urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Submission: On August 23 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 7 countries across 45 domains to perform 254 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
10 172.253.118.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
27 172.67.72.16 13335 (CLOUDFLAR...)
3 64.120.88.131 133752 (LEASEWEB-...)
42 74.125.68.156 15169 (GOOGLE)
8 74.125.24.157 15169 (GOOGLE)
1 74.125.200.94 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
2 26 142.251.10.157 15169 (GOOGLE)
2 142.251.12.100 15169 (GOOGLE)
2 172.217.194.155 15169 (GOOGLE)
3 142.251.12.154 15169 (GOOGLE)
2 52.84.251.123 16509 (AMAZON-02)
6 13.76.45.37 8075 (MICROSOFT...)
7 142.251.10.132 15169 (GOOGLE)
3 103.229.10.247 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 54.251.169.230 16509 (AMAZON-02)
1 6 34.98.64.218 15169 (GOOGLE)
2 6 104.18.19.126 13335 (CLOUDFLAR...)
1 52.212.135.106 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
1 34.107.148.139 15169 (GOOGLE)
1 51.79.234.100 16276 (OVH)
3 52.193.82.11 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 3 104.254.151.69 29990 (ASN-APPNEX)
1 23.195.153.54 16625 (AKAMAI-AS)
1 145.40.89.200 54825 (PACKET)
1 13.227.254.11 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
26 142.250.4.132 15169 (GOOGLE)
8 142.251.12.99 15169 (GOOGLE)
2 74.125.200.154 15169 (GOOGLE)
5 18 142.251.12.157 15169 (GOOGLE)
8 74.125.24.148 ()
1 2 23.54.57.83 ()
1 1 151.101.66.49 ()
1 1 13.107.42.14 ()
2 2 13.227.254.74 ()
1 1 174.137.133.49 ()
2 2 13.227.254.51 ()
1 159.203.145.121 ()
1 1 150.95.47.241 ()
1 1 18.180.74.207 ()
2 172.217.194.156 ()
254 45
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
10    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
cdn.ampproject.org
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
27    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
42    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
pagead2.googlesyndication.com
8    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
d-9087918963970341420.ampproject.net
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
26    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
adservice.google.com.au
2    142.251.12.100 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f100.1e100.net
www.google-analytics.com
2    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
partner.googleadservices.com
3    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
adservice.google.com.au
2    52.84.251.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-123.sin5.r.cloudfront.net
adx.holmesmind.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
7    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
12338e95ced18b26e2c1210b28d0b624.safeframe.googlesyndication.com
fb8de054611129e4a4dff52e768ae783.safeframe.googlesyndication.com
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
1de16669a104844fc3a45d744c72bb10.safeframe.googlesyndication.com
3    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    54.251.169.230 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-169-230.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
6    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
1    52.212.135.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
3    52.193.82.11 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    13.227.254.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-11.sin52.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
26    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
8    142.251.12.99 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f99.1e100.net
www.google.com
2    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
www.googletagservices.com
18    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
cm.g.doubleclick.net
8    74.125.24.148 (None, )

ASN- ()
s0.2mdn.net
2    23.54.57.83 (None, )

ASN- ()
sync.teads.tv
1    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
2    13.227.254.74 (None, )

ASN- ()
cr-p1.ladsp.com
1    174.137.133.49 (None, )

ASN- ()
dsp.adkernel.com
2    13.227.254.51 (None, )

ASN- ()
s.ad.smaato.net
1    159.203.145.121 (None, )

ASN- ()
cs.chocolateplatform.com
1    150.95.47.241 (None, )

ASN- ()
sync.dsp.reemo-ad.jp
1    18.180.74.207 (None, )

ASN- ()
ds.uncn.jp
2    172.217.194.156 (None, )

ASN- ()
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
75 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
12338e95ced18b26e2c1210b28d0b624.safeframe.googlesyndication.com
fb8de054611129e4a4dff52e768ae783.safeframe.googlesyndication.com
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
1de16669a104844fc3a45d744c72bb10.safeframe.googlesyndication.com
681 KB
42 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net
883 KB
28 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
217 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
6 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
e3.adpushup.com — Cisco Umbrella Rank: 17352
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
231 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
217 KB
8 2mdn.net
s0.2mdn.net
100 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
2 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
5 KB
6 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
us-u.openx.net — Cisco Umbrella Rank: 399
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
sync.teads.tv
767 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
12 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
cms.quantserve.com
10 KB
2 smaato.net
s.ad.smaato.net
1 KB
2 ladsp.com
cr-p1.ladsp.com
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
87 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 369022
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
1009 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
10 KB
1 uncn.jp
ds.uncn.jp
555 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp
394 B
1 chocolateplatform.com
cs.chocolateplatform.com
68 B
1 adkernel.com
dsp.adkernel.com
582 B
1 linkedin.com
px.ads.linkedin.com
737 B
1 everesttech.net
sync-tm.everesttech.net
571 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
634 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
838 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
407 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
918 B
1 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
212 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
635 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
504 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 ampproject.net
d-9087918963970341420.ampproject.net
0 criteo.net Failed
static.criteo.net Failed
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 dyntrk.com Failed
c.eu1.dyntrk.com Failed
0 adxpremium.services Failed
rtb.adxpremium.services Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
254 45
Domain Requested by
42 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
27 static.bg3.co www.bg3.co
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
tpc.googlesyndication.com
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
www.bg3.co
18 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
adx.holmesmind.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
8 s0.2mdn.net www.bg3.co
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
s0.2mdn.net
8 www.google.com 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
tpc.googlesyndication.com
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
8 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
www.bg3.co
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
6 e3.adpushup.com www.bg3.co
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ib.adnxs.com 1 redirects cdn.adpushup.com
googleads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 googleads4.g.doubleclick.net www.bg3.co
2 s.ad.smaato.net 2 redirects
2 cr-p1.ladsp.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 us-u.openx.net 1 redirects googleads.g.doubleclick.net
2 www.googletagservices.com 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
2 aplogger.adpushup.com cdn.adpushup.com
2 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 htlb.casalemedia.com cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 1de16669a104844fc3a45d744c72bb10.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ds.uncn.jp 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 cms.quantserve.com 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
1 cs.chocolateplatform.com 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
1 dsp.adkernel.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 prebid.a-mo.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 onetag-sys.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 fb8de054611129e4a4dff52e768ae783.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 12338e95ced18b26e2c1210b28d0b624.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-9087918963970341420.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 static.criteo.net Failed cdn.adpushup.com
0 sync-dsp.ad-m.asia Failed 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
0 c.eu1.dyntrk.com Failed 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
0 rtb.adxpremium.services Failed cdn.adpushup.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
254 65

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.a-mo.net
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cs.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2022-06-28 -
2022-09-26		 3 months crt.sh

This page contains 35 frames:

Primary Page: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Frame ID: 6A0612F8A70BE67E0E8809A311955E30
Requests: 101 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1ADB0D29BE5CF3E1403F0F6FD02F0A3A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: DDD5EF0F9D32A02B0063F14686517601
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 3B2ABC9A67016D792EE1B8D95598612A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 0BE0CAB6BBCACD64ADEE3DFE9CA7E6E4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35145776884032344715&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3417&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=4799006532&ga_cid=amp-0QPszocIMwd47-UbL9n9Zw&ga_hid=6532&dt=1661291902527&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&bdt=2241&dtd=426&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 30532C5802370666FA54BB1A921A4353
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Frame ID: 01DA9E83007D9BE16AE9E7BC9A8FEDBD
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Frame ID: F6A975B3182EE72753187F82B127408A
Requests: 9 HTTP requests in this frame

Frame: https://12338e95ced18b26e2c1210b28d0b624.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 10AEF796406D05EB88AB2DC35FC8FD76
Requests: 1 HTTP requests in this frame

Frame: https://fb8de054611129e4a4dff52e768ae783.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 48243BE9635F118F49C9929BDC1C4210
Requests: 1 HTTP requests in this frame

Frame: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: E40B7ABF498FEA4B0E70238AA5636EB2
Requests: 1 HTTP requests in this frame

Frame: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: CEA3523C7B0AB7DA526A31C03959E245
Requests: 1 HTTP requests in this frame

Frame: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 4263935003A94CA8339A573E5B99125D
Requests: 13 HTTP requests in this frame

Frame: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: B3030CA67B6EC86C04416323EE3780B7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUrl3EKGB2M6KgDhKlnXs1vYU8t9ljSygZPlQ1Pd615aBlFLdg6ilXI_WLEze_EDfUbh13MrC6HYpmAEUAgHTn4kKlXjg
Frame ID: B53082F894A7EF4210D2A27543227A69
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78F78D3F8129E7C448C7341D2362A391
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5E0B7E63C26AC6A8BF33FDE66E840E5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D788508AA54DA5FD4588DD85D7BAACF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7990489F9681A77F112B9D85CADE048F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUPFKsUYcM9yZmyYSsRsr6E7VyFB5YaXWQphA1f5TQeGir9lN8d5aFsF6-wLRCAZaiuKIlTN5rN8oKSQj3uVZGuKJN5-A
Frame ID: A88182ED93B5E60D2694A2BCDEFD0490
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2767CAF9FBCD4DC461CED5C577D82915
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86227459ABED157D8C159842D6A5B79C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 526CBEE70AD624B21B94E6B39A781D5D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C43564B36338D3F2F47FA2FF82EDF874
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5DD34BD7D64475ECA062EE0404499A53
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE5754EE5C88348FED3060A4E6238456
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01AFC3C5271E451209FAF34F1335FF52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7DD9E9AB1CA0FAD3F66B583B7F313D7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 487F094859A080F83E5A385ECA7CCD51
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 640F526B4FCFF0FE5C701E04D9467E46
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E5071C598F18ED04222117D42F4CCCE3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1CFA4352F1DAAECC23099B13F0775392
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
Frame ID: E64E36F61627D37F7FCDF32C98004DFD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
Frame ID: E3C8D83DFF3DED77261DA10A974F2D7B
Requests: 3 HTTP requests in this frame

Frame: https://1de16669a104844fc3a45d744c72bb10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3DE26142467A5B68970A7FDEE60EC608
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

會心亮了 天龍八部全服第一天龍拉風哥屬性曝光 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

254
Requests

90 %
HTTPS

0 %
IPv6

45
Domains

65
Subdomains

45
IPs

7
Countries

2651 kB
Transfer

7477 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 69
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661291902902&bpp=12&bdt=1547&idt=515&shv=r20220818&mjsv=m202208170101&ptt=5&saldr=sa&correlator=602708225872&frm=23&ife=1&pv=2&ga_vid=1211862000.1661291903&ga_sid=1661291903&ga_hid=1941779043&ga_fc=0&ga_cid=amp-0QPszocIMwd47-UbL9n9Zw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1041&biw=1600&bih=1200&isw=336&ish=280&ifk=554610593&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069029&oid=2&pvsid=1485909513997323&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z1dm33s24dz5&fsb=1&dtd=531 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Request Chain 74
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661291902981&bpp=11&bdt=1640&idt=557&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&correlator=602708225872&frm=23&ife=1&pv=1&ga_vid=1096700308.1661291904&ga_sid=1661291904&ga_hid=1698185836&ga_fc=0&ga_cid=amp-0QPszocIMwd47-UbL9n9Zw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1602387620&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3748902789826819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mgasc8wzljl&fsb=1&dtd=571 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdugrFtYYBLP8xhT0tuw-c&google_cver=1
Request Chain 167
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwVNgsAPPFP6JIPwNgPsQgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdugrFtYYBLP8xhT0tuw-c&google_cver=1
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKWOJIBLzC-BTLjS-ndmNb8&google_cver=1
Request Chain 169
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2MTkyMjYwNTc4OTA4ODQ0OA%3D%3D
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaEQHOuqaZw7dHE6ZSfdjs&google_cver=1
Request Chain 180
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE3Y2VlNzAtMWNhYi0yODU1LWRhZDMtNzk0N2M3M2M1ZDdi
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGVsGxXrphLBAfYTiiJlsYM&google_cver=1
Request Chain 182
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzQzNzNiZGMtODkwYi00NzlmLTljZmItNTYyY2JmMjBiZDUw
Request Chain 201
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHciA4YWhjmbDkplYlRHaOE&google_cver=1&google_push=AehlK4ACN8rOFAzQ0vvEdj34psXY7JftDDUdafRzVDKO4aN84OJ6UHz_XobGSAflK8xd5Y0IiSHJZWcKwuorakMXmc6OM187-aiBEVe1cGrjI1_1F_tJADTV3LynZOHVnncxdDFyv2cuXrLf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHciA4YWhjmbDkplYlRHaOE&google_push=AehlK4ACN8rOFAzQ0vvEdj34psXY7JftDDUdafRzVDKO4aN84OJ6UHz_XobGSAflK8xd5Y0IiSHJZWcKwuorakMXmc6OM187-aiBEVe1cGrjI1_1F_tJADTV3LynZOHVnncxdDFyv2cuXrLf
Request Chain 202
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIab4vA01WskVyk-7LZmOnw&google_cver=1&google_push=AehlK4CGWIcxGwMo5wEkxquUghrheaXT5cECS6OKd_598dLu81G7lhLo4YEq38-Vinm4KTSjCp3zwe0ZVIgQEQh4sIpCmLJnAcPsShS_IIFO0A3y2qitF_Tlp5aP8A9ajFuzprSjgWbCylkL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4CGWIcxGwMo5wEkxquUghrheaXT5cECS6OKd_598dLu81G7lhLo4YEq38-Vinm4KTSjCp3zwe0ZVIgQEQh4sIpCmLJnAcPsShS_IIFO0A3y2qitF_Tlp5aP8A9ajFuzprSjgWbCylkL
Request Chain 203
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4BKouthynYlKPOiRsm0SB9o0iisb-TyAQL5JbyW0M3N-Qt9t_qshznK_2qK0aMdRBJQaHvCKpGJPydE6YY5-fo-t_GHZFlJntMgVXAl_MrYmhIa-VilPBwBRHh9uzDCdi2XwvvhCG9l&google_gid=CAESEF4gcTmtpHVtn_7SF6lF3Qo&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4BKouthynYlKPOiRsm0SB9o0iisb-TyAQL5JbyW0M3N-Qt9t_qshznK_2qK0aMdRBJQaHvCKpGJPydE6YY5-fo-t_GHZFlJntMgVXAl_MrYmhIa-VilPBwBRHh9uzDCdi2XwvvhCG9l&google_gid=CAESEF4gcTmtpHVtn_7SF6lF3Qo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4BKouthynYlKPOiRsm0SB9o0iisb-TyAQL5JbyW0M3N-Qt9t_qshznK_2qK0aMdRBJQaHvCKpGJPydE6YY5-fo-t_GHZFlJntMgVXAl_MrYmhIa-VilPBwBRHh9uzDCdi2XwvvhCG9l&google_hm=AWlEEL3KeaB4ks8ADsWuCls51MA
Request Chain 205
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIlRx4KreNDZSJeZVrfzf9A&google_cver=1&google_push=AehlK4Cosx2SM31HT53h-MrQt3jAqD70uvxBMULBWaiBQ1rOzpBf5lqpYHHAXxVSzmOR2siJlSNCjgjlsh0uA8H1EYOGP9Uihau0mwaP8cc_dQwCtgR0eluGEYrQq9tO1deBfIDMj--8gFry HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ4MjIwODM0MzQyMDczMTIxMQ&google_push=AehlK4Cosx2SM31HT53h-MrQt3jAqD70uvxBMULBWaiBQ1rOzpBf5lqpYHHAXxVSzmOR2siJlSNCjgjlsh0uA8H1EYOGP9Uihau0mwaP8cc_dQwCtgR0eluGEYrQq9tO1deBfIDMj--8gFry
Request Chain 206
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELGX0i5Tr8Gmwkrhxr8Tofg&google_cver=1&google_push=AehlK4AYkCdxUuP0zCS5G5I5WsKOicGcGnYMOek2pdgAUR17i5UiPn4ukfj9WqmMKUtTFQnUfjeBGiAhP0uAF6m5qZz-qnej_gh6nUertwNl7_cd0gddzaXW3BN90qyeytqLTp_cVyrosQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=16cd5458&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4AYkCdxUuP0zCS5G5I5WsKOicGcGnYMOek2pdgAUR17i5UiPn4ukfj9WqmMKUtTFQnUfjeBGiAhP0uAF6m5qZz-qnej_gh6nUertwNl7_cd0gddzaXW3BN90qyeytqLTp_cVyrosQQ
Request Chain 218
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENU3vzepk5TL5OBo5XtZoEo&google_cver=1&google_push=AehlK4DZkjo62O9R8HJCnGDD2j-jBQYHy5rfT9DyPdmgUaNipD27slcMOTjSlLjrmleOdUX95OClHTNCYx1koelXc_Y1D-jhSW8WvkaBBqK_ZdJvb8maEq7qHQwvEZ_YUW3OHrtS4VNIaTA HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENU3vzepk5TL5OBo5XtZoEo&google_cver=1&google_push=AehlK4DZkjo62O9R8HJCnGDD2j-jBQYHy5rfT9DyPdmgUaNipD27slcMOTjSlLjrmleOdUX95OClHTNCYx1koelXc_Y1D-jhSW8WvkaBBqK_ZdJvb8maEq7qHQwvEZ_YUW3OHrtS4VNIaTA&prevuid=05030002_63054d83cc400&knw=
Request Chain 219
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL3BPutYp642Y-Fftor7zeo&google_cver=1&google_push=AehlK4B1mif0IZE72JGHLnOabgljZDWfwyb1HmwHIYMVFJIDvX0l9X6GAwdZm8v-qRvJTieVlkxN4WszjF-Bcem5SBZv0YydRP_RV5buWW4--tAiYAR2nWvjKppEM7ubqm5h22faQjlzG7o HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL3BPutYp642Y-Fftor7zeo&google_cver=1&google_push=AehlK4B1mif0IZE72JGHLnOabgljZDWfwyb1HmwHIYMVFJIDvX0l9X6GAwdZm8v-qRvJTieVlkxN4WszjF-Bcem5SBZv0YydRP_RV5buWW4--tAiYAR2nWvjKppEM7ubqm5h22faQjlzG7o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4B1mif0IZE72JGHLnOabgljZDWfwyb1HmwHIYMVFJIDvX0l9X6GAwdZm8v-qRvJTieVlkxN4WszjF-Bcem5SBZv0YydRP_RV5buWW4--tAiYAR2nWvjKppEM7ubqm5h22faQjlzG7o&google_hm=9_MQRL3jSIWawiMxHQHmPA==
Request Chain 220
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG9FFo8aJ1ZoPcyyEh8O4Bg&google_cver=1&google_push=AehlK4A0ZDSOrY_EYoiSg6npNn0BWjWKPuoF1yrPREEXfmwpb_BL3pceJ5saBN6G9biZJpW5d365EZ-Aq1AtjyGy2ROkWAvN_Ld1DgIA6cKVtN4YID8XIoQLI3HqC3t0Z0sjXMeyfTVwLmQ HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG9FFo8aJ1ZoPcyyEh8O4Bg&google_cver=1&google_push=AehlK4A0ZDSOrY_EYoiSg6npNn0BWjWKPuoF1yrPREEXfmwpb_BL3pceJ5saBN6G9biZJpW5d365EZ-Aq1AtjyGy2ROkWAvN_Ld1DgIA6cKVtN4YID8XIoQLI3HqC3t0Z0sjXMeyfTVwLmQ&uid-set=1
Request Chain 221
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELGX0i5Tr8Gmwkrhxr8Tofg&google_cver=1&google_push=AehlK4D-Sxwr2UdriOEsf5ntfUv6WabmPQ1M1rDaN5P1d_RZnpYgt0xJ4-EUVByjNrMEHqRLqSFTvyjK_vOvmrhGoBEQ0LDwrhcAlfK-gmMKLDa3YK_7oaT0SMR_rIJ0_jn_s1GukzZ19j8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=16cd5458&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4D-Sxwr2UdriOEsf5ntfUv6WabmPQ1M1rDaN5P1d_RZnpYgt0xJ4-EUVByjNrMEHqRLqSFTvyjK_vOvmrhGoBEQ0LDwrhcAlfK-gmMKLDa3YK_7oaT0SMR_rIJ0_jn_s1GukzZ19j8
Request Chain 222
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESENEVQTsvt4_wYZ9Nw1NrlQ8&google_cver=1&google_push=AehlK4DV1f-TxBY2SwDSuqC6xIMguY2tlymwmw6PAmQSbUCRcNFnNSLwJ8TwBpm3lxAVhl1GBR_vYPG9JGsy3mEaI_XbQ-uWMNTiGltpK_4jJCQkdJpV7dRcSIFVg-CK3guGEoloL0P3XAs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4DV1f-TxBY2SwDSuqC6xIMguY2tlymwmw6PAmQSbUCRcNFnNSLwJ8TwBpm3lxAVhl1GBR_vYPG9JGsy3mEaI_XbQ-uWMNTiGltpK_4jJCQkdJpV7dRcSIFVg-CK3guGEoloL0P3XAs
Request Chain 223
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEJ6gzLEa22di1UFfViXW3xA&google_cver=1&google_push=AehlK4CWseFjsZZ1Y09sec39npLrbekQmArFf_A3R0yvnFL_vegU-sIoZuzLCPtuB5h8GRoB1iuWGGHCFKtbd8dN64Ike5xGk41_Cj7ccWCpgxffaroYnbh77xl6ZyMs0v2DuL4w0VikT5g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4CWseFjsZZ1Y09sec39npLrbekQmArFf_A3R0yvnFL_vegU-sIoZuzLCPtuB5h8GRoB1iuWGGHCFKtbd8dN64Ike5xGk41_Cj7ccWCpgxffaroYnbh77xl6ZyMs0v2DuL4w0VikT5g&google_hm=AUhwijbgmUyqpWrNawWBt0s

