqiaFuL2wIAAACAUgAAAAJoAQcKAAQ_Hku7mQK8RZ6BQGS1lH-MpFU0t0nlhuXjGqE8Kl9Yt3eNebTosLwsRzAwk9QxjpG35jd3u665QZtK2OdfypS3viiC1_PWVTBQV5-qT5OGeD9czBPpbHAuhzBKEB-czgSOTZB8TK5gEsqFGxsrGXhMMzeAOdXXHmZrPw43bCHY32WlIoIgxxadYBY3kXKpvcGCWu-to-uRYbXpXZitvOsDeGGikKdUuAATBXt2vWFUgKhgbH5o4yp_PiOG9lzaP0kh0wZZOtxwwNt4_D5CgfXsm04bkhC9I-Xm77ZHgEeXJO8R05rkdqN336XS2hZ6ZTvxG_xo_XCLfYaeG7inW_FjL7rsiFBkUc7XhBRZHgehVH8_RJ7ZUlMwNcY1AU7esGdLdB6sb7MyYkG3CFzfMt53L-D3O8MuzVrOuRGsVZb8ZsBLrmlkgR7tdP5fbyM0X7wU19Ui-8_Ur91tewkklyV_s1HW-MvLxEst_i1CnG5vZUC60TXFHl_P01dvMNhYec4vhYXljVUhgN3iVg0RzpHrLPXEd0VDBzUCcSyssnAxs7cmDRqbH6hw-NH4NLPET3sHMWkGOJqxY2yRl0r9OSvoOfmG1tLiX2EP841jRUIWqO1TzhqgBSnnC9rdLi38AVreUOT9eNUxb-Wtt9Wjz5PuInKbHjDbYxyG7Su9gdD1c3lvy6VTJAGp0LQsQR1XbBdTDmTEWQ8Sb376fLoXPOA43XVocak8v9FGNZP4DVj3Jl2Mi__DIKLxLa5Re4NTwAt-smEPyxTDh8GZvkym56ipmPUdIXBIBipV1naI24rGQIoK9eTESrwxgkijZOcEdGSTONE7i1YELeI-yHUW0Dalonk9kPx_g2FlYCozbh-VRDF1Xi2B86Uxzks6-RZlJ7nF-xxRTH0e3WjNY6aCuN6YpvQp2DErgElCLuZGhu5CWJjq9w Requested by Host: www.bg3.co URL: https://www.bg3.co/a/zheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET		visit.js tps.doubleverify.com/ Frame 2F6A	0 0
GET		visit.js tps.doubleverify.com/ Frame 03EA	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	202 KB 72 KB	472ms 170ms	Script application/javascript	142.251.12.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1 Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/42753/linkPreview.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f97.1e100.net Software Google Tag Manager / Resource Hash c3c06600255ccfcc7fa9259a49be1c7e501aa3bd66ab8002b08e017e04188460 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:10 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 73125 x-xss-protection 0 expires Sun, 28 Aug 2022 18:44:10 GMT
POST H2	204	log aplogger.adpushup.com/	0 53 B	219ms 219ms	Ping text/plain	104.211.156.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aplogger.adpushup.com/log?event=glimpse_pageVisited&data=eyJzZXNzaW9uSWQiOiI1ODgyMDZfMTY2MTcxMjI0ODY1NSIsInVzZXJJZCI6Ijg3MDIwOV8xNjYxNzEyMjQ4NjU1Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMTc1Njk1XzE2NjE3MTIyNDg2NTUiLCJwYWdlUGF0aCI6IiUyRmElMkZ6aGVuZy1tZWktY2FuLXh1YW4tcmVuLWJhaS1wYWktamlhby14dWUtemFvLXBpLW1haS1yb3UtbGlhbmctcmVuLXh1ZS1saS1wdS1ndWFuZy1zaHVpLXd1LWh1YS1udS14aW5nLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGemhlbmctbWVpLWNhbi14dWFuLXJlbi1iYWktcGFpLWppYW8teHVlLXphby1waS1tYWktcm91LWxpYW5nLXJlbi14dWUtbGktcHUtZ3Vhbmctc2h1aS13dS1odWEtbnUteGluZy5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2MTcxMjI1MDA1NX0= Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/42753/linkPreview.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Aug 2022 18:44:10 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	css2 fonts.googleapis.com/	3 KB 1011 B	519ms 176ms	Stylesheet text/css	142.251.10.95
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.95 -, , ASN (), Reverse DNS Software ESF / Resource Hash 3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 28 Aug 2022 18:44:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 28 Aug 2022 18:44:10 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 28 Aug 2022 18:44:10 GMT
GET H3	200	integrator.js Show response adservice.google.com.au/adsid/	107 B 122 B	175ms 174ms	Script application/javascript	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	171ms 171ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.bg3.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 28 Aug 2022 18:44:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET		ads securepubads.g.doubleclick.net/gampad/	0 0
GET H2	200	container.html Show response ca296501534fd635b53bdb698029e686.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F3B7	6 KB 3 KB	179ms 175ms	Document text/html	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ca296501534fd635b53bdb698029e686.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bg3.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 18:44:10 GMT expires Mon, 28 Aug 2023 18:44:10 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		publishertag.prebid.117.js static.criteo.net/js/ld/	0 0
POST		collect www.google-analytics.com/g/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