254 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
www.bg3.co/a/ 		46 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4fd3ab1a412b387025e18aa93b83ebc2566e9b3b2b4d2bb8ed1b18ab27f3f52e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Aug 2022 21:58:20 GMT
ETag
"b632-KPE0Q4K+nYSlYFEqhiK/hMtle24"
Expires
Tue, 23 Aug 2022 22:58:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72499
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 21:58:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"566a4cf199592f12"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Aug 2022 21:58:20 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 21:58:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d1fae90a9114f57d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Aug 2022 21:58:20 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7576
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 21:58:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"df45f464576212d8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Aug 2022 21:58:20 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31989
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 21:58:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"a1b1c4bb043ec9da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Aug 2022 21:58:20 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoTacfeBxJZLkASKIgUBtAXpN8jkpToZjAqRlh%2BL0ri1SO5scTyX8vzET%2BFvI6Wx%2BXKl5AlVsZcfyu%2Bw2KwRZxZRIRe22PBoWQA8%2FS2IUQIwUmB2VDFuhDITU63U1qg56Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
73f71bee5cd2a837-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:21 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 07:00:18 GMT
server
nginx/1.18.0
etag
W/"63047b02-8ea7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
9533
expires
Tue, 23 Aug 2022 22:58:21 GMT
adpushup.js
cdn.adpushup.com/42753/ 		514 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
437e99bde68c21cc1308d8b043c4d35b7a9140b1f0fb355b8034058404127fbe

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 21:58:22 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 18:16:05 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=230, origin; dur=1126
x-cf-geodata
AU
content-type
application/javascript
expires
Tue, 23 Aug 2022 22:58:22 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:21 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1661291901.dop221.la3.t,1661291901.cds247.la3.hn,1661291901.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
41581efb527873518ca86ed34444b58e.jpg
static.bg3.co/imgs/202105/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/41581efb527873518ca86ed34444b58e.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b187fb9bba3317c878aee6481fd1bbf7ded18fad1de4ba5701dbd0ec836957cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 00:37:24 GMT
server
cloudflare
etag
"41581EFB527873518CA86ED34444B58E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1PLI3CBYCkIc0jFMC%2F1xBVjCzGdYYTOBW3obFNkOCI5wIIldSEdu6MN3YXu6iqLX0PgK6PTZQgvF7ylLCK3CHdoX3plFo1MOVdQNBEYjZvWagiwKIZbdwXqUfdkOFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf16849a880-SYD
content-length
60194
expires
Tue, 30 Aug 2022 21:58:22 GMT
e46f2108b7e9076f88b127b6ad22cbfb.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e46f2108b7e9076f88b127b6ad22cbfb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b92c7b0111cb2fe2039fc9d1d134689db97000c44657a7f07109615e8cad17

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 22:25:01 GMT
server
cloudflare
etag
"E46F2108B7E9076F88B127B6AD22CBFB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4EIcoJrz8NQGcBOVya0rI8NEkMeIvO9msFcotgA4bAaAx%2FldPIt6t66wgHSg%2FWKHz%2FGrHGU1AcV59JItyrSR5RhIOAdaQBO5tWSfWyVqFVc3NpBiFZxqZkUCMPi8e0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf0dfd6a880-SYD
content-length
5473
expires
Tue, 30 Aug 2022 21:58:22 GMT
bb054554ea57532867311eb6c7db7326.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/bb054554ea57532867311eb6c7db7326.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8726e3d096bf8148b88d4e78a0bde9401d9f5f5641fd6a0cca5ca3afb818009

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Tue, 18 May 2021 12:36:11 GMT
server
cloudflare
etag
"BB054554EA57532867311EB6C7DB7326"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmAR4Dlkz8tavtIAiKwwNvtz6vFa%2BedtOeAoHVPi7xiShg0EU6z56PYZZVb9zHN03oNTEmT2RVNGPiApd3PknjUEeJsWtFCsjPKpCfxdg8TX%2Fw%2BoC0GBPuD2pvuE2Cw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf0dfd5a880-SYD
content-length
6055
expires
Tue, 30 Aug 2022 21:58:22 GMT
70570eb82e8c9c2b67afb15a80959467.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/70570eb82e8c9c2b67afb15a80959467.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7f34f34585e8d7c2fb0147c6ab93868bc5c21dfc5f26cf913b8f8802d78131

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 22:29:59 GMT
server
cloudflare
etag
"70570EB82E8C9C2B67AFB15A80959467"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8WDC%2Bd4DpOXlIr8smzLIjRpPeNv97bB6GqAEm1VOCh9yXlvMtSW0aWUHkQ0vJx61dm7hnsxoOpK%2FmZOTH94tBEPkMd3rSIweRwF0ghWSHQYZdnv8d12XMZFagbWlo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf0dfcea880-SYD
content-length
5870
expires
Tue, 30 Aug 2022 21:58:22 GMT
d6d99adb45bbbff9c4233662d3047ef0.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d6d99adb45bbbff9c4233662d3047ef0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38bae57e31a12969249047c7b575b8863774b5bfa4489ae971a35dc4525c9b5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Jun 2021 15:22:03 GMT
server
cloudflare
etag
"D6D99ADB45BBBFF9C4233662D3047EF0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTydXta1FilD7bCCoQ%2FcOLtRfy%2F5LpA3I0vmaZ%2FFv8H%2FuCyH16iAl%2BIYu6rhqD7B0PPKuFIBSIuXHgWaY9C9%2F1HKDrJo3X9F%2F3J49thnK3oZzVKMHQKdHEGlXdoe7aM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf0dfd0a880-SYD
content-length
5535
expires
Tue, 30 Aug 2022 21:58:22 GMT
9e5d23f4af79c5c6809875a74eb50813.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9e5d23f4af79c5c6809875a74eb50813.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2e4c0b7f7d5400379b670c073c9e5a35d8107cf694621026c7dbbe0b1979156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Wed, 16 Jun 2021 07:24:51 GMT
server
cloudflare
etag
"9E5D23F4AF79C5C6809875A74EB50813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucnlVGRa90oEsijrfTDW9xB7tLMPllPDPUrNplGpntLuDMUruJNSVtzOMSWF46wUgJDe1HRs4XVi9r2YUGbNIU31MQWZHDD%2F08xtPSfXLZKneHvFPUdl%2Bww0U8vFFUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf0dfd1a880-SYD
content-length
5319
expires
Tue, 30 Aug 2022 21:58:22 GMT
466baebe87686931fcc18a147ac0b664.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/466baebe87686931fcc18a147ac0b664.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c42b9b0380164500bca906db09069fa9f07cedfd8247f1d6e8d24e3a54fb235a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Jun 2021 02:26:47 GMT
server
cloudflare
etag
"466BAEBE87686931FCC18A147AC0B664"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN%2BL7%2BMxt5g%2FXgiI0qv5H%2F3uuB31lTV5Q3PGZRSnd7%2F1VH52maqCOeIy99ls2jLREiEZmYg7nVD%2Bq6vkHaMpccNr0DX1pm77%2FNw0s6vWbtAcoVUgJbuCvAQK5b%2F9FUA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf0dfd2a880-SYD
content-length
5971
expires
Tue, 30 Aug 2022 21:58:22 GMT
5535b34f236ab8f03dda2d1a272313c2.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/5535b34f236ab8f03dda2d1a272313c2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cab80267db2d596d7019de4c7e1b9e4f6180d512a11a1969a6eb9104d825c29c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Jun 2021 23:32:33 GMT
server
cloudflare
etag
"5535B34F236AB8F03DDA2D1A272313C2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxotLKMZvX3XcxZYQwgMxL5bwtI0ibeE89qgzdkuaTCYvcrOoBSIi9JayAuccvr3iRX9%2F1kIq63kQ7yZiTKSX7O2ywM9U2ZoqVZBqlhcyXlyBOsegCgJH4HhSwJ8KLc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf0dfd3a880-SYD
content-length
5719
expires
Tue, 30 Aug 2022 21:58:22 GMT
1d56d22334b8bbd4e3fb98ab981791ff.jpg
static.bg3.co/imgs/202107/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/1d56d22334b8bbd4e3fb98ab981791ff.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ebb3dd52cdd0a654252673e46fc01397058e76fe91a3c39959836013f00d34

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Jul 2021 09:36:22 GMT
server
cloudflare
etag
"1D56D22334B8BBD4E3FB98AB981791FF"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywpcjX%2BkAoPVI72%2BO4iGWP09a79mrnbwm1jcZFwXCeSDMh%2BJwGHVSnt5SABKxS7EQW92XvpN3%2BP1oYnKfp0XQyx9cULEVXrYnRrmsqTkgGETmY32wnSwnGE3jarcVcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf0dfd4a880-SYD
content-length
5864
expires
Tue, 30 Aug 2022 21:58:22 GMT
b9632cba29d3dcaa859a59a52250668f.jpg
static.bg3.co/imgs/202106/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b9632cba29d3dcaa859a59a52250668f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a8f24c102a1e9e46265b9bb19c11d0d0f5ddd9f8ec376fc3df5850496fbd03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Jun 2021 20:32:36 GMT
server
cloudflare
etag
"B9632CBA29D3DCAA859A59A52250668F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHpKlsBc%2FqNLzmiXUOTNWhN%2B6Cc%2BXmnhyGIYCm6ZhRwp2djxwtMhmBS%2FhNGQiqp9tKMRhOQeu%2FBMhfWeavPl9CNN6ysSF9tyLwNtPjMHkVvP16PsMB3wOqnyF%2FjiDOg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf16848a880-SYD
content-length
3265
expires
Tue, 30 Aug 2022 21:58:22 GMT
b59f7fc625b92388de909c8bf1eaa853.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b59f7fc625b92388de909c8bf1eaa853.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8059f21e6a41a86ddf012078ffcf2137b5f89ad148e11b41821e0b623eac5ce8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 01:22:51 GMT
server
cloudflare
etag
"B59F7FC625B92388DE909C8BF1EAA853"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5v8oFVouWrgCuHVl4YzKKyEXJiG2hYTiWslfcVJVCAxo4diyFLg1oj8QNc%2FR0gBs5dy586XJPRuzC61qo6J6dtNmib5pK2zj%2FfL5WOG96mvYWnbpgBWRMX4gfR64lo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf16846a880-SYD
content-length
5905
expires
Tue, 30 Aug 2022 21:58:22 GMT
063b1d47b08bb287711a49dc96a6514f.jpg
static.bg3.co/imgs/202106/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/063b1d47b08bb287711a49dc96a6514f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29c5a55881603dca920d1624d247342db775ca6f1c9fbc3821cd5d511c6309e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 22:22:31 GMT
server
cloudflare
etag
"063B1D47B08BB287711A49DC96A6514F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cQdb8KSujdo4r%2FyROnZc5S4YjmbJZp5ogfA4Ow5Bjw0h7qG%2FJpsUXCby%2F1hPm1JkcE3CLZyeDZrMdO9It7CvS020v%2BF4bUzx3Zd%2FQzKGKDfSm5BljG82NvsY1Evc3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349aca880-SYD
content-length
3092
expires
Tue, 30 Aug 2022 21:58:22 GMT
7e8eb963497db6e6f5e36d365c237139.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7e8eb963497db6e6f5e36d365c237139.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7ca275e68fd586ab3699b9d055a23dfb3cd1449733c0abd1d9ee5e991809295

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 01:27:03 GMT
server
cloudflare
etag
"7E8EB963497DB6E6F5E36D365C237139"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpd9%2F59RnLHGHWUNqQJOyC%2F0JlEzZ%2FVQ7nL05fNLhcGVXOsV5ZrDpyt5KIdxAM%2FgA03jbuNfRvnxLMfBLVyYshbhWok4oVf0%2FKTh0kAVK0Baeyo%2FUx%2F9WB0qmz6Xsdg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349ada880-SYD
content-length
5523
expires
Tue, 30 Aug 2022 21:58:22 GMT
951bf3aa12ca58fff75cefb8a319f223.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/951bf3aa12ca58fff75cefb8a319f223.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dcd7297a19b452663099c591bd2c08c03201ebffa03b89bddd9fdd7add57ada

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 22:31:31 GMT
server
cloudflare
etag
"951BF3AA12CA58FFF75CEFB8A319F223"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVpr50mzlOGqHutlKkNihb6HY0uPZWfEthNeDlfWq8FdxNv8S8kUVcaCU9lG2UketDvGyVYHKwpFcGC87vHyPVnA9pb6qmALooT2tvcypS2%2Fbj%2Fi25kMdIVaeRXfHXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349afa880-SYD
content-length
6156
expires
Tue, 30 Aug 2022 21:58:22 GMT
eb1479ffaa2f78f1eb6cad6f8bd6b2e3.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/eb1479ffaa2f78f1eb6cad6f8bd6b2e3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c8453f786546767f7e22aee7182eef9a21ce4ce208342a73bfd8a5aff4594a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sun, 13 Jun 2021 16:26:51 GMT
server
cloudflare
etag
"EB1479FFAA2F78F1EB6CAD6F8BD6B2E3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pG%2BLnDwdwzWlhqDvDm%2BjIzknw10kxwrrkkWTl88som%2BPprXWtWVusfrAaT%2F0HcUMHJG9FkKMNgWIONmr3RkUgYbZBZcIyuZJ26expXIgWbJ2fUFSHHG0K5o3Yqv7p9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349b0a880-SYD
content-length
5764
expires
Tue, 30 Aug 2022 21:58:22 GMT
913e2cc84e01ba7d1ce719ec32635255.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/913e2cc84e01ba7d1ce719ec32635255.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e32314952b80fa64a4d4b4de7de7d2b84cebc8a4b413745e139df027a6e265

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Jun 2021 09:27:33 GMT
server
cloudflare
etag
"913E2CC84E01BA7D1CE719EC32635255"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWu9PQAubzhdrWL9HlfjEd86ARcmTAHrKpug8ot17lVHVkeU6f%2FaanmBtrfsPWVkXWL6AuloSNTnGzBCW0VPV4MGNoJfWn7RBYt2dWoGFK2EIg%2B9%2FcJdyUewnfmVzeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349b1a880-SYD
content-length
6056
expires
Tue, 30 Aug 2022 21:58:22 GMT
355b8a8f0f7752f9b353039ce7d9f04a.jpg
static.bg3.co/imgs/202106/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/355b8a8f0f7752f9b353039ce7d9f04a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ded1819d0c9702fe962c881ca7d889b57395b7056efe7df2cfbe07bbe3230c50

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Jun 2021 08:30:28 GMT
server
cloudflare
etag
"355B8A8F0F7752F9B353039CE7D9F04A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fwBFp5jEmaW3UdmNxfqoX%2Fcfsl4l5ACdeDDRunbceDLO8VKrhewjpthfjK8Lo3LLl4w6%2BipwaVFk0Ml0haj%2FtIKmiZpcmuj6X7ukaTw8SyPYdbKZu5B2F%2B0TjyIkss%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349b3a880-SYD
content-length
1904
expires
Tue, 30 Aug 2022 21:58:22 GMT
e9721cc721ed475d9901aec4150cd3eb.jpg
static.bg3.co/imgs/202107/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/e9721cc721ed475d9901aec4150cd3eb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b75304ef8f697efd18262a20789f4fefb456606cbdb4f11f0877b7ac6bebedb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sun, 04 Jul 2021 01:34:57 GMT
server
cloudflare
etag
"E9721CC721ED475D9901AEC4150CD3EB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLN%2BV5KUFvOKAfU0I0ceuHHcboT%2BpVA4l9FWW19j2Vdi%2FZgKF9fznxq1BLKdQDrrL%2BC%2FPaogQsG6KKbapPtgesNHlhUk9mCcMEsK5oG3QqxbLgdutVY7a0PL9BJaqVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349b4a880-SYD
content-length
6397
expires
Tue, 30 Aug 2022 21:58:22 GMT
39a1e833040d868e102782c7b00a1274.jpg
static.bg3.co/imgs/202106/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/39a1e833040d868e102782c7b00a1274.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df441f11a28f6f8f85ee8b7e0b085da4464c0aba01306ed221ae0227a3679fcd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sun, 27 Jun 2021 20:38:48 GMT
server
cloudflare
etag
"39A1E833040D868E102782C7B00A1274"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zz2tstH1aFvvRDdMsGez3tz3hDrgpViYEXeRf3Caxf%2FaKpNs9THjaATBENMpcMAnz5D08wpOKiOJWx1JG8Q2saIRVCpKR14kqrAdPQ%2B%2BlcF08sOZ63C4x2CMz6aCJbw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349b5a880-SYD
content-length
5295
expires
Tue, 30 Aug 2022 21:58:22 GMT
2ae74a6629e3316d20c6226f2a8aa662.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/2ae74a6629e3316d20c6226f2a8aa662.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29ca6dff82beb0e2364fd0bdc413dcea38404fa3236cfe3a17ede7b5ad33529

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 06:24:25 GMT
server
cloudflare
etag
"2AE74A6629E3316D20C6226F2A8AA662"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRsTS%2F1bj6JBeX1YI5wnF4Xq7gV4zJXgbjowDWMxO%2Fj9HjuMORfePsi7I7Zkfe7GIpIwxwEAEFrsFiHjYRB%2BlhMaqHaFUo4%2FPsNVMIrZLiTw%2BDTQ%2B4eaS82io7JpFAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349b6a880-SYD
content-length
6037
expires
Tue, 30 Aug 2022 21:58:22 GMT
e9289483aa0d637745e6d3d0c37b3e13.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e9289483aa0d637745e6d3d0c37b3e13.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d563742f862fdb18ae9637a9c2d56ead8920198af988badfc3a6bfcc0cabc65

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 20:32:05 GMT
server
cloudflare
etag
"E9289483AA0D637745E6D3D0C37B3E13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLfh8VxhKaKOKC4RJcJ8Zm2%2Bn9%2FUCSbYK9%2B6W1ICazAJELOmBQH5%2B8Ukw1NSH2kMZoAdCv9h50CZ7rYXq%2B13sIHNquYCtoNHdexnluMnhNWiEjoOhrt9f55kRV6lytU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349b7a880-SYD
content-length
6261
expires
Tue, 30 Aug 2022 21:58:22 GMT
7799762dbcc6e037de3d640295665dd5.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7799762dbcc6e037de3d640295665dd5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5acae8751c431db8af1bc3f6ccb5c33001ca3f3ad9f46959f38982ccc9738c3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 15:28:47 GMT
server
cloudflare
etag
"7799762DBCC6E037DE3D640295665DD5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v3qVMHWrpNexmkDVr3ofYP%2FbaARFjTWlcIAlPgQqkZiegDp49tVlfs7k%2Fqf5%2BsfhM8UUf05pr1KuuB07P%2FIKazWreyviTpsOHJ4KciM2ydvadTvhASfxzq7B1wMebY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349b9a880-SYD
content-length
6264
expires
Tue, 30 Aug 2022 21:58:22 GMT
f9c63c11eca27dfb6f9587e09d6cbc66.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f9c63c11eca27dfb6f9587e09d6cbc66.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b081f0ff758542a0a48e7f76603e6ca7766c20b4dad14c6c639bdaae90cc812c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 20:31:46 GMT
server
cloudflare
etag
"F9C63C11ECA27DFB6F9587E09D6CBC66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eZn26Nme%2BJT6%2BuiQPp%2BG%2BjeOQ8NGOEJfWk66Mwaqe%2FZj75VMJJclYGP5ZUWTWEkiBFzDif2WDBQZCnCr8UwzKcTx4%2BDh6hJlaSX3N0oiKNR0nfAVVEjNBNX3NF6UgE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349baa880-SYD
content-length
5988
expires
Tue, 30 Aug 2022 21:58:22 GMT
fe165baf2cdff150b23bcce22a4ed35d.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/fe165baf2cdff150b23bcce22a4ed35d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316963dab1c1ff0d599e881cf322c38f90a3f85f8855bd49f82768ef29f8e3bb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 10:36:53 GMT
server
cloudflare
etag
"FE165BAF2CDFF150B23BCCE22A4ED35D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozz6RZzR8amRHmbfr8bOFc%2BtEuD0Xl95cUHCVgu8vFXn9TSIYldhSqzWR2MJQz2FMbhd%2FotwL0gYaCVrt6hXcBLAfj%2F2DErMd5l4%2BiUFxbBMA3TOm38qat3qiDcIvfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349bba880-SYD
content-length
6303
expires
Tue, 30 Aug 2022 21:58:22 GMT
226586ee06aa9479ad432adb844a902e.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/226586ee06aa9479ad432adb844a902e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce17b344a418ed8c76ce720ed996c2dcc1f96580c57ac2aa98835f65f1f3bd9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 01:31:21 GMT
server
cloudflare
etag
"226586EE06AA9479AD432ADB844A902E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zv9Bo3RBo2JWB81e8ZiA9Jvcs5imZyNd9l8rqgnYxdt%2BiHGwE2OsqE7M1io45WxiUxu00JQ5WjR3I%2BAORDhiOXlVqh96NrAbluZHV3uST9us9prRstN0Ut9GBH1quXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349bda880-SYD
content-length
4749
expires
Tue, 30 Aug 2022 21:58:22 GMT
4d4130e76f3fe466fd6cbc9359bd2612.jpg
static.bg3.co/imgs/202106/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4d4130e76f3fe466fd6cbc9359bd2612.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a800429e455c186e0959c77615dc91daaed0259c8f6f3c31c040ee7e1e3b425

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sun, 20 Jun 2021 00:32:36 GMT
server
cloudflare
etag
"4D4130E76F3FE466FD6CBC9359BD2612"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMT5ZsXfk%2BqJT3zQxz1yDjmZDAdHJr2NJRtwVygZwVIpXTKke6iliEjvpaTVO%2B77nwlzQ2wnp5Q3vJo1pIL87bfFvqiFzrZ2MOdJlGF4XdAE1Vg45vRCs%2FWi8fIDf4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349bea880-SYD
content-length
3802
expires
Tue, 30 Aug 2022 21:58:22 GMT
33937e87e8d23d51a3abc36aa7344d82.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/33937e87e8d23d51a3abc36aa7344d82.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9d63f7c4631e78472204768f7cc5b3bf468681c5141ea579a033e2766672fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
cf-cache-status
MISS
last-modified
Sun, 13 Jun 2021 16:29:38 GMT
server
cloudflare
etag
"33937E87E8D23D51A3ABC36AA7344D82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yI%2B%2ByQID2HVW%2B9PwM8T%2FMNUoeFPw5RVvTWFrUkjsqlp%2BhPO6fChN0gHTaHQzAqiTCuupyUng%2BKGh2oNNflDz2L0ayKeGCEXtW15eA%2BSF%2Fimavca%2BSajClbiLF4swpqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f71bf349bfa880-SYD
content-length
6284
expires
Tue, 30 Aug 2022 21:58:22 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
312385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2977
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 07:11:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ab22edc768bc2763"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 20 Aug 2023 07:11:56 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
306311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3843
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 08:53:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e1102914dcffd250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 20 Aug 2023 08:53:10 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3091
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TADzEhxVGVbQXMn1sk9duCKtEw0hqjugpXzR6pj4J4XqCU7KyQvEDwXXgcgnlwCdt7RTg7Aqi7Oil3xvRAidREIF1m%2FU%2BhowyeVuEiaxmVnMsSMRoDPo4pIZe1qMVQfrzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73f71befae4ca837-SYD
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43b8bc0ed3b0ced932155c336b90fc698062479739e0b08b118c2fe8525b507a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 21:58:22 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43b8bc0ed3b0ced932155c336b90fc698062479739e0b08b118c2fe8525b507a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 21:58:22 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.45230300625277486&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 21:58:21 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7612665344655825&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 21:58:21 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
598628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23035
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:41:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"65c480cb2d2a17eb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:41:13 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
fd55646df908cf289bfcd99e2f430b2600e15e16aed2fd0f02a1fab9f34b8241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577
x-xss-protection
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
278074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10239
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 16:43:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"62cdf4b1a7a2ae40"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 20 Aug 2023 16:43:48 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
485768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57907
x-xss-protection
0
server
sffe
date
Thu, 18 Aug 2022 07:02:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"900caa8e3e134c7a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 07:02:14 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1ADB 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
67fc91defcd98bdc6901e111dbcbae4dd702f24acbc3325eff5c22413e0d97a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40224
x-xss-protection
0
server
cafe
etag
6251245462534367282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 21:58:22 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame DDD5 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ab76240617c9616425cfa63ac19617fafeb572bb05b0dc1b407af5ef2f9bb7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40221
x-xss-protection
0
server
cafe
etag
6224983356649639762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 21:58:22 GMT
block.jpg
delivery.adrecover.com/ 		631 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1661291902137
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Tue, 23 Aug 2022 22:58:22 GMT
gtag.json
cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
485790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Thu, 18 Aug 2022 07:01:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d737f3c89b0705df"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 07:01:52 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-9087918963970341420.ampproject.net/2208051912001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-9087918963970341420.ampproject.net/2208051912001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3B2A 		714 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4286
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73f71bf63ef8aaf5-SYD
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 21:58:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrWd3AjTTP0sDCRMmaL%2ByMxADYlpC%2Fu9HQPGe4FHpMLJBdjEf0dbJsqrTWj9IMaBYdlMLi%2F4fi8g8qP05G82K0cUYZMtQA2AoubQwQr%2FzibW8PfMAhHRrm1yauJG2UUX%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 21:58:22 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 0BE0 		714 B
825 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4286
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73f71bf6dfbdaaf5-SYD
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 21:58:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=losnkk0olSxqHAp9dUKgwpJ4SJQDT6btCVg1MfF4pMFd7Bn%2BwpSQpNVnGK72Y8bZTk7ENuGQq6kcdxXpLX8WEIFLj5ifykIy9ag02QcfmZIR9Dzm%2Bsiv8vZEPx5reicaOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3B2A 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
bb05ed6b91dc7c4e98f28f1131b2935ba95d107f7cc21b61d0aa4374af3f4d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28486
x-xss-protection
0
server
sffe
etag
"1312 / 507 of 1000 / last-modified: 1661290218"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 21:58:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0BE0 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
bb05ed6b91dc7c4e98f28f1131b2935ba95d107f7cc21b61d0aa4374af3f4d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28486
x-xss-protection
0
server
sffe
etag
"1312 / 217 of 1000 / last-modified: 1661290218"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 21:58:23 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:22 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1661291902.dop221.la3.t,1661291902.cds247.la3.hn,1661291902.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ Frame 1ADB 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
f67d47baf39a87cc4da1eda8f3bd9b2f56f1553e40e7420f5f76574c18991b10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122732
x-xss-protection
0
server
cafe
etag
3472895500222032491
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 21:58:23 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ Frame DDD5 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9adcc6b06d3a61d47f3337c316a71e829fe680a2a2bcfc0207618546836619d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
5381349625994624145
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 21:58:23 GMT
pb.42753.1661278076254.v6.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 18:08:10 GMT
server
nginx/1.18.0
etag
W/"6305178a-557f3"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=MISS, edge; dur=225, origin; dur=449
content-type
application/javascript
content-length
93716
expires
Wed, 23 Aug 2023 21:58:24 GMT
49ee3fc4-47b6-46e6-8378-b26a3745b050
https://www.bg3.co/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/49ee3fc4-47b6-46e6-8378-b26a3745b050
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%9C%83%E5%BF%83%E4%BA%AE%E4%BA%86%20%E5%A4%A9%E9%BE%8D%E5%85%AB%E9%83%A8%E5%85%A8%E6%9C%8D%E7%AC%AC%E4%B8%80%E5%A4%A9%E9%BE%8D%E6%8B%89%E9%A2%A8%E5%93%A5%E5%B1%AC%E6%80%A7%E6%9B%9D%E5%85%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-0QPszocIMwd47-UbL9n9Zw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7405051141582817&gjid=0.20846545319724386&_r=1&a=6532&z=0.2730253698118341&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3053 		603 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35145776884032344715&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3417&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=4799006532&ga_cid=amp-0QPszocIMwd47-UbL9n9Zw&ga_hid=6532&dt=1661291902527&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&bdt=2241&dtd=426&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:23 GMT
expires
Tue, 23 Aug 2022 21:58:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 3B2A 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 12:34:22 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 1ADB 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
034ae9bd51eebf58083916aa1d7a4424ce16941c44a9ff636d5b9831a26f96fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 1ADB 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1ADB 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
adx.holmesmind.com/adx-file/20220823/ Frame 01DA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
1 KB
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-123.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d2c9c9f82fb7c73c50fac260546953a83ede3bb46d6ce302d499796c19e0a3b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
106
content-encoding
gzip
content-type
text/html
date
Tue, 23 Aug 2022 21:56:42 GMT
etag
W/"0cbc58039b2c0f0200175f5efbcead69"
last-modified
Tue, 23 Aug 2022 12:56:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront)
x-amz-cf-id
FNmP7-vrygqYHucsDtlYiJSbpzmNDAxhiF1nrTZUekpLnd2wm-BOFQ==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
NMN5cxSlnUT3TNLYe9UCI.KXzSvHXJKc
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:23 GMT
location
https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 0BE0 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 12:34:22 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame DDD5 		379 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
7dd8aca7bc83e6d2a2ed783b37d991e2c9369bbc5b53b9521d18cbb898cf1a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame DDD5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DDD5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
adx.holmesmind.com/adx-file/20220823/ Frame F6A9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
1 KB
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-123.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d2c9c9f82fb7c73c50fac260546953a83ede3bb46d6ce302d499796c19e0a3b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
106
content-encoding
gzip
content-type
text/html
date
Tue, 23 Aug 2022 21:56:42 GMT
etag
W/"0cbc58039b2c0f0200175f5efbcead69"
last-modified
Tue, 23 Aug 2022 12:56:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront)
x-amz-cf-id
Agjp6nD5VdSngrAx7pIMauKwT1IkDoPY_enRYTnJSEzRd2tDT75AXQ==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
NMN5cxSlnUT3TNLYe9UCI.KXzSvHXJKc
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:23 GMT
location
https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-type
application/javascript
content-length
211
expires
Wed, 23 Aug 2023 21:58:24 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-type
application/javascript
content-length
17440
expires
Tue, 23 Aug 2022 22:58:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
bb05ed6b91dc7c4e98f28f1131b2935ba95d107f7cc21b61d0aa4374af3f4d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28486
x-xss-protection
0
server
sffe
etag
"1312 / 919 of 1000 / last-modified: 1661290218"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 21:58:24 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:24 GMT
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjEyOTE5MDQwNzgsInBhY2tldElkIjoiMDAwMEE3MDEtNjU3OGNlMGEtYjhlZC00YjAwLWJkNDctMTdhZGYxOTE5NWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1aS14aW4tbGlhbmctbGlhby10aWFuLWxvbmctYmEtYnUtcXVhbi1mdS1kaS15aS10aWFuLWxvbmctbGEtZmVuZy1nZS1zaHUteGluZy1wdS1ndWFuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:24 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjEyOTE5MDQwNzksInBhY2tldElkIjoiMDAwMEE3MDEtNjU3OGNlMGEtYjhlZC00YjAwLWJkNDctMTdhZGYxOTE5NWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1aS14aW4tbGlhbmctbGlhby10aWFuLWxvbmctYmEtYnUtcXVhbi1mdS1kaS15aS10aWFuLWxvbmctbGEtZmVuZy1nZS1zaHUteGluZy1wdS1ndWFuZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:24 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEyOTE5MDQwNzksInBhY2tldElkIjoiMDAwMEE3MDEtNjU3OGNlMGEtYjhlZC00YjAwLWJkNDctMTdhZGYxOTE5NWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1aS14aW4tbGlhbmctbGlhby10aWFuLWxvbmctYmEtYnUtcXVhbi1mdS1kaS15aS10aWFuLWxvbmctbGEtZmVuZy1nZS1zaHUteGluZy1wdS1ndWFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:24 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEyOTE5MDQwODMsInBhY2tldElkIjoiMDAwMEE3MDEtNjU3OGNlMGEtYjhlZC00YjAwLWJkNDctMTdhZGYxOTE5NWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1aS14aW4tbGlhbmctbGlhby10aWFuLWxvbmctYmEtYnUtcXVhbi1mdS1kaS15aS10aWFuLWxvbmctbGEtZmVuZy1nZS1zaHUteGluZy1wdS1ndWFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:24 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEyOTE5MDQwODUsInBhY2tldElkIjoiMDAwMEE3MDEtNjU3OGNlMGEtYjhlZC00YjAwLWJkNDctMTdhZGYxOTE5NWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1aS14aW4tbGlhbmctbGlhby10aWFuLWxvbmctYmEtYnUtcXVhbi1mdS1kaS15aS10aWFuLWxvbmctbGEtZmVuZy1nZS1zaHUteGluZy1wdS1ndWFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:24 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.com.au/adsid/ Frame 3B2A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3B2A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3B2A 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=946716645085743&correlator=3318619989764841&eid=31068458%2C31068828%2C31069103&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661291904149&lmt=1644386353&dlt=1661291902509&idt=1616&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=2mvwfzg7q3zt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=965857237.1661291904&ga_sid=1661291904&ga_hid=1372675039&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
493b57d6181750a2403d2ddb755fde74fa92642789e477d822e5d7831a8c2ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
12338e95ced18b26e2c1210b28d0b624.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 10AE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://12338e95ced18b26e2c1210b28d0b624.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:24 GMT
expires
Wed, 23 Aug 2023 21:58:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
etag
"gV5iHc/sd8Rde4C/i53H5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 30 Aug 2022 21:58:24 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 12:34:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Tue, 23 Aug 2022 21:58:24 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 0BE0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0BE0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0BE0 		498 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=125025847797590&correlator=1920297073425608&eid=44761477%2C44770639%2C31067825%2C31064019&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661291904368&lmt=1644386353&dlt=1661291902599&idt=1760&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ibliniixs4w8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1216816989.1661291904&ga_sid=1661291904&ga_hid=1024597016&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
56637496f4e035e19e1ddc0b3d64ca137551d37b71449f74e21f74c686fa4cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fb8de054611129e4a4dff52e768ae783.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4824 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb8de054611129e4a4dff52e768ae783.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:24 GMT
expires
Wed, 23 Aug 2023 21:58:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 01DA 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
bb05ed6b91dc7c4e98f28f1131b2935ba95d107f7cc21b61d0aa4374af3f4d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28486
x-xss-protection
0
server
sffe
etag
"1312 / 824 of 1000 / last-modified: 1661290218"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 21:58:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F6A9 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
bb05ed6b91dc7c4e98f28f1131b2935ba95d107f7cc21b61d0aa4374af3f4d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28486
x-xss-protection
0
server
sffe
etag
"1312 / 730 of 1000 / last-modified: 1661290218"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 21:58:24 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 01DA 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 12:34:22 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame F6A9 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 12:34:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3B2A 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
e9684177ed1a5dd938c3f0f98993aa5100f268fe543839905ab84161411c12c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11216
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220823
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb31466abd327f67436b68da439bae3aa414bdc41872972fdd8f90dba365c87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25035
x-jsd-version
1.0.1441
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19139-FRA, cache-itm18845-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"666-sZAR3d10B49a/ZZ188bLk+3iKvE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BreTRQ3wBd7s1VsmqYUDBf%2Bm2vXSLOdy%2FNmdX6drcjtlW4c41KvaISy0q2xllLPdc6Ktr0b6DP1Cf3NLtPhz%2F7EICtXKT1uWq3e17YKcxQOpBfq68%2B09EvycU%2F%2FxvKi8qtU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73f71c06fd9aaacf-SYD
access-control-expose-headers
*
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.169.230 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-169-230.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=153c5037-b057-4f0b-8de1-0452a7f8c20b%2Cc737287d-5280-483d-8601-5c38a32d4793%2C6aec8db7-f588-47fc-80c0-4c28fc6b3bf2&nocache=1661291904886&pubcid=0ebf02e3-7c5b-4906-95e5-eb1669f9a0e6&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
717204465bb7446bd4670757deddd2cdec8a51abc4fbafb11609410ec0b8a8a3

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=03e2bcf1-83eb-4462-a97e-599b1e3378f4&nocache=1661291904887&pubcid=0ebf02e3-7c5b-4906-95e5-eb1669f9a0e6&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=96b88e90-6c99-4d00-b34c-6561230fecfb&nocache=1661291904887&pubcid=0ebf02e3-7c5b-4906-95e5-eb1669f9a0e6&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a542add1-ddf7-4550-9eda-cc0d87f8bbab&nocache=1661291904887&pubcid=0ebf02e3-7c5b-4906-95e5-eb1669f9a0e6&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22261949107c6c0ac%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2233eef6c10b7e408%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2236f4221d7c4474%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223704198c117a049%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220ebf02e3-7c5b-4906-95e5-eb1669f9a0e6%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ead2b798a1f5d5683fa20a93978fe3c6fdc7cc17a956b643db8725ae67dcfa5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0Yn7slTRuExbwZ83ma0csvQWv70tpv8k5IdRh%2B0a7kLga9hjIlCacXwsgZh1Tc7AByV84JLEMg4ENtTWinn%2FtBMFWIc2itCRyRS4N3VdfPHKqc3ijFm%2FU64zgHDqXr9AnHeYzJV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73f71c072ffba882-SYD
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22261949107c6c0ac%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236f4221d7c4474%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%223704198c117a049%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220ebf02e3-7c5b-4906-95e5-eb1669f9a0e6%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ead2b798a1f5d5683fa20a93978fe3c6fdc7cc17a956b643db8725ae67dcfa5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jamP7D3V4YbBI%2BC%2BMWFpW%2FXwX2RVHWi75dg1yOpXOqohWcS6nNRf4kS7YkjE3jd%2FiB8sGkT9JHiS9XfwamtYt99KOv9ugw8LFGUJItUZhm%2F%2BMrgKVdWSs71qhji%2FjUh24JTqkt%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73f71c072ffca882-SYD
expires
0
adreq
ads.servenobid.com/ 		818 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8332
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=82469193221
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 21:58:24 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
prebid.media.net/rtb/ 		1 KB
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c0d3be2c0ba0ad5e6292f73e7ffb98157797dd26caa38b58dae57b555ea208a2

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
111
alt-svc
clear
via
1.1 google
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.82.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a69149e83c2f419fce7c2136671ab6bd0f83aa7c6d530ddf18700896a4a6bf27

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.82.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
949630d7d3a516c7ad8d4f1d942bdddf968dda8daac0a35cfaa21f388f0c9b78

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.82.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
48c5dfe528f2662ec5be8bc62e0e5452102a819079490def3429b93cec646486

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=0ebf02e3-7c5b-4906-95e5-eb1669f9a0e6%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=a6c24669-de13-471a-84f1-485b38b35399%3B77a937cb-c6fd-4f7d-8515-1cb56e3d7702%3Bcb7e165a-50a9-4b1d-b09e-28f2a0b228fa&l_pb_bid_id=55d0fdfc4aa2556%3B5676d29e465aef1%3B5784317e443c9e8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.893479581124327
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f81e99e07b26d1920196c0025b0809d38a2e6227f9dd332b16968009ef9e5f2b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 21:58:25 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
rtb.adxpremium.services/openrtb2/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		33 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1504478b21235fc602dd8014ce2e951ad2e89b14753b2084e49ada7579a466f1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 23 Aug 2022 21:58:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.166; 173.245.209.166; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e00d6a31-2a83-4de9-a882-80f29734c353
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 23 Aug 2022 21:58:26 GMT
c
prebid.a-mo.net/a/ 		459 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
26375312a1c16fcce75642319052bb66431502b9927e46871d8ffeb4cf17be91