hb-api.omnitagjs.com

URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F

Domain

b1sync.zemanta.com

URL

https://b1sync.zemanta.com/usersync/googleadx/?google_error=5

Domain

an.yandex.ru

URL

https://an.yandex.ru/resource/spacer.gif

Domain

tps.doubleverify.com

URL

https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=592&ttfrms=27&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau25I%5D9%40%3D%3E6D%3E%3A%3F5%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau25I%5D9%40%3D%3E6D%3E%3A%3F5%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau&srcurlD=2&aUrlD=0&ssl=https:&dfs=566&ddur=533&uid=1661712249775787&jsCallback=dvCallback_1661712249775565&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=2986&tgjsver=2986&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14006-1%26adk%3D3314916115%26adf%3D3653020617%26pi%3Dt.ma~as.3006%252F14006-1%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1661712247734%26bpp%3D13%26bdt%3D215%26idt%3D308%26shv%3Dr20220822%26mjsv%3Dm202208240101%26ptt%3D5%26saldr%3Dsa%26correlator%3D4176581387821%26frm%3D8%26ife%3D1%26pv%3D2%26ga_vid%3D835221116.1661712248%26ga_sid%3D1661712248%26ga_hid%3D1642071236%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D336%26ish%3D280%26ifk%3D3719853736%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759842%252C31069063%252C31069171%26oid%3D2%26pvsid%3D2667368053531293%26uas%3D0%26nvt%3D1%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.rwt1wj7fwepg%26fsb%3D1%26dtd%3D323&fcifrms=5&brh=2&sdf=2&dvp_epl=309&noc=4&nav_pltfrm=Win32&ctx=26261893&cmp=28204324&sid=8207291&plc=342690157&crt=175564220&btreg=534647659&btadsrv=doubleclick&adsrv=1&advid=12197087&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=17737512988.660946&dvp_tukv=2454570801.1867685&dvp_uuid=458540736530.03564&dvp_strhd=0.3999977111816406&dvpx_strhd=0.3999977111816406&dvp_tuid=720485506496

Domain

tps.doubleverify.com

URL

https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=695&ttfrms=9&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau25I%5D9%40%3D%3E6D%3E%3A%3F5%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau25I%5D9%40%3D%3E6D%3E%3A%3F5%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau&srcurlD=2&aUrlD=0&ssl=https:&dfs=563&ddur=517&uid=1661712249933237&jsCallback=dvCallback_1661712249933781&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=2986&tgjsver=2986&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14006-1%26adk%3D3314916115%26adf%3D3653020616%26pi%3Dt.ma~as.3006%252F14006-1%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1661712247758%26bpp%3D12%26bdt%3D244%26idt%3D376%26shv%3Dr20220822%26mjsv%3Dm202208220101%26ptt%3D5%26saldr%3Dsa%26correlator%3D2283826595779%26frm%3D8%26ife%3D1%26pv%3D2%26ga_vid%3D302359985.1661712248%26ga_sid%3D1661712248%26ga_hid%3D1278427619%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D336%26ish%3D280%26ifk%3D3719853736%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759875%252C44759926%252C44759837%252C31069108%252C31062931%26oid%3D2%26pvsid%3D3663156369134320%26uas%3D0%26nvt%3D1%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.ch804211xq6z%26fsb%3D1%26dtd%3D391&fcifrms=5&brh=2&sdf=2&dvp_epl=309&noc=4&nav_pltfrm=Win32&ctx=26261893&cmp=28204324&sid=8207291&plc=342690157&crt=175564220&btreg=534647659&btadsrv=doubleclick&adsrv=1&advid=12197087&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=497571279819.65326&dvp_tukv=80467376151.51833&dvp_uuid=2680810676.638241&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=56895876301

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3694554979180267&correlator=914580409854680&eid=31068458%2C31068919&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D82811b1bbc202fb%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D835d4f57cc063ca%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D84ed0cd262b1e05%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue%26link_preview%3DnoPreviewPage%26link_preview_custom%3DnoPreviewPage-DESKTOP-NEW&sc=1&cookie=ID%3Dec40249b41a3bdef-226e88d50ad60079%3AT%3D1661712247%3ART%3D1661712247%3AS%3DALNI_MZyR3IvN8nMGo9MwhnWJXyOPc8hEg&gpic=UID%3D0000092e6c00447f%3AT%3D1661712247%3ART%3D1661712247%3AS%3DALNI_MYLnVeu0Y7N_5PP8kT6LUyEW8R7ww&arp=1&abxe=1&dt=1661712250385&lmt=1661712250&dlt=1661712243439&idt=4173&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=970054856.1661712250&ga_sid=1661712250&ga_hid=873&ga_fc=false&ga_cid=amp-JiCQ5zinqqxk-NJ_PmvHyQ

Domain

static.criteo.net

URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8o0&_p=873&cid=970054856.1661712250&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661712250&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzheng-mei-can-xuan-ren-bai-pai-jiao-xue-zao-pi-mai-rou-liang-ren-xue-li-pu-guang-shui-wu-hua-nu-xing.html&dt=%E6%AD%A3%E5%A6%B9%E5%8F%83%E9%81%B8%E4%BA%BA%E3%80%8C%E6%93%BA%E6%8B%8D%E6%95%99%E5%AD%B8%E3%80%8D%E9%81%AD%E6%89%B9%E8%B3%A3%E8%82%89%EF%BC%81%E9%A9%9A%E4%BA%BA%E5%AD%B8%E6%AD%B7%E6%9B%9D%E5%85%89%EF%BC%9A%E8%AA%B0%E7%89%A9%E5%8C%96%E5%A5%B3%E6%80%A7%EF%BC%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview_to_pub_ga_failed_unique&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753