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 21:58:24 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
134
content-length
276
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-11.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:05:05 GMT
via
1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
age
3201
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 28 Jul 2022 16:54:54 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
aLxes3fHWpIhvLyhlaSQYQlB5eChNPtPP63AIk5INC2K35VvHdQM2g==
integrator.js
adservice.google.com.au/adsid/ Frame 01DA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 01DA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 01DA 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=636912055933681&correlator=2176058666596962&eid=31068501&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=424536528%3A40828883%2C1528662_icook_300x250_MB_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=934391782&sfv=1-0-38&fsapi=false&eri=4&sc=1&cdm=adx.holmesmind.com&abxe=1&dt=1661291904940&dlt=1661291904390&idt=541&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=336&ish=280&scr_x=-12245933&scr_y=-12245933&ucis=mbne9mc6ya74&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Ficook.tw&loc=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20220823%2FnUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html&top=www.bg3.co&frm=8&vis=1&psz=336x250&msz=336x250&fws=256&ohw=0&ea=0&ga_vid=1046188875.1661291905&ga_sid=1661291905&ga_hid=2019953311&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
0fb178cf8143f7dacd8218aaec82129d1632cf45f377e9a5d6cd034938954530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9446
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E40B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:25 GMT
expires
Wed, 23 Aug 2023 21:58:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0BE0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
54dbb845bf7cd1b44213e46ca06c970e0130d0189730d16130b642078680624e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11233
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame F6A9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F6A9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F6A9 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4093100677068217&correlator=2568344088586763&eid=44770639%2C31067825&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=424536528%3A40828883%2C1528662_icook_300x250_MB_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=934391782&sfv=1-0-38&fsapi=false&eri=4&sc=1&cdm=adx.holmesmind.com&abxe=1&dt=1661291905057&dlt=1661291904397&idt=651&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=336&ish=280&scr_x=-12245933&scr_y=-12245933&ucis=u3oage94omry&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Ficook.tw&loc=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20220823%2FnUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html&top=www.bg3.co&frm=8&vis=1&psz=336x250&msz=336x250&fws=256&ohw=0&ea=0&ga_vid=700710666.1661291905&ga_sid=1661291905&ga_hid=707327549&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
8588b97ad68ede2e9e424a36ab3663fa0fc4db3773969246ffdc71d89a270534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9310
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CEA3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:25 GMT
expires
Wed, 23 Aug 2023 21:58:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 01DA 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
cb32a52d4b7fc3d73d3c01e63a3837ccda52ced52a0ba1857ffd32a510d4b886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11005
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1ADB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220818&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
cc386d0f934fe3ef84771253f46188e11c3d38ea1aa69e1449a49a522fd8abe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11130
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI0MjQ1MzRfMTY2MTI5MTkwNTIzNCIsInVzZXJJZCI6IjE0MDYzNV8xNjYxMjkxOTA1MjM0Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMTM3MjY4XzE2NjEyOTE5MDUyMzQiLCJwYWdlUGF0aCI6IiUyRmElMkZodWkteGluLWxpYW5nLWxpYW8tdGlhbi1sb25nLWJhLWJ1LXF1YW4tZnUtZGkteWktdGlhbi1sb25nLWxhLWZlbmctZ2Utc2h1LXhpbmctcHUtZ3VhbmcuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZodWkteGluLWxpYW5nLWxpYW8tdGlhbi1sb25nLWJhLWJ1LXF1YW4tZnUtZGkteWktdGlhbi1sb25nLWxhLWZlbmctZ2Utc2h1LXhpbmctcHUtZ3VhbmcuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjEyOTE5MDUyMzV9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvaHVpLXhpbi1saWFuZy1saWFvLXRpYW4tbG9uZy1iYS1idS1xdWFuLWZ1LWRpLXlpLXRpYW4tbG9uZy1sYS1mZW5nLWdlLXNodS14aW5nLXB1LWd1YW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvaHVpLXhpbi1saWFuZy1saWFvLXRpYW4tbG9uZy1iYS1idS1xdWFuLWZ1LWRpLXlpLXRpYW4tbG9uZy1sYS1mZW5nLWdlLXNodS14aW5nLXB1LWd1YW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 21:58:26 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=12, origin; dur=859
content-type
text/html
content-length
555
expires
Tue, 23 Aug 2022 22:58:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3B2A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 21:58:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F6A9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
d74039c2003fc47660dcf01d5da5c095506b6abf29c1365ac20a9ef80645caa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11224
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame DDD5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220818&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
f8c0bd71477cfeb8866b0d59984b3efdda69ee8347ae3d0de1cb731cbe6d680a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11203
x-xss-protection
0
container.html
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4263 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:25 GMT
expires
Wed, 23 Aug 2023 21:58:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 01DA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 21:58:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1ADB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 21:58:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0BE0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 21:58:25 GMT
pixel;r=297875964;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html;uh=e51ed67dfb8d91dc24b15e2ac...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=297875964;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-942368390-1661291905527;pbc=0ebf02e3-7c5b-4906-95e5-eb1669f9a0e6;ns=0;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1661291905526;tzo=0;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
container.html
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B303 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:25 GMT
expires
Wed, 23 Aug 2023 21:58:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DDD5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 21:58:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F6A9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 21:58:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B530 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUrl3EKGB2M6KgDhKlnXs1vYU8t9ljSygZPlQ1Pd615aBlFLdg6ilXI_WLEze_EDfUbh13MrC6HYpmAEUAgHTn4kKlXjg
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4263 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An-Bonpk_07SatTTts1PSNpUdWE7_e7ruGmtlDetdxaq9NuXNiY3TOYAGhMEEnVm7Y0T409DrXH_RJYdn2kYqAOj8hiA&cry=1&dbm_d=AKAmf-D_mexhMvIDHdn9ZVXDLJK5D_Ih4JvNGkeM8r4B6C_neR2s4AR4nSrlYzE-PyATfEA5hWCRfAcDBnnReljvO4OBBE5MorWaSxG3mMqjzCh4MzAs4rGhHaB0-rQ7FjMA8ZygQko_JtgSKKtfFyBPMMm14eoTAVS9VjsIYzeR1IKF2WtC701H_zXJZlrw1UcQozbem2HIhdz7jDOqXPMMeZxTWzKSC6HX45Jsa0UH_byGyO-IbT4u0UdCayNwHQavAh0xTA-fS7FSGysL2pynj3a1OhflN02_Heh88QvAuk1my1gLVyzZ4kK8FxLYLtrvUyOhiem06JSVYokBZ0WghyFwhHvK3XhDkgx5YbQBan96Lw7o0y6bo0ea-XFRCSlh_v6GEs6hFmzQLM17ak2uHFXRtp5mrKFVtilhmerYHU2GHXWpwva0weZuAVHsH8fw00UEEDgT4G5usDvApI4Rm1pux_UVkhteHfoKORY2NDnQdEh-PpnDPqvqza_mCmCG9Wmfc3W4zG2-3bPQhDFJHIJI1lgP4ShHKKRwAMd62-ftnYFwlEd27JgunB77S3EUmmAE08dT-ZXATGNhCRtB8d-wC55sI7_3SsLL-d_FSV9ZUkUm6Q515xzecA1hkUHza8E2o22IyIoqM17AgAuK5utIiRvxQsoDv_eYCuWzI4NuAHcjyU63zrR4VovyC_DoJtdLAGWJmGcBYdJeJZHet9ZDBQUGggD6tANAxLjZaWnNKPKAxqAszLV6p491MEAVcMiDFnjMvs1-NsZPWZtrULCXDSo-UGimg3aBdvJ1ZQvM5kan79IPhxB8d0CXxgu0qSSP6k3C7ybBKBJyc2nJ5pGxTKpjzfAnzmUWMo-ZvVCr5V2YidQH7Yp_V-R8grZJxUh86CbNDnVzswhbhUmRbOo_-kh1g7wTwAxLtwdfE-hIsKKABIttAH5Hduev5QxNXg8rPcCAejOTlZHOD0OiRi_EaPNy9HKFUNoYvbeV0CpUR0PGcOSuzjowsBsfzWw2EfToSdF3UKwuVDgji-EF6tt9L_YdZkAYoVKLuxt9wAJpLibZRd7c_d8MwtGKcT3vnBt3HpzsAPqao_-glh8GTXwN7Q-oCRb7EcoQP0o_BSxU_gSZY7ruGHItyMshfhGviL9njUEaJOFEhMYKQ9MQTWccDOEyqODtW-mB8s6k7xiteg9diPT52AYruvaMHvru7avUE5AzhIOpPlzP_cuN1hYQ8EE5qi7djA4Y5WE7jCGhl50Cs_Gv4_u4xAZpQe2ektn0c2MigLRUZlNLizcQHy28pq7R3mKpclmFWEQLeTbK2Gimkpjw95aTByn2CFhBPSsbB7bM8sSO2jggMCOTPKt_Y82fL8MfUxf1fnuT6fX0FoM-BHqnWS20hPQgTbueVZuJehfyRIsQxsz4Jff1S1DJjlAjYWLd9-ONAlHrE3fKHdIg868dt58kFCXVTdXqLe4wIDNbs2cxpY-631699e0iRVFO0Z7ZLO2C8kViHsNpq9vHXYzJrFxG-gbohW4dCW0UeJPOKF2PtOEl-XKffbr1jOdS4Gq7TnVzgtGOw8b6qy42zSzUPoIz73HzxvK16DXtyUXRKY4nWeUrggPapKlTLlClQn1Ql5wTpPe7GpNLbzpLmp2cmWlzLsVGtAwyDMXFNfJIAg5x4f31dszSSLCjUFPcY27oJ5kLoRL094GmDtFpycagpCso2RPv0TY-rFIabe4PMLqXph3Di4Ax73pQp8yOOPAAPGfyArXEteQPOy5IeMsAB0zHaih0oZPxw71wDtNjIS7eqgLOlYO3T6fKVe0ndZZQt0hajCbXrXSkKblGkg8kToqN0QMo5ErvMaWAjiHs9DmRTiifmBv8Z9Dt9rZN21kVEBv-AxA2R3vrOaCmMZeJY_hWdUuV1M0yAInyqpKCnRXwdYtnbATXml7onhH4s_qSCaJrFE1aPZZii-p5X00pkBwo7PWrEGoH7xYBDe9OHszQumNEenKiMZIaE0RK89jAAin42ua-48FVIjOnFe3SjokOsgUJafL9lztLksewbILNwc_z5l8kKeHRrXy3QMr5Y6Xf_2A9Gcn9qdl1apNsqknwkCKd6D91AF4E9a0l2WxGxstEOfk5yIhcn-5RdgHIyBvWF6dy11p5a2wjTrNP3uIdtKvybR1PgRRhbJqbW3XGcfVylTJFNZWl6QTAEvxUq_hBEaEdlrw_pKHNefqEwnRbUe23uxIBpsRkfDUrArSylzIU3fsoAB2X5rbXrzAGp_m8F-AHjhnWiu-O6PktC15A5NnCnFFkjVrMadG2pTJuShqgoypG7g6cglZjjhngMV8pjFjplC3Xpg3D67rZkPrjWLfQSF6_Tm3yenDwBerdLb0qK3yoUgBqCyy2bvy7NaGKuwSKXiBMAvKgMyk7e9xEqtW9wpiRN769A8IUkpKP2vimp7FAmThrzOdYk-Kq55ny9bqBbfJjzvGFBEScQFix2HyPR428UfM9muxpa_MtZhLhbV0p1FYKBcBow3bVf77RehcDgsB_rvP24L2k81s4D0lFmKGdJs47QKF4Tr1BnMKQIuNslfSB86c16T4KALbl8DdjJa6ShjMft5lVyDZR-aS4nJK-ob6WBvV_rsRjvtdPz8pGWQuav1rFIZSewpKc4-PYhQA4jUy32slM3_GK1fP78qzGoNnXm0eziiLivfJ0vrOzulKq08dJbT-mO_lOUixFMuWbxCppCbODHe69RLoE8KrXfNDZmowfBm4y-2s2Y-dCgj029DUrmafH948xyz7slSF9c9-dCeH9hRGGstHiictN9l9jjux3OjDDmqzSNnBfBk48hOLRC_L7LX8sGqH4Vjbk72_hruiYyaQ3RxqFCd4OSb81MhjDmPzL_nw9RVLqGH_IHYzF5TEb37eS7Brvzrp_p5kXZS15oLQf09Zl-5QpWyI9UJ_EIT68OSSx-6nrp5UNb_fjJ69YaOGUzP4cxWZSBRELkmnqvXtgehFZIQnaiYshHLm2IsZen2-pivNeiAKFSlB6n9vFXrPa3nPO8Dg4PnP69rc&cid=CAASEuRowpkufxrHPxxP7NM4y6Ug4g&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
63e6145f79ab19cd5b2cdbec2cba1353019fe4618bf66bb6dcefbc3d4daf76b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33831
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4263 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AS4BvEiJpzGp6WS6LilcOGMZsm_wU8Yvhn7MUBwxXAsRDHPf1BwCLcD_16ykr7IB65rbOil_T0BhPDRx5S9rOYFGBX1uAerNN0naBWV8_WKUfllzQ
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4263 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 16:07:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4263 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
764
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 21:45:41 GMT
l
www.google.com/ads/measurement/ Frame 4263 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRNReGaRwzfVtfCS7AXj8-pDXUyU-mYV2zPyFYMCibfABfh6m8rgG1PQW_EBB6HNfM5h7z2I8Qbj0fwp_CZswn0--v3g
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4263 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 21:58:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78F7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
25605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:51:41 GMT
expires
Wed, 23 Aug 2023 14:51:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A5E0 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
b5c8d6f94cf1f3d3718bee90969823d4c0ab35fbb1b6647eea7a7c66f94f5d78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5AIrJasQgW-4GBTexdEqPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-5AIrJasQgW-4GBTexdEqPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:26 GMT
expires
Tue, 23 Aug 2022 21:58:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D78 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
25605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:51:41 GMT
expires
Wed, 23 Aug 2023 14:51:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7990 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
53877e0361b3747340639d5edc8c040a59031e8207ace7e97258f8499771d857
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jplRGfBcYwGGAsTcsQiXRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-jplRGfBcYwGGAsTcsQiXRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:26 GMT
expires
Tue, 23 Aug 2022 21:58:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame A881 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUPFKsUYcM9yZmyYSsRsr6E7VyFB5YaXWQphA1f5TQeGir9lN8d5aFsF6-wLRCAZaiuKIlTN5rN8oKSQj3uVZGuKJN5-A
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B303 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_0rGbQiQSpDr_X8pyvV8fthhbPC2XPqzTCFAqUXn2NFR1pcxKTl5WcPe1YDtPtssYWZPo-sjl4sfla4UYdnZrOGzbbQ&cry=1&dbm_d=AKAmf-Arszjx0JUMrtm63A4zZS0sRTBgCKbSYsT328paB-ZjMPlfTQuW-F_tM5zQKpoCqvJsIFbvZ6A_cagcGYCUEcZmuaUedIVuAapWI6tc3rSo49J0eNKOsLVk4tXnwwDx4QkONEq6NEwim2EngxyWHSCvoCC4O5nx0FCkItIJ3nWte7mMqX3JBipb9PByrOQFVfGcSBJJYdbkRig6A81lZ94k5Y81Hn-wFJdc4O1LeAgxDx9uAnmWTO4OTcBSRAF_nl4UGnatf-Mu6GSoTM9CfXy21oNKauszbd_BpEUXAb-cSHHnfuE-gpX4I0OsFPFccgoeyi1XPqy2oo12LjbMHSYEvjM7y0Vo6kiX_MqVEwViqEksfUcV2nYVFtw3oCwI-8SJPfEdChvs3V-GPdFiTauusovMAYnBt_Y78nf66KUegvcpnf6H04smKHEV8P3Ue29C9m-CoHnRWv9Q9E28OsFG0jurdmlwAIODWiFYQ4F_TAPHvzxYyTsE7enMAAP6qwtwlIpq37-YWE2H45SFQZr1GWn5WxbSWXqu80pzS3qqDaW-KL23DPhSXlUKJArnkSG91Z97kNX3prETGqmxhsoX4zhvQtu3qxWG2gcRWkk54ItsgkAUXcyc-Fpp7Msl9eOJ9qgdAsxwYruowdPjktrT7uyFHjoWETT_t3EoDhhzVBW2xBB7MUOimaNAjFXhddV7TuR2yOhOt-2UriB2ZnCQsxxn0ynB5xirlXQE0VdtMPrM58dcnsy2xDSaqJ2iNRepRPqr6PaHJleoH6okbGM92dP28SmZsgb7CTN9vpwuLprErNiigtEPrJBJce45jneOn71J8OJfqS-CrOQIztJVIaD8Niyp3tsqhsvXOVCU_lfBmAESqBHDeQb4HOOzqiJlTMQgO57_l5yiiRZMe43rCwMnOVzNRxPqsUg1xRbkVVUXlCN7yFJZap-m-GCcRawz0JcAFebXwmZ2SlJKZEqiNWv3EVM-zxbVrz5SVwkf4cLHrm0jBUh0NYioTabDvsRJRhs_92oHW8Kpq2dnQdG8fyJZF1jWRMev3tbDf__I_t7kRcw5vJMRrOENk8IK6AvIaiEO30ij7wNdI3kaJ5JDo7U0CMCmSPksG-pI0063UhIbWR17wHlzxhWPgc3Ay5ntTGhvB3cyrNrGA_jZqvAPLdq6a5P5m8dsd-sKmatPUJwwdNiFnT2XwWmc-8f7i1qfT0R0a155ljEaGSLUYp0ZVjQChiN9cTrrCTrDt84Nkhz5Z1mDE21VO6RqGvrQFbHgzvsW0JCwYOIPLDv26a1W13ybPv62PNUmIh3sHnpLKTOv6tWASerRHoK5jddnfzY6VSHC_UgbytKEvxXETte5opx3qu6zG9ACkDIKTPhaxLvLOMTTJHF8LpD-MMq-pXPDUVlMnjkQPA1FcHdg2eIVLpRP4lt8UJEPYvLLKccNWgb9daiUQ5wUArpW5uPqHvZqDv_BFJ91C6lw3xyT3RQv2-qGDLn-KcZCX7GsRjJH_9_kibqNAZjx_ZOce-FMHJ6dtsuhYcBSIDBgOOiCPB7ai_IWweFftb-oT_hW6kkAmZjYr0mpFPU-9kC3Lk6Uw-VyFnng4l7-kIg3-yRlXeXUHNPo7Rkhe6sBEYYnLTDKzHxeH4200YG7kmjneuMOSCYOHy_HJKd9EyrWN0lluoza2VjnJsRIp05DRNZP_NNgCl3JfgezNdop1mW_DXlmS9p3u3anTRma3thDAr0NnoWPI2RndalZ0Arj9fCOLMYp_052gVvpObYemhVieKwiSbqyFyEyh1to6kV0ub3jLnA98uODTxo7LrGEnjv_fUOxQjpV5XGSCXr0zbbZcrOrgkMRNeVnZj93PpFlZEp_j_2kbDr3sxdOsSClEM_Uhwm3YkEjbhTZowaFcBKVeLedNzk380wFm80_Eru__Xv_6TJZQ66cpC5GjjU9z4gxdafDtyaqWHIrjF7ZavjClWmnwvrpNYWWo_-HcS00N35xje6fWcrl_aOKJjSuy5mQHOriPNNufWnoI_HGoPySt9Fm2uiyC2OUp4KIBNqrlj68DRc04shItIDr8cWs6gcVU1yBsOtd42l22ZJTqzphC1pOgega8i9e2Gy7Wp7URGXaW-8UpktBz3HaJjfrb3oM2Fx77qF3mU14DPDSNR5yioVZhg4MWp7A1GhvytbveERTJK3TTKTWyHenHE4ujEBH_OXX6_ZbJELd58VMc8Xf0kzfbmC7xstgmCGLwS-jUu3bOHXfC57iBPnfLOJ5yy6sQsR0fRX82ZWf42BxHGjZz1jiJ6fL3MSIt6YhkWGWsJ1SM-QBB7fZ7MavRtOaW-dJOOTrI-OqTrh-oyJhDvuGp1isSUQXXYSF-eTAlRc2mlCwKgr5hP2MwXYU6kFA6bkr9-IR0bIdRPUMAqJa9xQVh7WhoHEZaJpBrFXpR_OQi0YwcI_HaeSHYU-fGoXCMjmls4t3HP92sp8UG5ilxSBpgsVEpJnoGaiEumak8ERpLuSFNE08gvZIdw4yXFIVpJqXerdWU1iyouIEnefvv3eiJq5XDIYAF6VbgpT5i04tdz3bZIZftbl5ybTa66oODI8aUYVrNPZcAWtq45DhHX1HRM0a5aELLEdw6MGtAIvbotq84zZWSSyPpHc0hx9EZ5OfAriXYXrnt4l8NUIQvOSNRbI3STntKXnLnuq48Ap-GOsmNxzb-BMMYo6V063kk698nVYIBYE0Qw-wuBlZBT5b08RN9ILo0sq2kXXzKZeVI8UBXdAzLpuaHJ6X0iL6uNC7d_Vryz6LyIQu4BjtDKztFeTq3DqSJEWGj5RBD3ovxq5TVP_kcpPYDkGKs_s_XqGIrhA1VWj-vUGTzpqWCWb3AenbZi2K39dCUtuMb5kyspI1rLgY_V2mRtUwhAEwlAMZS6r7lgh2K9yrOH6r4s0DUr4oZwT07_eJfgpZ1a9qIO02A10Q2PMpFYBx51eOZnyXhMLHivjI0psJxDqI2PaTPvALDrrIiVNNRSxxXdvJjrD-M0VSxqU1WczR1PkUBdNbVpg-ouoYO_c&cid=CAASEuRoII0T1VRAY9rA_fKh0LenFA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
7d4cb9017609e393b60d95eae88c62982b5302da28f6471f6703f40faa6cae08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33913
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B303 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bwlvqc8xTejvNyvCYxnqf5UfdUDDLZRxlP3ep_IUgntO6RdtxUal27G-lrHxWP1Fl-_mTWo4mgirSwm0L-asJ2fnQiU0VTcvHPZs8IQ-bKh1RK_O0
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame B303 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 16:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21077
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 16:07:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame B303 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
765
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 21:45:41 GMT
l
www.google.com/ads/measurement/ Frame B303 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1-ckoqOlmh9IfS7I4HoQbQN7RM1Yon9zBvJbXGhE66KanMsz86XxUVHFqAJc6h0d0Vt7HWuEDk_rHjuqvG7snJMC2nw
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B303 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 21:58:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2767 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
25605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:51:41 GMT
expires
Wed, 23 Aug 2023 14:51:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8622 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
9227a2b727a56bbb844d5a0ff597900247d31c99915ec4575e5def9d05b53a02
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W3XbnyheFNfcopfUWn6hBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-W3XbnyheFNfcopfUWn6hBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:26 GMT
expires
Tue, 23 Aug 2022 21:58:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame B530
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdugrFtYYBLP8xhT0tuw-c&google_cver=1
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdugrFtYYBLP8xhT0tuw-c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUrl3EKGB2M6KgDhKlnXs1vYU8t9ljSygZPlQ1Pd615aBlFLdg6ilXI_WLEze_EDfUbh13MrC6HYpmAEUAgHTn4kKlXjg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f71c110b1ea94d-SYD
pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7phPE9PMGuMR%2BgXaNIe800HIVrBNQMHxqADy%2FKarxWr5jrLsGo09TVnszi67Rz01QWMnvtUU2lnlcyKQKNLN59x5OouyDc9KogTKjyFqk988sSeoujOaIC08gzoZoqaXywn0M%2FdwRVvCpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdugrFtYYBLP8xhT0tuw-c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B530
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwVNgsAPPFP6JIPwNgPsQgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdugrFtYYBLP8xhT0tuw-c&google_cver=1
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdugrFtYYBLP8xhT0tuw-c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUrl3EKGB2M6KgDhKlnXs1vYU8t9ljSygZPlQ1Pd615aBlFLdg6ilXI_WLEze_EDfUbh13MrC6HYpmAEUAgHTn4kKlXjg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f71c15cf6da94d-SYD
pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czeBJ%2Baj9qhxwRZQ%2FUdjrATmkMZQiaLVXVZm41Y1e%2Fzs6K%2BYAsHtlG3zGvyS8VnHqvnrcJ7O0UNMkGxwyTPEH35Q4eBB%2BsqP05pEC1f8y0EXSeaku17TcOFLK7LohLE1Evzj2gOa%2B8Oy3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdugrFtYYBLP8xhT0tuw-c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B530
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKWOJIBLzC-BTLjS-ndmNb8&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKWOJIBLzC-BTLjS-ndmNb8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUrl3EKGB2M6KgDhKlnXs1vYU8t9ljSygZPlQ1Pd615aBlFLdg6ilXI_WLEze_EDfUbh13MrC6HYpmAEUAgHTn4kKlXjg
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 21:58:26 GMT
X-Proxy-Origin
173.245.209.166; 173.245.209.166; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0439b1a1-1772-4c22-8cfb-54525acbaf82
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKWOJIBLzC-BTLjS-ndmNb8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B530
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2MTkyMjYwNTc4OTA4ODQ0OA%3D%3D
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2MTkyMjYwNTc4OTA4ODQ0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUrl3EKGB2M6KgDhKlnXs1vYU8t9ljSygZPlQ1Pd615aBlFLdg6ilXI_WLEze_EDfUbh13MrC6HYpmAEUAgHTn4kKlXjg
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 21:58:26 GMT
X-Proxy-Origin
173.245.209.166; 173.245.209.166; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
28b668e2-962d-4fc6-9b2f-f69bb66c11a7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE2MTkyMjYwNTc4OTA4ODQ0OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 526C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
25605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:51:41 GMT
expires
Wed, 23 Aug 2023 14:51:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C435 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
9b91a37ebcc7205e8252d128dd440c93a14ea1b2b70ebfa7cecf10e915b24550
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5Y_DRClGVRK8aQAq3p_vtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-5Y_DRClGVRK8aQAq3p_vtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:26 GMT
expires
Tue, 23 Aug 2022 21:58:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4263 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
Origin
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 08:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Aug 2022 08:23:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 4263 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An-Bonpk_07SatTTts1PSNpUdWE7_e7ruGmtlDetdxaq9NuXNiY3TOYAGhMEEnVm7Y0T409DrXH_RJYdn2kYqAOj8hiA&cry=1&dbm_d=AKAmf-D_mexhMvIDHdn9ZVXDLJK5D_Ih4JvNGkeM8r4B6C_neR2s4AR4nSrlYzE-PyATfEA5hWCRfAcDBnnReljvO4OBBE5MorWaSxG3mMqjzCh4MzAs4rGhHaB0-rQ7FjMA8ZygQko_JtgSKKtfFyBPMMm14eoTAVS9VjsIYzeR1IKF2WtC701H_zXJZlrw1UcQozbem2HIhdz7jDOqXPMMeZxTWzKSC6HX45Jsa0UH_byGyO-IbT4u0UdCayNwHQavAh0xTA-fS7FSGysL2pynj3a1OhflN02_Heh88QvAuk1my1gLVyzZ4kK8FxLYLtrvUyOhiem06JSVYokBZ0WghyFwhHvK3XhDkgx5YbQBan96Lw7o0y6bo0ea-XFRCSlh_v6GEs6hFmzQLM17ak2uHFXRtp5mrKFVtilhmerYHU2GHXWpwva0weZuAVHsH8fw00UEEDgT4G5usDvApI4Rm1pux_UVkhteHfoKORY2NDnQdEh-PpnDPqvqza_mCmCG9Wmfc3W4zG2-3bPQhDFJHIJI1lgP4ShHKKRwAMd62-ftnYFwlEd27JgunB77S3EUmmAE08dT-ZXATGNhCRtB8d-wC55sI7_3SsLL-d_FSV9ZUkUm6Q515xzecA1hkUHza8E2o22IyIoqM17AgAuK5utIiRvxQsoDv_eYCuWzI4NuAHcjyU63zrR4VovyC_DoJtdLAGWJmGcBYdJeJZHet9ZDBQUGggD6tANAxLjZaWnNKPKAxqAszLV6p491MEAVcMiDFnjMvs1-NsZPWZtrULCXDSo-UGimg3aBdvJ1ZQvM5kan79IPhxB8d0CXxgu0qSSP6k3C7ybBKBJyc2nJ5pGxTKpjzfAnzmUWMo-ZvVCr5V2YidQH7Yp_V-R8grZJxUh86CbNDnVzswhbhUmRbOo_-kh1g7wTwAxLtwdfE-hIsKKABIttAH5Hduev5QxNXg8rPcCAejOTlZHOD0OiRi_EaPNy9HKFUNoYvbeV0CpUR0PGcOSuzjowsBsfzWw2EfToSdF3UKwuVDgji-EF6tt9L_YdZkAYoVKLuxt9wAJpLibZRd7c_d8MwtGKcT3vnBt3HpzsAPqao_-glh8GTXwN7Q-oCRb7EcoQP0o_BSxU_gSZY7ruGHItyMshfhGviL9njUEaJOFEhMYKQ9MQTWccDOEyqODtW-mB8s6k7xiteg9diPT52AYruvaMHvru7avUE5AzhIOpPlzP_cuN1hYQ8EE5qi7djA4Y5WE7jCGhl50Cs_Gv4_u4xAZpQe2ektn0c2MigLRUZlNLizcQHy28pq7R3mKpclmFWEQLeTbK2Gimkpjw95aTByn2CFhBPSsbB7bM8sSO2jggMCOTPKt_Y82fL8MfUxf1fnuT6fX0FoM-BHqnWS20hPQgTbueVZuJehfyRIsQxsz4Jff1S1DJjlAjYWLd9-ONAlHrE3fKHdIg868dt58kFCXVTdXqLe4wIDNbs2cxpY-631699e0iRVFO0Z7ZLO2C8kViHsNpq9vHXYzJrFxG-gbohW4dCW0UeJPOKF2PtOEl-XKffbr1jOdS4Gq7TnVzgtGOw8b6qy42zSzUPoIz73HzxvK16DXtyUXRKY4nWeUrggPapKlTLlClQn1Ql5wTpPe7GpNLbzpLmp2cmWlzLsVGtAwyDMXFNfJIAg5x4f31dszSSLCjUFPcY27oJ5kLoRL094GmDtFpycagpCso2RPv0TY-rFIabe4PMLqXph3Di4Ax73pQp8yOOPAAPGfyArXEteQPOy5IeMsAB0zHaih0oZPxw71wDtNjIS7eqgLOlYO3T6fKVe0ndZZQt0hajCbXrXSkKblGkg8kToqN0QMo5ErvMaWAjiHs9DmRTiifmBv8Z9Dt9rZN21kVEBv-AxA2R3vrOaCmMZeJY_hWdUuV1M0yAInyqpKCnRXwdYtnbATXml7onhH4s_qSCaJrFE1aPZZii-p5X00pkBwo7PWrEGoH7xYBDe9OHszQumNEenKiMZIaE0RK89jAAin42ua-48FVIjOnFe3SjokOsgUJafL9lztLksewbILNwc_z5l8kKeHRrXy3QMr5Y6Xf_2A9Gcn9qdl1apNsqknwkCKd6D91AF4E9a0l2WxGxstEOfk5yIhcn-5RdgHIyBvWF6dy11p5a2wjTrNP3uIdtKvybR1PgRRhbJqbW3XGcfVylTJFNZWl6QTAEvxUq_hBEaEdlrw_pKHNefqEwnRbUe23uxIBpsRkfDUrArSylzIU3fsoAB2X5rbXrzAGp_m8F-AHjhnWiu-O6PktC15A5NnCnFFkjVrMadG2pTJuShqgoypG7g6cglZjjhngMV8pjFjplC3Xpg3D67rZkPrjWLfQSF6_Tm3yenDwBerdLb0qK3yoUgBqCyy2bvy7NaGKuwSKXiBMAvKgMyk7e9xEqtW9wpiRN769A8IUkpKP2vimp7FAmThrzOdYk-Kq55ny9bqBbfJjzvGFBEScQFix2HyPR428UfM9muxpa_MtZhLhbV0p1FYKBcBow3bVf77RehcDgsB_rvP24L2k81s4D0lFmKGdJs47QKF4Tr1BnMKQIuNslfSB86c16T4KALbl8DdjJa6ShjMft5lVyDZR-aS4nJK-ob6WBvV_rsRjvtdPz8pGWQuav1rFIZSewpKc4-PYhQA4jUy32slM3_GK1fP78qzGoNnXm0eziiLivfJ0vrOzulKq08dJbT-mO_lOUixFMuWbxCppCbODHe69RLoE8KrXfNDZmowfBm4y-2s2Y-dCgj029DUrmafH948xyz7slSF9c9-dCeH9hRGGstHiictN9l9jjux3OjDDmqzSNnBfBk48hOLRC_L7LX8sGqH4Vjbk72_hruiYyaQ3RxqFCd4OSb81MhjDmPzL_nw9RVLqGH_IHYzF5TEb37eS7Brvzrp_p5kXZS15oLQf09Zl-5QpWyI9UJ_EIT68OSSx-6nrp5UNb_fjJ69YaOGUzP4cxWZSBRELkmnqvXtgehFZIQnaiYshHLm2IsZen2-pivNeiAKFSlB6n9vFXrPa3nPO8Dg4PnP69rc&cid=CAASEuRowpkufxrHPxxP7NM4y6Ug4g&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:09:13 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 4263 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An-Bonpk_07SatTTts1PSNpUdWE7_e7ruGmtlDetdxaq9NuXNiY3TOYAGhMEEnVm7Y0T409DrXH_RJYdn2kYqAOj8hiA&cry=1&dbm_d=AKAmf-D_mexhMvIDHdn9ZVXDLJK5D_Ih4JvNGkeM8r4B6C_neR2s4AR4nSrlYzE-PyATfEA5hWCRfAcDBnnReljvO4OBBE5MorWaSxG3mMqjzCh4MzAs4rGhHaB0-rQ7FjMA8ZygQko_JtgSKKtfFyBPMMm14eoTAVS9VjsIYzeR1IKF2WtC701H_zXJZlrw1UcQozbem2HIhdz7jDOqXPMMeZxTWzKSC6HX45Jsa0UH_byGyO-IbT4u0UdCayNwHQavAh0xTA-fS7FSGysL2pynj3a1OhflN02_Heh88QvAuk1my1gLVyzZ4kK8FxLYLtrvUyOhiem06JSVYokBZ0WghyFwhHvK3XhDkgx5YbQBan96Lw7o0y6bo0ea-XFRCSlh_v6GEs6hFmzQLM17ak2uHFXRtp5mrKFVtilhmerYHU2GHXWpwva0weZuAVHsH8fw00UEEDgT4G5usDvApI4Rm1pux_UVkhteHfoKORY2NDnQdEh-PpnDPqvqza_mCmCG9Wmfc3W4zG2-3bPQhDFJHIJI1lgP4ShHKKRwAMd62-ftnYFwlEd27JgunB77S3EUmmAE08dT-ZXATGNhCRtB8d-wC55sI7_3SsLL-d_FSV9ZUkUm6Q515xzecA1hkUHza8E2o22IyIoqM17AgAuK5utIiRvxQsoDv_eYCuWzI4NuAHcjyU63zrR4VovyC_DoJtdLAGWJmGcBYdJeJZHet9ZDBQUGggD6tANAxLjZaWnNKPKAxqAszLV6p491MEAVcMiDFnjMvs1-NsZPWZtrULCXDSo-UGimg3aBdvJ1ZQvM5kan79IPhxB8d0CXxgu0qSSP6k3C7ybBKBJyc2nJ5pGxTKpjzfAnzmUWMo-ZvVCr5V2YidQH7Yp_V-R8grZJxUh86CbNDnVzswhbhUmRbOo_-kh1g7wTwAxLtwdfE-hIsKKABIttAH5Hduev5QxNXg8rPcCAejOTlZHOD0OiRi_EaPNy9HKFUNoYvbeV0CpUR0PGcOSuzjowsBsfzWw2EfToSdF3UKwuVDgji-EF6tt9L_YdZkAYoVKLuxt9wAJpLibZRd7c_d8MwtGKcT3vnBt3HpzsAPqao_-glh8GTXwN7Q-oCRb7EcoQP0o_BSxU_gSZY7ruGHItyMshfhGviL9njUEaJOFEhMYKQ9MQTWccDOEyqODtW-mB8s6k7xiteg9diPT52AYruvaMHvru7avUE5AzhIOpPlzP_cuN1hYQ8EE5qi7djA4Y5WE7jCGhl50Cs_Gv4_u4xAZpQe2ektn0c2MigLRUZlNLizcQHy28pq7R3mKpclmFWEQLeTbK2Gimkpjw95aTByn2CFhBPSsbB7bM8sSO2jggMCOTPKt_Y82fL8MfUxf1fnuT6fX0FoM-BHqnWS20hPQgTbueVZuJehfyRIsQxsz4Jff1S1DJjlAjYWLd9-ONAlHrE3fKHdIg868dt58kFCXVTdXqLe4wIDNbs2cxpY-631699e0iRVFO0Z7ZLO2C8kViHsNpq9vHXYzJrFxG-gbohW4dCW0UeJPOKF2PtOEl-XKffbr1jOdS4Gq7TnVzgtGOw8b6qy42zSzUPoIz73HzxvK16DXtyUXRKY4nWeUrggPapKlTLlClQn1Ql5wTpPe7GpNLbzpLmp2cmWlzLsVGtAwyDMXFNfJIAg5x4f31dszSSLCjUFPcY27oJ5kLoRL094GmDtFpycagpCso2RPv0TY-rFIabe4PMLqXph3Di4Ax73pQp8yOOPAAPGfyArXEteQPOy5IeMsAB0zHaih0oZPxw71wDtNjIS7eqgLOlYO3T6fKVe0ndZZQt0hajCbXrXSkKblGkg8kToqN0QMo5ErvMaWAjiHs9DmRTiifmBv8Z9Dt9rZN21kVEBv-AxA2R3vrOaCmMZeJY_hWdUuV1M0yAInyqpKCnRXwdYtnbATXml7onhH4s_qSCaJrFE1aPZZii-p5X00pkBwo7PWrEGoH7xYBDe9OHszQumNEenKiMZIaE0RK89jAAin42ua-48FVIjOnFe3SjokOsgUJafL9lztLksewbILNwc_z5l8kKeHRrXy3QMr5Y6Xf_2A9Gcn9qdl1apNsqknwkCKd6D91AF4E9a0l2WxGxstEOfk5yIhcn-5RdgHIyBvWF6dy11p5a2wjTrNP3uIdtKvybR1PgRRhbJqbW3XGcfVylTJFNZWl6QTAEvxUq_hBEaEdlrw_pKHNefqEwnRbUe23uxIBpsRkfDUrArSylzIU3fsoAB2X5rbXrzAGp_m8F-AHjhnWiu-O6PktC15A5NnCnFFkjVrMadG2pTJuShqgoypG7g6cglZjjhngMV8pjFjplC3Xpg3D67rZkPrjWLfQSF6_Tm3yenDwBerdLb0qK3yoUgBqCyy2bvy7NaGKuwSKXiBMAvKgMyk7e9xEqtW9wpiRN769A8IUkpKP2vimp7FAmThrzOdYk-Kq55ny9bqBbfJjzvGFBEScQFix2HyPR428UfM9muxpa_MtZhLhbV0p1FYKBcBow3bVf77RehcDgsB_rvP24L2k81s4D0lFmKGdJs47QKF4Tr1BnMKQIuNslfSB86c16T4KALbl8DdjJa6ShjMft5lVyDZR-aS4nJK-ob6WBvV_rsRjvtdPz8pGWQuav1rFIZSewpKc4-PYhQA4jUy32slM3_GK1fP78qzGoNnXm0eziiLivfJ0vrOzulKq08dJbT-mO_lOUixFMuWbxCppCbODHe69RLoE8KrXfNDZmowfBm4y-2s2Y-dCgj029DUrmafH948xyz7slSF9c9-dCeH9hRGGstHiictN9l9jjux3OjDDmqzSNnBfBk48hOLRC_L7LX8sGqH4Vjbk72_hruiYyaQ3RxqFCd4OSb81MhjDmPzL_nw9RVLqGH_IHYzF5TEb37eS7Brvzrp_p5kXZS15oLQf09Zl-5QpWyI9UJ_EIT68OSSx-6nrp5UNb_fjJ69YaOGUzP4cxWZSBRELkmnqvXtgehFZIQnaiYshHLm2IsZen2-pivNeiAKFSlB6n9vFXrPa3nPO8Dg4PnP69rc&cid=CAASEuRowpkufxrHPxxP7NM4y6Ug4g&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:29:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5DD3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
25605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:51:41 GMT
expires
Wed, 23 Aug 2023 14:51:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AE57 		783 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
1793538c3e3d2d33f923e9a24b02fe8747ed13c56f872794c3dcbaf905bec7f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hL0LHi5QMg_ggxa_Vr-Wgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-hL0LHi5QMg_ggxa_Vr-Wgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:26 GMT
expires
Tue, 23 Aug 2022 21:58:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01AF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
25605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:51:41 GMT
expires
Wed, 23 Aug 2023 14:51:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C7DD 		783 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
4110d6a21b733510be07a590d0e1d30b05d24f2d9e05fce0b345a40d1d883aba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R7h5_nYg5GG-JMihdeAknA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-R7h5_nYg5GG-JMihdeAknA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:26 GMT
expires
Tue, 23 Aug 2022 21:58:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sd
us-u.openx.net/w/1.0/ Frame A881
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaEQHOuqaZw7dHE6ZSfdjs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaEQHOuqaZw7dHE6ZSfdjs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUPFKsUYcM9yZmyYSsRsr6E7VyFB5YaXWQphA1f5TQeGir9lN8d5aFsF6-wLRCAZaiuKIlTN5rN8oKSQj3uVZGuKJN5-A
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaEQHOuqaZw7dHE6ZSfdjs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A881
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE3Y2VlNzAtMWNhYi0yODU1LWRhZDMtNzk0N2M3M2M1ZDdi
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE3Y2VlNzAtMWNhYi0yODU1LWRhZDMtNzk0N2M3M2M1ZDdi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUPFKsUYcM9yZmyYSsRsr6E7VyFB5YaXWQphA1f5TQeGir9lN8d5aFsF6-wLRCAZaiuKIlTN5rN8oKSQj3uVZGuKJN5-A
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE3Y2VlNzAtMWNhYi0yODU1LWRhZDMtNzk0N2M3M2M1ZDdi
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame A881
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGVsGxXrphLBAfYTiiJlsYM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGVsGxXrphLBAfYTiiJlsYM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUPFKsUYcM9yZmyYSsRsr6E7VyFB5YaXWQphA1f5TQeGir9lN8d5aFsF6-wLRCAZaiuKIlTN5rN8oKSQj3uVZGuKJN5-A
Protocol
H2
Server
23.54.57.83 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 23 Aug 2022 21:58:27 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEGVsGxXrphLBAfYTiiJlsYM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A881
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzQzNzNiZGMtODkwYi00NzlmLTljZmItNTYyY2JmMjBiZDUw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzQzNzNiZGMtODkwYi00NzlmLTljZmItNTYyY2JmMjBiZDUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzRtQIQxZ7VAhiTzKfPATAB&v=APEucNUPFKsUYcM9yZmyYSsRsr6E7VyFB5YaXWQphA1f5TQeGir9lN8d5aFsF6-wLRCAZaiuKIlTN5rN8oKSQj3uVZGuKJN5-A
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzQzNzNiZGMtODkwYi00NzlmLTljZmItNTYyY2JmMjBiZDUw
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Tue, 23 Aug 2022 21:58:27 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B303 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
Origin
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 08:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Aug 2022 08:23:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame B303 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_0rGbQiQSpDr_X8pyvV8fthhbPC2XPqzTCFAqUXn2NFR1pcxKTl5WcPe1YDtPtssYWZPo-sjl4sfla4UYdnZrOGzbbQ&cry=1&dbm_d=AKAmf-Arszjx0JUMrtm63A4zZS0sRTBgCKbSYsT328paB-ZjMPlfTQuW-F_tM5zQKpoCqvJsIFbvZ6A_cagcGYCUEcZmuaUedIVuAapWI6tc3rSo49J0eNKOsLVk4tXnwwDx4QkONEq6NEwim2EngxyWHSCvoCC4O5nx0FCkItIJ3nWte7mMqX3JBipb9PByrOQFVfGcSBJJYdbkRig6A81lZ94k5Y81Hn-wFJdc4O1LeAgxDx9uAnmWTO4OTcBSRAF_nl4UGnatf-Mu6GSoTM9CfXy21oNKauszbd_BpEUXAb-cSHHnfuE-gpX4I0OsFPFccgoeyi1XPqy2oo12LjbMHSYEvjM7y0Vo6kiX_MqVEwViqEksfUcV2nYVFtw3oCwI-8SJPfEdChvs3V-GPdFiTauusovMAYnBt_Y78nf66KUegvcpnf6H04smKHEV8P3Ue29C9m-CoHnRWv9Q9E28OsFG0jurdmlwAIODWiFYQ4F_TAPHvzxYyTsE7enMAAP6qwtwlIpq37-YWE2H45SFQZr1GWn5WxbSWXqu80pzS3qqDaW-KL23DPhSXlUKJArnkSG91Z97kNX3prETGqmxhsoX4zhvQtu3qxWG2gcRWkk54ItsgkAUXcyc-Fpp7Msl9eOJ9qgdAsxwYruowdPjktrT7uyFHjoWETT_t3EoDhhzVBW2xBB7MUOimaNAjFXhddV7TuR2yOhOt-2UriB2ZnCQsxxn0ynB5xirlXQE0VdtMPrM58dcnsy2xDSaqJ2iNRepRPqr6PaHJleoH6okbGM92dP28SmZsgb7CTN9vpwuLprErNiigtEPrJBJce45jneOn71J8OJfqS-CrOQIztJVIaD8Niyp3tsqhsvXOVCU_lfBmAESqBHDeQb4HOOzqiJlTMQgO57_l5yiiRZMe43rCwMnOVzNRxPqsUg1xRbkVVUXlCN7yFJZap-m-GCcRawz0JcAFebXwmZ2SlJKZEqiNWv3EVM-zxbVrz5SVwkf4cLHrm0jBUh0NYioTabDvsRJRhs_92oHW8Kpq2dnQdG8fyJZF1jWRMev3tbDf__I_t7kRcw5vJMRrOENk8IK6AvIaiEO30ij7wNdI3kaJ5JDo7U0CMCmSPksG-pI0063UhIbWR17wHlzxhWPgc3Ay5ntTGhvB3cyrNrGA_jZqvAPLdq6a5P5m8dsd-sKmatPUJwwdNiFnT2XwWmc-8f7i1qfT0R0a155ljEaGSLUYp0ZVjQChiN9cTrrCTrDt84Nkhz5Z1mDE21VO6RqGvrQFbHgzvsW0JCwYOIPLDv26a1W13ybPv62PNUmIh3sHnpLKTOv6tWASerRHoK5jddnfzY6VSHC_UgbytKEvxXETte5opx3qu6zG9ACkDIKTPhaxLvLOMTTJHF8LpD-MMq-pXPDUVlMnjkQPA1FcHdg2eIVLpRP4lt8UJEPYvLLKccNWgb9daiUQ5wUArpW5uPqHvZqDv_BFJ91C6lw3xyT3RQv2-qGDLn-KcZCX7GsRjJH_9_kibqNAZjx_ZOce-FMHJ6dtsuhYcBSIDBgOOiCPB7ai_IWweFftb-oT_hW6kkAmZjYr0mpFPU-9kC3Lk6Uw-VyFnng4l7-kIg3-yRlXeXUHNPo7Rkhe6sBEYYnLTDKzHxeH4200YG7kmjneuMOSCYOHy_HJKd9EyrWN0lluoza2VjnJsRIp05DRNZP_NNgCl3JfgezNdop1mW_DXlmS9p3u3anTRma3thDAr0NnoWPI2RndalZ0Arj9fCOLMYp_052gVvpObYemhVieKwiSbqyFyEyh1to6kV0ub3jLnA98uODTxo7LrGEnjv_fUOxQjpV5XGSCXr0zbbZcrOrgkMRNeVnZj93PpFlZEp_j_2kbDr3sxdOsSClEM_Uhwm3YkEjbhTZowaFcBKVeLedNzk380wFm80_Eru__Xv_6TJZQ66cpC5GjjU9z4gxdafDtyaqWHIrjF7ZavjClWmnwvrpNYWWo_-HcS00N35xje6fWcrl_aOKJjSuy5mQHOriPNNufWnoI_HGoPySt9Fm2uiyC2OUp4KIBNqrlj68DRc04shItIDr8cWs6gcVU1yBsOtd42l22ZJTqzphC1pOgega8i9e2Gy7Wp7URGXaW-8UpktBz3HaJjfrb3oM2Fx77qF3mU14DPDSNR5yioVZhg4MWp7A1GhvytbveERTJK3TTKTWyHenHE4ujEBH_OXX6_ZbJELd58VMc8Xf0kzfbmC7xstgmCGLwS-jUu3bOHXfC57iBPnfLOJ5yy6sQsR0fRX82ZWf42BxHGjZz1jiJ6fL3MSIt6YhkWGWsJ1SM-QBB7fZ7MavRtOaW-dJOOTrI-OqTrh-oyJhDvuGp1isSUQXXYSF-eTAlRc2mlCwKgr5hP2MwXYU6kFA6bkr9-IR0bIdRPUMAqJa9xQVh7WhoHEZaJpBrFXpR_OQi0YwcI_HaeSHYU-fGoXCMjmls4t3HP92sp8UG5ilxSBpgsVEpJnoGaiEumak8ERpLuSFNE08gvZIdw4yXFIVpJqXerdWU1iyouIEnefvv3eiJq5XDIYAF6VbgpT5i04tdz3bZIZftbl5ybTa66oODI8aUYVrNPZcAWtq45DhHX1HRM0a5aELLEdw6MGtAIvbotq84zZWSSyPpHc0hx9EZ5OfAriXYXrnt4l8NUIQvOSNRbI3STntKXnLnuq48Ap-GOsmNxzb-BMMYo6V063kk698nVYIBYE0Qw-wuBlZBT5b08RN9ILo0sq2kXXzKZeVI8UBXdAzLpuaHJ6X0iL6uNC7d_Vryz6LyIQu4BjtDKztFeTq3DqSJEWGj5RBD3ovxq5TVP_kcpPYDkGKs_s_XqGIrhA1VWj-vUGTzpqWCWb3AenbZi2K39dCUtuMb5kyspI1rLgY_V2mRtUwhAEwlAMZS6r7lgh2K9yrOH6r4s0DUr4oZwT07_eJfgpZ1a9qIO02A10Q2PMpFYBx51eOZnyXhMLHivjI0psJxDqI2PaTPvALDrrIiVNNRSxxXdvJjrD-M0VSxqU1WczR1PkUBdNbVpg-ouoYO_c&cid=CAASEuRoII0T1VRAY9rA_fKh0LenFA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:09:13 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame B303 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_0rGbQiQSpDr_X8pyvV8fthhbPC2XPqzTCFAqUXn2NFR1pcxKTl5WcPe1YDtPtssYWZPo-sjl4sfla4UYdnZrOGzbbQ&cry=1&dbm_d=AKAmf-Arszjx0JUMrtm63A4zZS0sRTBgCKbSYsT328paB-ZjMPlfTQuW-F_tM5zQKpoCqvJsIFbvZ6A_cagcGYCUEcZmuaUedIVuAapWI6tc3rSo49J0eNKOsLVk4tXnwwDx4QkONEq6NEwim2EngxyWHSCvoCC4O5nx0FCkItIJ3nWte7mMqX3JBipb9PByrOQFVfGcSBJJYdbkRig6A81lZ94k5Y81Hn-wFJdc4O1LeAgxDx9uAnmWTO4OTcBSRAF_nl4UGnatf-Mu6GSoTM9CfXy21oNKauszbd_BpEUXAb-cSHHnfuE-gpX4I0OsFPFccgoeyi1XPqy2oo12LjbMHSYEvjM7y0Vo6kiX_MqVEwViqEksfUcV2nYVFtw3oCwI-8SJPfEdChvs3V-GPdFiTauusovMAYnBt_Y78nf66KUegvcpnf6H04smKHEV8P3Ue29C9m-CoHnRWv9Q9E28OsFG0jurdmlwAIODWiFYQ4F_TAPHvzxYyTsE7enMAAP6qwtwlIpq37-YWE2H45SFQZr1GWn5WxbSWXqu80pzS3qqDaW-KL23DPhSXlUKJArnkSG91Z97kNX3prETGqmxhsoX4zhvQtu3qxWG2gcRWkk54ItsgkAUXcyc-Fpp7Msl9eOJ9qgdAsxwYruowdPjktrT7uyFHjoWETT_t3EoDhhzVBW2xBB7MUOimaNAjFXhddV7TuR2yOhOt-2UriB2ZnCQsxxn0ynB5xirlXQE0VdtMPrM58dcnsy2xDSaqJ2iNRepRPqr6PaHJleoH6okbGM92dP28SmZsgb7CTN9vpwuLprErNiigtEPrJBJce45jneOn71J8OJfqS-CrOQIztJVIaD8Niyp3tsqhsvXOVCU_lfBmAESqBHDeQb4HOOzqiJlTMQgO57_l5yiiRZMe43rCwMnOVzNRxPqsUg1xRbkVVUXlCN7yFJZap-m-GCcRawz0JcAFebXwmZ2SlJKZEqiNWv3EVM-zxbVrz5SVwkf4cLHrm0jBUh0NYioTabDvsRJRhs_92oHW8Kpq2dnQdG8fyJZF1jWRMev3tbDf__I_t7kRcw5vJMRrOENk8IK6AvIaiEO30ij7wNdI3kaJ5JDo7U0CMCmSPksG-pI0063UhIbWR17wHlzxhWPgc3Ay5ntTGhvB3cyrNrGA_jZqvAPLdq6a5P5m8dsd-sKmatPUJwwdNiFnT2XwWmc-8f7i1qfT0R0a155ljEaGSLUYp0ZVjQChiN9cTrrCTrDt84Nkhz5Z1mDE21VO6RqGvrQFbHgzvsW0JCwYOIPLDv26a1W13ybPv62PNUmIh3sHnpLKTOv6tWASerRHoK5jddnfzY6VSHC_UgbytKEvxXETte5opx3qu6zG9ACkDIKTPhaxLvLOMTTJHF8LpD-MMq-pXPDUVlMnjkQPA1FcHdg2eIVLpRP4lt8UJEPYvLLKccNWgb9daiUQ5wUArpW5uPqHvZqDv_BFJ91C6lw3xyT3RQv2-qGDLn-KcZCX7GsRjJH_9_kibqNAZjx_ZOce-FMHJ6dtsuhYcBSIDBgOOiCPB7ai_IWweFftb-oT_hW6kkAmZjYr0mpFPU-9kC3Lk6Uw-VyFnng4l7-kIg3-yRlXeXUHNPo7Rkhe6sBEYYnLTDKzHxeH4200YG7kmjneuMOSCYOHy_HJKd9EyrWN0lluoza2VjnJsRIp05DRNZP_NNgCl3JfgezNdop1mW_DXlmS9p3u3anTRma3thDAr0NnoWPI2RndalZ0Arj9fCOLMYp_052gVvpObYemhVieKwiSbqyFyEyh1to6kV0ub3jLnA98uODTxo7LrGEnjv_fUOxQjpV5XGSCXr0zbbZcrOrgkMRNeVnZj93PpFlZEp_j_2kbDr3sxdOsSClEM_Uhwm3YkEjbhTZowaFcBKVeLedNzk380wFm80_Eru__Xv_6TJZQ66cpC5GjjU9z4gxdafDtyaqWHIrjF7ZavjClWmnwvrpNYWWo_-HcS00N35xje6fWcrl_aOKJjSuy5mQHOriPNNufWnoI_HGoPySt9Fm2uiyC2OUp4KIBNqrlj68DRc04shItIDr8cWs6gcVU1yBsOtd42l22ZJTqzphC1pOgega8i9e2Gy7Wp7URGXaW-8UpktBz3HaJjfrb3oM2Fx77qF3mU14DPDSNR5yioVZhg4MWp7A1GhvytbveERTJK3TTKTWyHenHE4ujEBH_OXX6_ZbJELd58VMc8Xf0kzfbmC7xstgmCGLwS-jUu3bOHXfC57iBPnfLOJ5yy6sQsR0fRX82ZWf42BxHGjZz1jiJ6fL3MSIt6YhkWGWsJ1SM-QBB7fZ7MavRtOaW-dJOOTrI-OqTrh-oyJhDvuGp1isSUQXXYSF-eTAlRc2mlCwKgr5hP2MwXYU6kFA6bkr9-IR0bIdRPUMAqJa9xQVh7WhoHEZaJpBrFXpR_OQi0YwcI_HaeSHYU-fGoXCMjmls4t3HP92sp8UG5ilxSBpgsVEpJnoGaiEumak8ERpLuSFNE08gvZIdw4yXFIVpJqXerdWU1iyouIEnefvv3eiJq5XDIYAF6VbgpT5i04tdz3bZIZftbl5ybTa66oODI8aUYVrNPZcAWtq45DhHX1HRM0a5aELLEdw6MGtAIvbotq84zZWSSyPpHc0hx9EZ5OfAriXYXrnt4l8NUIQvOSNRbI3STntKXnLnuq48Ap-GOsmNxzb-BMMYo6V063kk698nVYIBYE0Qw-wuBlZBT5b08RN9ILo0sq2kXXzKZeVI8UBXdAzLpuaHJ6X0iL6uNC7d_Vryz6LyIQu4BjtDKztFeTq3DqSJEWGj5RBD3ovxq5TVP_kcpPYDkGKs_s_XqGIrhA1VWj-vUGTzpqWCWb3AenbZi2K39dCUtuMb5kyspI1rLgY_V2mRtUwhAEwlAMZS6r7lgh2K9yrOH6r4s0DUr4oZwT07_eJfgpZ1a9qIO02A10Q2PMpFYBx51eOZnyXhMLHivjI0psJxDqI2PaTPvALDrrIiVNNRSxxXdvJjrD-M0VSxqU1WczR1PkUBdNbVpg-ouoYO_c&cid=CAASEuRoII0T1VRAY9rA_fKh0LenFA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 17:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:29:21 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
74154c7ad18c0064c7e850437c444e715bc45e0c95111dd1f5a03d8009c806ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:26 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73101
x-xss-protection
0
expires
Tue, 23 Aug 2022 21:58:26 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9odWkteGluLWxpYW5nLWxpYW8tdGlhbi1sb25nLWJhLWJ1LXF1YW4tZnUtZGkteWktdGlhbi1sb25nLWxhLWZlbmctZ2Utc2h1LXhpbmctcHUtZ3VhbmcuaHRtbCIsInRpbWUiOjE2NjEyOTE5MDYzMDZ9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:26 GMT
server
nginx/1.14.0 (Ubuntu)
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4263 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 15:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 15:07:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 487F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
59882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 05:20:24 GMT
etag
48472445140208031
expires
Wed, 24 Aug 2022 05:20:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4263 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00384a0b28ad14f0084a3017711ea0ae568a5a8d3230b98d018cb51621d75d2d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 78F7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
46287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 09:06:59 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 0D78 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
46287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 09:06:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C435 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=125025847797590&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8622 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=4093100677068217&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A5E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=946716645085743&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B303 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 15:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 15:07:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 640F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
59882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 05:20:24 GMT
etag
48472445140208031
expires
Wed, 24 Aug 2022 05:20:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7990 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=636912055933681&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame AE57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220818&jk=1485909513997323&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame C7DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220818&jk=3748902789826819&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHciA4YWhjmbDkplYlRHaOE&google_push=AehlK4ACN8rOFAzQ0vvEdj34psXY7JftDDUdafRzVDKO4aN84OJ6UHz_Xo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHciA4YWhjmbDkplYlRHaOE&google_push=AehlK4ACN8rOFAzQ0vvEdj34psXY7JftDDUdafRzVDKO4aN84OJ6UHz_XobGSAflK8xd5Y0IiSHJZWcKwuorakMXmc6OM187-aiBEVe1cGrjI1_1F_tJADTV3LynZOHVnncxdDFyv2cuXrLf
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1661291907.813674,VS0,VE215
x-served-by
cache-syd10177-SYD
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHciA4YWhjmbDkplYlRHaOE&google_push=AehlK4ACN8rOFAzQ0vvEdj34psXY7JftDDUdafRzVDKO4aN84OJ6UHz_XobGSAflK8xd5Y0IiSHJZWcKwuorakMXmc6OM187-aiBEVe1cGrjI1_1F_tJADTV3LynZOHVnncxdDFyv2cuXrLf
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIab4vA01WskVyk-7LZmOnw&google_cver=1&google_push=AehlK4CGWIcxGwMo5wEkxquUghrheaXT5cECS6OKd_598dLu81G7lhLo4YEq38-Vinm4KTSjCp3zw...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4CGWIcxGwMo5wEkxquUghrheaXT5cECS6OKd_598dLu81G7lhLo4YEq38-Vinm4KTSjCp3zwe0ZVIgQEQh4sIpCmLJnAcPsShS_IIFO0A3y2qitF_Tlp5aP8A9ajF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4CGWIcxGwMo5wEkxquUghrheaXT5cECS6OKd_598dLu81G7lhLo4YEq38-Vinm4KTSjCp3zwe0ZVIgQEQh4sIpCmLJnAcPsShS_IIFO0A3y2qitF_Tlp5aP8A9ajFuzprSjgWbCylkL
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Aug 2022 21:58:26 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 16EDBDEAC1BE497C9C9D557DFD2EEB9C Ref B: SYD03EDGE1614 Ref C: 2022-08-23T21:58:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4CGWIcxGwMo5wEkxquUghrheaXT5cECS6OKd_598dLu81G7lhLo4YEq38-Vinm4KTSjCp3zwe0ZVIgQEQh4sIpCmLJnAcPsShS_IIFO0A3y2qitF_Tlp5aP8A9ajFuzprSjgWbCylkL
x-li-proto
http/2
content-length
0
x-li-uuid
AAXm76n66hAMleNH7vYMUQ==
pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4BKouthynYlKPOiRsm0SB9o0iisb-TyAQL5JbyW0M3N-Qt9t_qshznK_2qK0aMdRBJQaHvCKpGJPydE6YY5-fo-t_GHZFlJntMgVXAl_MrYmhIa-VilPBwBRHh9uzDCdi2XwvvhCG9l&g...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4BKouthynYlKPOiRsm0SB9o0iisb-TyAQL5JbyW0M3N-Qt9t_qshznK_2qK0aMdRBJQaHvCKpGJPydE6YY5-fo-t_GHZFlJntMgVXAl_MrYmhIa-VilPBwBRHh9uzDCdi2Xwv...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4BKouthynYlKPOiRsm0SB9o0iisb-TyAQL5JbyW0M3N-Qt9t_qshznK_2qK0aMdRBJQaHvCKpGJPydE6YY5-fo-t_GHZFlJntMgVXAl_MrYmhIa-VilPBwBRHh9uzDCd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4BKouthynYlKPOiRsm0SB9o0iisb-TyAQL5JbyW0M3N-Qt9t_qshznK_2qK0aMdRBJQaHvCKpGJPydE6YY5-fo-t_GHZFlJntMgVXAl_MrYmhIa-VilPBwBRHh9uzDCdi2XwvvhCG9l&google_hm=AWlEEL3KeaB4ks8ADsWuCls51MA
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
via
1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4BKouthynYlKPOiRsm0SB9o0iisb-TyAQL5JbyW0M3N-Qt9t_qshznK_2qK0aMdRBJQaHvCKpGJPydE6YY5-fo-t_GHZFlJntMgVXAl_MrYmhIa-VilPBwBRHh9uzDCdi2XwvvhCG9l&google_hm=AWlEEL3KeaB4ks8ADsWuCls51MA
cache-control
no-cache
content-length
0
x-amz-cf-id
bM5d5qCRPlCJ1hAtefkaH3BgKwpnOizOi4c1f63J17rvkKv8qUWltw==
expires
-1
dot.gif
s0.2mdn.net/ Frame 487F 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEA9mZLpJpphNaVowf4zxf78&google_cver=1&google_push=AehlK4DQQV3OBGEwBE549C9RteL2raGd0saL4euhUYO4TR9rJ0ovf99y2QUtpEmbxSGXtBsuODPWku1W1B2VmtvRhoy3FtfcXt-qURbyMCLpfZ8EYRnSbbyc7sGS6vmjDn8YB7vjATDg5wYu
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Aug 2022 21:58:27 GMT
pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIlRx4KreNDZSJeZVrfzf9A&google_cver=1&google_push=AehlK4Cosx2SM31HT53h-MrQt3jAqD70uvxBMULBWaiBQ1rOzpBf5lqpYHHAXxVSzmOR2siJlSNCjgjlsh0uA8H1EY...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ4MjIwODM0MzQyMDczMTIxMQ&google_push=AehlK4Cosx2SM31HT53h-MrQt3jAqD70uvxBMULBWaiBQ1rOzpBf5lqpYHHAXxVSzmOR2siJlSNCjgjlsh0uA8H1EYOGP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ4MjIwODM0MzQyMDczMTIxMQ&google_push=AehlK4Cosx2SM31HT53h-MrQt3jAqD70uvxBMULBWaiBQ1rOzpBf5lqpYHHAXxVSzmOR2siJlSNCjgjlsh0uA8H1EYOGP9Uihau0mwaP8cc_dQwCtgR0eluGEYrQq9tO1deBfIDMj--8gFry
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ4MjIwODM0MzQyMDczMTIxMQ&google_push=AehlK4Cosx2SM31HT53h-MrQt3jAqD70uvxBMULBWaiBQ1rOzpBf5lqpYHHAXxVSzmOR2siJlSNCjgjlsh0uA8H1EYOGP9Uihau0mwaP8cc_dQwCtgR0eluGEYrQq9tO1deBfIDMj--8gFry
Date
Tue, 23 Aug 2022 21:58:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELGX0i5Tr8Gmwkrhxr8Tofg&google_cver=1&google_push=AehlK4AYkCdxUuP0zCS5G5I5WsKOicGcGnYMOek2pdgAUR17i5UiPn4ukfj9WqmMKUtTFQnUfjeBGiAhP0uAF6m5...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=16cd5458&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4AYkCdxUuP0zCS5G5I5WsKOicGcGnYMOek2pdgAUR17...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=16cd5458&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4AYkCdxUuP0zCS5G5I5WsKOicGcGnYMOek2pdgAUR17i5UiPn4ukfj9WqmMKUtTFQnUfjeBGiAhP0uAF6m5qZz-qnej_gh6nUertwNl7_cd0gddzaXW3BN90qyeytqLTp_cVyrosQQ
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Aug 2022 21:58:27 GMT
via
1.1 58b09a46630ea2f6a75154a66e58b2e6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=16cd5458&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4AYkCdxUuP0zCS5G5I5WsKOicGcGnYMOek2pdgAUR17i5UiPn4ukfj9WqmMKUtTFQnUfjeBGiAhP0uAF6m5qZz-qnej_gh6nUertwNl7_cd0gddzaXW3BN90qyeytqLTp_cVyrosQQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
760mq5Ax340d5z9XIdxRCgzmLzD6ai5jYCBz43anV4uCQt1wHLHyYQ==
pub
cs.chocolateplatform.com/ Frame 487F 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEEyEN9y7JCPMJCRSqIPoWr8&google_cver=1&google_push=AehlK4ABuGTApf-bdYmD9RNGk55qZDcYZjBSncedlzm8FbSHqDCH4JpCMt-9NVmX3uyo5pxiio5SgAdQg7fzjoFyVRSu0JaBFS1BQ7BbB0o2hh-cz2Y2gbmiuURbnCudKJ0qaltxZKaqGw0d
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 -, , ASN (),
Reverse DNS
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:27 GMT
server
Chocolate Cookie Sync Powered by Vdopia
attr
cm.g.doubleclick.net/pixel/ Frame 487F 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTdUv0q9HMtu4nRVt-dV7allVtPi2AqZE0X-ibmKg865rpSoP_05S775R8-LgwmE3944qC
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 01AF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
46287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 09:06:59 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 526C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
46287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 09:06:59 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 5DD3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
46287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 09:06:59 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 2767 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
46287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 09:06:59 GMT
truncated
/ Frame B303 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b2356a3a2ceca5e55a5546513a74f39641cb04fb004195efa2110055f1c7a85

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E507 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
20651
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 16:14:15 GMT
expires
Wed, 23 Aug 2023 16:14:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 78F7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?E8hoYQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0D78 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_2pB0w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dpixel
cms.quantserve.com/ Frame 640F 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENkjYgx-UbLRIc57uHW8ycM&google_cver=1&google_push=AehlK4Cs5he-BigyNNcGeR1NsnDLMyZ52BnTfpLTXddj4wWUHg1BjIuq9Y86AH1V3ssJ6q21KBCDiBppRZKad0VIEeE1cwaSGl0SiQH5AYOu2DvnL_By-QcDHVWO7WAQzmA0MV5HRmeurxU
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
us.php
c.eu1.dyntrk.com/adx/ga/ Frame 640F
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENU3vzepk5TL5OBo5XtZoEo&google_cver=1&google_push=AehlK4DZkjo62O9R8HJCnGDD2j-jBQYHy5rfT9DyPdmgUaNipD27slcMOTjSlLjrmleOdUX95OClHTNCYx...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENU3vzepk5TL5OBo5XtZoEo&google_cver=1&google_push=AehlK4DZkjo62O9R8HJCnGDD2j-jBQYHy5rfT9DyPdmgUaNipD27slcMOTjSlLjrmleOdUX95OClHTNCYx...
0
0
pixel
cm.g.doubleclick.net/ Frame 640F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL3BPutYp642Y-Fftor7zeo&google_cver=1&google_push=AehlK4B1mif0IZE72JGHLnOabgljZDWfwyb1HmwHIYMVFJIDvX0l9X6GAwdZm8v-qRvJTieVlkxN4WszjF-Bcem5SBZv...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL3BPutYp642Y-Fftor7zeo&google_cver=1&google_push=AehlK4B1mif0IZE72JGHLnOabgljZDWfwyb1HmwHIYMVFJIDvX0l9X6GAwdZm8v-qRvJTieVlkxN4WszjF-Bce...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4B1mif0IZE72JGHLnOabgljZDWfwyb1HmwHIYMVFJIDvX0l9X6GAwdZm8v-qRvJTieVlkxN4WszjF-Bcem5SBZv0YydRP_RV5buWW4--tAiYAR2nWvjKppEM7ubqm5h22...
0
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 640F
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG9FFo8aJ1ZoPcyyEh8O4Bg&google_cver=1&google_push=AehlK4A0ZDSOrY_EYoiSg6npNn0BWjWKPuoF1yrPREEXfmwpb_BL3pceJ5saBN6G...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG9FFo8aJ1ZoPcyyEh8O4Bg&google_cver=1&google_push=AehlK4A0ZDSOrY_EYoiSg6npNn0BWjWKPuoF1yrPREEXfmwpb_BL3pceJ5saBN6G...
0
0
pixel
cm.g.doubleclick.net/ Frame 640F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELGX0i5Tr8Gmwkrhxr8Tofg&google_cver=1&google_push=AehlK4D-Sxwr2UdriOEsf5ntfUv6WabmPQ1M1rDaN5P1d_RZnpYgt0xJ4-EUVByjNrMEHqRLqSFTvyjK_vOvmrhG...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=16cd5458&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4D-Sxwr2UdriOEsf5ntfUv6WabmPQ1M1rDaN5P1d_RZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=16cd5458&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4D-Sxwr2UdriOEsf5ntfUv6WabmPQ1M1rDaN5P1d_RZnpYgt0xJ4-EUVByjNrMEHqRLqSFTvyjK_vOvmrhGoBEQ0LDwrhcAlfK-gmMKLDa3YK_7oaT0SMR_rIJ0_jn_s1GukzZ19j8
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Aug 2022 21:58:27 GMT
via
1.1 58b09a46630ea2f6a75154a66e58b2e6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=16cd5458&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4D-Sxwr2UdriOEsf5ntfUv6WabmPQ1M1rDaN5P1d_RZnpYgt0xJ4-EUVByjNrMEHqRLqSFTvyjK_vOvmrhGoBEQ0LDwrhcAlfK-gmMKLDa3YK_7oaT0SMR_rIJ0_jn_s1GukzZ19j8
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
o01ivQ6I1TqtgWKVfoSAaKEPOEzLD1EHIU1Eyg5N0OVDEBnFpEWYmg==
pixel
cm.g.doubleclick.net/ Frame 640F
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESENEVQTsvt4_wYZ9Nw1NrlQ8&google_cver=1&google_push=AehlK4DV1f-TxBY2SwDSuqC6xIMguY2tlymwmw6PAmQSbUCRcNFnNSLwJ8TwBpm3lxAVhl1GBR_vYPG9JGsy3mEaI_Xb...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4DV1f-TxBY2SwDSuqC6xIMguY2tlymwmw6PAmQSbUCRcNFnNSLwJ8TwBpm3lxAVhl1GBR_vYPG9JGsy3mEaI_XbQ-uWMNTiGltpK_4jJCQkdJpV7dRcSI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4DV1f-TxBY2SwDSuqC6xIMguY2tlymwmw6PAmQSbUCRcNFnNSLwJ8TwBpm3lxAVhl1GBR_vYPG9JGsy3mEaI_XbQ-uWMNTiGltpK_4jJCQkdJpV7dRcSIFVg-CK3guGEoloL0P3XAs
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4DV1f-TxBY2SwDSuqC6xIMguY2tlymwmw6PAmQSbUCRcNFnNSLwJ8TwBpm3lxAVhl1GBR_vYPG9JGsy3mEaI_XbQ-uWMNTiGltpK_4jJCQkdJpV7dRcSIFVg-CK3guGEoloL0P3XAs
date
Tue, 23 Aug 2022 21:58:27 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 640F
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEJ6gzLEa22di1UFfViXW3xA&google_cver=1&google_push=AehlK4CWseFjsZZ1Y09sec39npLrbekQmArFf_A3R0yvnFL_vegU-sIoZuzLCPtuB5h8GRoB1iuWGGHCFKtbd8dN6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4CWseFjsZZ1Y09sec39npLrbekQmArFf_A3R0yvnFL_vegU-sIoZuzLCPtuB5h8GRoB1iuWGGHCFKtbd8dN64Ike5xGk41_Cj7ccWCpgxffaroYnbh77xl6ZyMs0v2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4CWseFjsZZ1Y09sec39npLrbekQmArFf_A3R0yvnFL_vegU-sIoZuzLCPtuB5h8GRoB1iuWGGHCFKtbd8dN64Ike5xGk41_Cj7ccWCpgxffaroYnbh77xl6ZyMs0v2DuL4w0VikT5g&google_hm=AUhwijbgmUyqpWrNawWBt0s
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4CWseFjsZZ1Y09sec39npLrbekQmArFf_A3R0yvnFL_vegU-sIoZuzLCPtuB5h8GRoB1iuWGGHCFKtbd8dN64Ike5xGk41_Cj7ccWCpgxffaroYnbh77xl6ZyMs0v2DuL4w0VikT5g&google_hm=AUhwijbgmUyqpWrNawWBt0s
Date
Tue, 23 Aug 2022 21:58:27 GMT
Server
Apache
Connection
keep-alive
Content-Length
274
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 640F 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeDgxaJAa_kUXAgCOmNUmEqtRffMJG5aeP2MpLGTk9b8UMktsUiF_tSCV5dxzrIDdaF0OX
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1CFA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
20651
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 16:14:15 GMT
expires
Wed, 23 Aug 2023 16:14:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
banner.html
s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/ Frame E64E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
98b076f30999d12f9b01db9424289f82cc1a75d204ae0f9cbf2ad158a877bebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
374228
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2164
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 14:01:19 GMT
expires
Sat, 19 Aug 2023 14:01:19 GMT
last-modified
Thu, 14 Jul 2022 23:41:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4263 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9kpumpEg_-LsNO2TWuxeH2pCEWrc2yYSVc_OwW3KfSrowjzz66eA0yczXq6siJgnRj6uD1AkCE-Qbr-NZPpweaH3VkRkmYG7-scgA_pIJazCmB2mQcqOfDk_Vmpyike9CsuM-DVbXhMK7qXFIdQTvPWpH3D-pbkzp1FU2OuBiD3S82QFdJb8heAKRNyUGHnKR6830ArKiDdwxs0x-3SD_pcsJ92HN-uo1DmTg0uSaTH8xD3YXKfWR3kaT_RvrYY10Ixe3C3Q90XZZQC9THGAZzbW-gl2u5y6jJqflHFAeQMIJ0U2FSp0tD5m3v7nj3ckNoAePqjkqx8CNRnMp0UzHKGwT6jPUYXQp1kqBN8GWiKJMTPVNSUyVg2E-7kHkrtiYn6P-8GfDckoE2FoYSAlNP69E3ERXKl_2rtkZ34laCCEfYitSLMnN6UvuAz1wtZF7fEcV8no5jaLYkPXfouJhKj9w90JBIdQFtBMXGObWZ6wKa7J4hpTNbvLr7rUdNGTnMLFNgnZTlp_7VEYn3CRwviPQP43NyXAYaKjnmPMTw1g5Wof7l8bKIfuMpzJ6BI7WxYyp31k-U5za9g0Ln-6tOVMNViwf6qnvvfCqo2vDX2SRuK4sIV_6ZlMMuu2_vWoTSklUcn0HH9ph-dBGhbA-IkfO_xWJDAo5S379GGaWVe-i783twCwPJDRUxkco73H_QWxjuu-3jA7ZnBbak58o3khUyDyefSlL_RmUn1gglTRGddpbdrJ-a064OuHzZohCIsduBV0HoymeVfbsjg4cwCeN8_fuuA8_UmD5Jt9KnwzcAd4plNnNdKbqt5grjMqYQJTFpVv5eqrdWJDYT9WdN4PfEFxG6xpZfzZ5q_n1ECqa_ewHd_Aznqo8KAHfGyyyDKgbKUN7WBUiC1wEvyzKpT2vRIbsfKDzDI8afAHiz_WvwIyXpwvKHD-kNz66Ng5JGu24_jJ83YLa0ZvMBYBpVEB-TJWiQ3yQPkxRCsDrP_EPKX3OFh2GqX66kAVCbdE0_oAMvstC54n9TQ_EqN7XxOyscvOswVimLRXBp3YEdBsVob4koI4YCXjWV1yysB_sQ7OdGlWR5eweGULYb-cqGNJ3Ny26McxIoWeIUXAXLI4Z3jYi-TNK6RkdyWiSi7Y6KJMo8HGPutN72lsOPVLrsAnVV6m_MjFOOzMOwZ1xzdmGnHGxGBByUYl0QJRzYqjqpTx-CFc_-J4glLqMax6L1R63QC7gYJ1_TA&sai=AMfl-YSjyutrfhKUAJmmIZRWgSIWzo3Hkcdql4NKksGJH2iqtjIEnnqtIXRQSY0sOp4XdnrZqcRHoaGNJE4YRR13mkgEjGI9F_Mv04olOUgRiFMij3RihgoLcv6mNUSxhSIaBAqMwBIS2AQquThZXFQnpXHPiWQZU3kAHo4Bq6AoL-QzeWb-8E66wg&sig=Cg0ArKJSzKC6x4tksHrfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=910&cbvp=1&cstd=906&cisv=r20220822.44095&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 23 Aug 2022 21:58:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame E507 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
46288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 09:06:59 GMT
banner.html
s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/ Frame E3C8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
98b076f30999d12f9b01db9424289f82cc1a75d204ae0f9cbf2ad158a877bebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
374228
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2164
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 14:01:19 GMT
expires
Sat, 19 Aug 2023 14:01:19 GMT
last-modified
Thu, 14 Jul 2022 23:41:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B303 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxGWQsYm-jLuZnyizrDD6JFlTqGmUD9jFwaOHD424UQX1dOuIu1cg2V2czMKShGCzlPMVz9IOGRG71r2p1z7bZZcmFVjIapchJ5ETpSSXs17FfTTgLGoFTsfWyqsGQ4SNUPNzwg6z7BD_pPjqy_SfDl30-TjJF9SDKDLhcQftb_IC1f9GRFbwGu2IvNJ0I7arhlypYIv2QmuMYLvVuA36GKXnMcw4Oo-Vq5fVI4A66xlhNq8DCcLS0k1S6HDYQ6g3uVhWKAMGZ22CsuUX0fGBUYnCNMbv2eLKt0u9a0Mgu0i6HkYwALwMMR1YIgafmagm6ykfk6WuV5-xaYSpRvoRI6vrKocMItCUW0tcmanwXtAtcFdi7OM-esMGm8IddtwJ29vkWzYvpp-llJQ3CAFMiCFKFyGHx2uksFMycCH3Moox5blTBDf4F8oTsVLCSIYiEcrpnRtDwrqKnveCOLN5H9Mw--_JGJxYpst0B8Zn4SijIFK-Vb-EGxK9lD-VhTOlxTDDSV86NQ_BO3IzmtHSl7EulLjfhK1Me96nhLLW6yUgxdDJTe-VqOBrVQ90wseKlNR0dYjHY5kARE7kuLBlwe1bVvbGN9och_LTjl4kattFmJh-AMGaVdS6-odaKiw8HJN4yXTPxQm_t4HpYczAbllxurDzgLQh6tqUBN69cu5NAbldoOX76_6TD9cn2PfosLxMrSvUz-YFk07gffGngDjlsEkMq1TPaENc7ex_OwXtFTGnlrWiVu5EEfjp2SLntQ8MHYaib30ZEzypLzHH64iLOqJrx3B3MZOo3TF1rZcEUXa-1jcoyo1UtduWem1hMGA-ZLyh860BOaRmc-giIS8dlvpjmCyE5led8A2H5M_QKJTx5m3qKKaYblpFusN78brp6a8FxmoNIUZaXFE11o-GuqYU2MoPGh-ZRnDPpPATvi6DPqbJ1cX0hfhM_JP0TV0-u6MpYlxj0YrR_cOtg-Fzq-hWGD5uH4H9elg4oKw1hH_rlEuPBQn8ng1VOE2fQlJOF6UZYmMKFbDfmWvesc5jkWVGpJXvzI2GnxP3XRyJ02NtmkTnYnE2H0Q9ACV_wOztoPr4TiIC1CLI2c7aVbBdw-iBy99RGjyySU-KTGV9f4EwhrWPt5gApJtitnywpUzsIXsKdRdZ1Wzqa1U-URM2TDN_Cn7lt4MgYjeKm5iwYMf9L9F4b9BcEU3TMm9DzsGoLPY0r0ELM-7hADzK7MwaHt4suOUyvPg&sai=AMfl-YSk8FxK8bkSsYPUahvIJ--B6YCAGd7E36K96CsZ7bgkGDA0zTAWap_bJnXIfnajoSc9QtCtytSGUReBkwNzoyY-M3vEaotyu2edl8cHr_UWH20btT2c85qYR1QU_3cCiO-owzY6quUF6PQS0b6QrjWXkVTMaojQDHzcWfEl9EA0DXM8lHkVqw&sig=Cg0ArKJSzIeNxSSF9cPSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=805&cbvp=1&cstd=803&cisv=r20220822.50766&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 23 Aug 2022 21:58:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame 01AF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lEg5GQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5DD3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HWfcgw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2767 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rBLxRA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 526C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?U0XhzA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8m0&_p=6532&cid=450118224.1661291907&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661291907&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&dt=%E6%9C%83%E5%BF%83%E4%BA%AE%E4%BA%86%20%E5%A4%A9%E9%BE%8D%E5%85%AB%E9%83%A8%E5%85%A8%E6%9C%8D%E7%AC%AC%E4%B8%80%E5%A4%A9%E9%BE%8D%E6%8B%89%E9%A2%A8%E5%93%A5%E5%B1%AC%E6%80%A7%E6%9B%9D%E5%85%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3B2A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=946716645085743&bg=!lZalltLNAAYUOm8VNDo7ACkAdvg8Whfrzpg-ZlsBoqtb3a9R02M210Jh7L7PLnlSVRuBkoM4CE_3rgIAAAB7UgAAAAFoAQcKANhgNe_SEdt__jZPI2imaqRnTOtZUVbJO6klgsjepSRXZjonu08QehgEzWk_zFN3ZF6MA6YNQfwIAGmHCrZr1UsxSGh7iWT8Am5AtMwXXK9eclqXXHacpLRVAHBKjV_K0SDVBoghf6Bs-gtUgdRhIL2UgObaDqUvUPTM_aMyUwMSBrsWqKrnIrH6_BnJYe52cH0EUJ89K2birwrmJuujUCd5AwRyRIhkRsujf3GmSbYAEp6R5gywmjUj6pToboQDsVUIgCcumCJm-MX8H4fJDyArWJyXcyHk-VCZAsHMmGRG9DexN8DEqRIp5SS6V9TIPqRm-U0uKEyWWuxry8UMwnW0TJnH__0hozbkNAUjcbSeT8r3iGfdT84Qzo4MVRzhhR1qWNMlnPMSL3b4SGeU473kfDnpjkSTP2MoxoIyj4Muc7aImNprqGeyNy8OftxuvgO5UVTWSzGDpx6DbbvRJjk2-ccmZrVC0XCuTKqIlj6CWw9exHNakOSDkibCYMETKaB8IeIbPGIB_it_C8bYuyVo-bhCwXXmauQzOTnGJPsaqKH7ZOBSoCskdRqxXZqxkN5SGQ8bpBG4G63cad1RiOWvaXhg4AHHJEPPR2x_gxQP-HtwVbanvLRvdlsScKVHP7ozIP2ec-ZDA_B-cJDk1uu83VE-uijKULrFrQudhu8ZXmlJzSgRZt_GmFySbX3YdwktztifyZ89GgefwtgpaWpczQpu6WcfGsGRnpqGQ-dx5VCITlKC2M2ew0Fkz4FoJA2yFH9GCCm8dw1_nFXEIDf-dbvKziTNID-kuiQHquhPOSJcMnZfpn_RYnaM3noTb71X8A7Zwk4Edh_Fr478CTJi05e4oYMfypXjkUiIIDBfTchJu0A9kIRNZaglrsXOoOWJgMR4MxVH3ZDaAM-w4738szINua9nerOHtDplVNTFZ3vI3inkZtFvYjkjOiWSGUb4S1AObF8Nf5AG-24GZVzmqRVFt_XUCw4CPXvagzj8FfqaxjXhZgd8eJeczdQ9nmtRZhKn-PSF8ZxiEP3Eets50aScZpM1fjIrs4o-WJoeyGMTdovGrXqhocAZ7HSMFD5eHWwdlrup-LvM-_sm4jXORRsCw1yMO-PBGiRyZf_IYg3yBlRuWZrdfocVxs-oUtXYh2ys-e4HlyGTMdD5r5Spr1Qgvvx2CQKLleQjge_o05sC1UKckLumBYjMc6WA4tV0-calYEd0edWsEYM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 1CFA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
46288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 09:06:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E507 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B07BIgU0FY-XDO7KGssUPnZOh0AMAAAAAOAHgBAI&bg=!SEulSw_NAAYUOm8VNDo7ACkAdvg8WkN4eDhANsMmEM-TGZgHD__PS1PGxR09PAYmzO36WjKPNailyQIAAABdUgAAAAJoAQcKAD67rqV6kF-OFC2ES3Qba1ELyS4DypOkVY6xk1-dESg0vIV0zgznqkdzmCiZg7Hoyh1V6sIcYrMcA9FP3aUFjZkDD4AY7IWWTQP0nEuPEBshwl0OWnqFmnXkIFFm95Roe36AkTv07sO9cToiSXNwBwK1gxzkphTz3RPWQOE1klv-NcK5d8qLmsxPuSLYRhAMQpJ1qnXjqrzMfUndx1BOPdL039dPdJZIq04-Ql99Le02in5Dd7g5KOiXsUtldIpMt6HgFW9fwGe6TWgjcPj9ErXwAmp4drxrYmgpVyZY59VrqVMvzwpLhibAe22MDKNJBCgtGp4SUMSswul_19xmj0dxoPUUPLRfNqwwWDBkRY7yWy6VsqRay5PnGZjZRKHg43snlqsBXahneWqb-gYQ6czVTAdGNKHHarn5s1BJJE2QaIq0t92T9v2hXpe2_M7FgsHu-2uGWDVG5S8g3WGm3cbGo6mcr-IgI99Zsh976hz8_5ocbm6B_s0hVBqFEB7CLP3X7-dbhNMJ_dazhQg370JQo-21vFjBzGOvS6KMliBpw1PNuC9ZEwS64OdacNH0g9GaTrB-RYFUrrK7XawxzCqBdLJq4kB1RTWDFhUFOwGMnQKoPJS1UMIKzUYZXMGmn7orsQjJFZEOlfeB1eu6Ye_YvG1GMovorgOIgUGrCVgZ7RMZyTYqe1rm6WC_2gOtlNLqwMUhJAsFeHpQDnKSXIAaBV7LVi3q4PPTJkesGqwdi1sbUrUoAGGD_lQ1t9S56pTa_iRuofLfXnqclDOgb4pZXFYSjc1LSmzdf--7-oYcKl5zpi1VDSgU8e4yLUBOaFKE0Ix2r09CeRqPOxUvzp4bYjIlTra5Wkr3rzXEaRlextLsbRV5hdFHVuF7cPcp1lpSmqlsxYMYQZJZCbHJAkGYoBQ-hDhS0pcA4eo1aHLHJlXS83q1HEj9_avJl0osHDUWAmtCp1Q2XCLJ1jEkxdsxd5Ie4DVc9Eyb4PuIZHKEV8T0N0_gI24Iyn4Hxi6pQ8EDRvLkjhpEH9GcLLbtiw23jm9OU0nlkE5BLERE5kmO48U7D8F3z4K_f_ZfdiCUqGt9ibOa00yWEmwR-4XWOjRpl8QWS8VStg8yIngRP01xDQ
Requested by
Host: 9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
URL: https://9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 01DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=636912055933681&bg=!f3ylfDjNAAYUOm8VNDo7ACkAdvg8WvXfZNDb6NkfEFxFAX-OjD80mV6uiGFUPMj09PWZkzUzxDNLzgIAAAD6UgAAAAJoAQeZAtmtJ5s_Vyb2fdctkW7XgyFAoFI4QxRGPhwPKuLbqs23NX7Cps4E64e6iZhqR6UIBEGJ78UxAwA0SAZU1Pljl5PWLHN1bIj4rky99uW4cbwBdSC-kp0GimH2tL0cyCjCqwMFR1PNThpAio5k8ZrsDPIK2nC_YkYZHSOWgVhasBhsG9d-1_DymLzjxR9mqcoKT_2foh6bMxIiejBfguX8-D7C-MQfzbrurpBHwUnwwON_VluRFGM1BlRG0SYQxMPWswzzNR6DELTpGVG2Ewdn459sj4TuF2AEgGL8Ez5Z2-NQx52p1lCVu3PvAsMlor8bwTKkK4A6f-Z0CDC8TorHBayU0hsaoFOenBf6m0xspYxbTHuzISTL69uwXtDA4hFyanFRPkYhBAyQHcOlYb5QmISr8KaL9viLSfmjA1uXVrxCGAS7nDp87rvBcYKrISxzMRk0Ujd7WgJmSVG7MZSepYu-NtzvsOFZCYVrGG0E4w_fdNTjogekT6sViRYIfdZhJOwESIu2IneI4CbYoEGWdpnrQPmWmbkQVqJYaXEiC7kwmLujzvr-CQyAW1suIy2EC3f3Ml0pMuaulJ4pBOM2SfQ38lyxcI1GezvvQ3LslWUo9pkW0ac7lOQgi97LDCeHjvCcE2HWITVmyFTaVOTJuu4-D2-FDfEDvC1NOFENfaEia2ayDD_Vcbg5C45ksSwT6KxFqGOHMwyk0UeDuXpiii7D2OKTbsxYXBzKUSfTxI8irDvqM6oo-RPSDKlVCzYyRoWxtTYVgakrqaWZodgsjGYB18nupqzAbGQZiemg308-_0lGnihpCgVntTPxKVgaR41-AtFeDcRPcmNl6SAdcripSSbX6SL6zzQtQBxKGDf8ufWxFSUHaW6IyUnof9PkpXgV-J7NgdsU6HrzVnNwOhY9F1fVsxePT-lEGq34xqYPsr9plf3vASfkrIulvV6plMCpTqu8TMDJ78s
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CFA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B13oMgk0FY__jCY32owP--5FwAAAAADgB4AQC&bg=!gYKlgsbNAAYUOm8VNDo7ACkAdvg8WiUNKzyaOvGxK7asLXsxw8OCZ3ky6eRsUiX2Arb8MWhSVBoo8gIAAABDUgAAAAJoAQcKACn4ZJ8rxCxLhrWTvH5EKk_vBNWA6rLSxusC8kfgsZLzr1lZn1FzPRns0JkDGpU96NNpGdPxwIOh-Un7J2n8TkNxYDVqZCmUtJaXpfuSgX-msLTSL6QT33HRe8N49B1MPdNVAtHQbvlj_LNywrWXayCpFahY4e1iRu9Aj5pxfoukMvz5Ug4AdIe5ZH4yO6Ec7tTMDIbakuW-UUPNAVk0m_PwOw-KIJHoMbM6AYEKJvGn86oxF7sXZQ-YNzXNsNnyVxSiI4pafKSk8-bYnXnqW3PBuTTBQoJZB5_HAXqVG7rRkWWlFQpQXEr8Uwkm-rAIhI7eK1owRnEgObXih4AoGqqcxxkfQxTDGEIIn2E4jtsSADTiK5ar0g-t1xHAmE49f-99izai7ifwJRGR1V0GDXMmNm64Gdp7Qbac_AjJ6xNGZRdjaBEsb-mWVRTAzbZeZ1hJgJPIeyAfzSCPaQS11bQLDxhFF9_-abs1xHv7GFCiYZylLt-BXXf3_s_JpUJ8uTOPARObH3VETxBImjLdNhhDz9sOR361oQwUxhuTUPC7IhF84h1NVbp1T7rKMzJ22nREYq5j1toiA4Nt6P2GxF07VwJSqAQCnYQn97O478KXbWYsj6sqPrdjkeDMWH11Fa5OBC3Nkzqa3kLkadkq62J6elO-PSRUigg4zUTjXA351tL5McjPh3xKBtPr-Pe5pkgLbO4M9aMiVj2LPdVNd1Q_ptWm65Te6zqJ8N4ABWH4nwOKvqqvxjHG-Y-5hXoLDyrzt1TP09mTguHd9PU4YM6WWYfzmrWqo0FV6qpswK-F2l1-odCYZJYcuoxmYDXYEhERJG2ja4PjLXJzo7hh9FBrqGqwvoVTHZ4S_voaT-8pTn0BMFv4cUIuJ0uqH-LvUOr9lxqnIIWGPfNQNM1O4ATlFS_VPbvHqSZ4ag5lt1uQ3fLlzzkjrM4ACkRnxdIjZcQgZ4qZdAOHVz6EdblzukohN1zf5sWNQ4rcE4O2LbUVXuZn73sHdXWJwlFlH7xUaLhg7HOLtBddiAHg8QyrA3TUayNZnUZw_FJdV_IS0qODF7-g-a8vBOil3_R6ARFiyKOm7Mok9IqqglppbHr0ANMUczlsqiHd
Requested by
Host: 7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
URL: https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DDD5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220818&jk=3748902789826819&bg=!6eql6q7NAAYUOm8VNDo7ACkAdvg8WonwpIJT2pFLOsXzR9N8PBxqqdSwOR5b2qk97g_4p1YVae49rgIAAAFfUgAAAAJoAQcKAF9fKwAge5Mi7nQlf_EK63Kq0jmNysT0WBaXaDeCBrUliYpGG8bmawoFF1JVcMXl9b6HgrebcDJ-3JYLd9EEIgK-2C3KxRyw6xn5XGqPF6ysjkWyJxq251s5M0j9aKxEEZkCrPxLc79cG0-3BD8fW0pnOfyhzoddHRAOyvYabEqVDD8Hd9jFV6eT_XJhx_MiZNhSZ8HpBP3kH2_tbVNf30twURe-NYEXxlKVa0r-aFpS3RlXOXaGMyx2xsg1fG_ia0GcZdxXGVcNwS6-OpJ2-mvwjxuHDtsO_VTe4QJ9bpwTSSV3scY70j_087OxSPhA5uc-2n9U1XIN1F5Rc_IRCNxcY_pgJupKm2k6sqTF4fMlcvtD_Fuwj7Q0MwYRDC7HPEjpi0Ehv4s7J_1-VK3TXv5izKAKVuHnHKetkTNksDYQFM1DrkiZmBFo8IVSk5nAp3djCVeD1roiStT_EqkO3k2P0EzF1yprA0GkjayOohOtReoGTE5m1ijwV74bIFRQmGryMCyQu6Zij5iHifFY7zf9XyZeRjZ-coZ-JLl3F620P4ngnJ2WmW22alvMPSp2XCyk7Qvy8Fre6ES0ngbNnxZvtAopB0d_d3TzTxXeyzfvvlDMvSlGCGmlUuk91fnYFhmfoM1WXeMgbeZ1WJAbbJU9o-b2lZciZExmVUmKrBeIGIOToY1qJkRV-Y7gs-yumnOOUVxKryxBTPp5sgREOuFqRSeUAguTpgKFMF_BUhJILsG6-toi52Tlwm8kUn8B17vfnsVVKH9RQO_q1-jyLKyjE9EOj5do0EXkxfTZ-uPVXLNJ0YqTsoHuNXvkC6Axu1kNr2onYEsNvEQIfIAt7ggh6UrBJGry2VvnZklvKxz5tu_lgeNZLNEWy4LCs3Bd0zG6S7YZAMhnodBL72NfEtbd1Adci4aYjCbBUvmnHSX3B6vC9u3E3_uxFwKz4HY_4vpBCFXpxv-d6u7OQmR3VDcL9MI-EnbNS1HnWw4NAVqAUi8QxQMstIebY4uW6Jccu46JFw-BiiwPfmw_fIqR0w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1ADB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220818&jk=1485909513997323&bg=!TU6lTgrNAAYUOm8VNDo7ACkAdvg8Wq_BVSOeDKFF4hV7vkpeQ67LiHraMEMs2tSrq80JG0EaWViRjgIAAAFDUgAAAAFoAQcKALaY6vZDSyKzlQvPebahrzDbKRhIWKkkzf1ycVFAvhSMjsnT0XhLvyVveD8U9JPVfqn1nAOC3vkxucgeEbo88b3hks0uEavVZL42npMDzlq0sOF9si9Jwyt0sBNExAVnGKqWSEqnEVP8WOU1uwc5g78xLflYaZZ8Of4m98fvmYaheDwRbEK2EGsPQYTF_dO9IywDhWfwIMMS9xdeQ6xvilM4boyz22oRm8Rf9qYJVcv0ITlYjXKv0pkCsR2Av0zkuaJ1vP5vxb0s0WMUkoHj2O4_E_EBaQHhdvaa9UA98eGFPK30DHD4x3c-5s3Ww_vNMYYCLS6n_9tLNv3GRDwCpoZMEgrRfR5Y5WoX1q2SIVTkOz1hrkp_Zwy7aoOautHCUDjFurx_z0PkJTGiuxzwrNhG644105Yj1KOcTsjjSW_aaXOXz5fzesiM3Q58PoazJmBJdfHs2fafxl4dtLhhslmrMlEJ0Wfs0S-NrZt5Gzq1jxjA_j715gjIl2YhJ-n3FBDIPWf6dPdhBJz6EZ5j02XFJyzRWEZqptroXg4WDcO2C5v_n07J3N843fb_o5iGQo7oZXSp9U5XK8LLZZ3FGIo6fpb12zQr18k9_w1WJPUjiML97JZLuouPQpPcmz7jeJDVHkyMD6XnY1hLardNKU50k75VqcPcs25PdP8FvHqrqJ0Rmkpwzq8e-h_-VsoCVKdAZrUnooJb-yXlsfcf23cJ0Q3AiaApHM3OaSppTpXJ0cXrK5Kp54sfeSGQNc4WRZffXWmnDgV7Sbf45i85ycNkzqnuRttPciSPJ-qspBfQpk6mQX9OOnAOiOnD1g3dU2hszxVWCjJvflkedr-Fa6WEVDQ-4UnnWol88LUAZZs3h71utA7RZpR26QGLy3B2vNPLohGUEEI5lcWISY04HXmOI19NH1yll83zIfh3OTwmFwU_ScZO0Cgd0rBOpEjPPSyT-QpU5pdt7y1lRh3rUL9KF-wgJJZpiAR0j3WfuBKq898ze7sLAjdk0E2utYGqXTzJAlT3fhfXxz7AhQtHVgZqII_YxrINdpNXEhAhh3YhkI-TRoR7Zzc4p4bcnvHLsTw3Xo6OFpZOw6XGyBLNDWBc0P24uFqAM3uxotRyo-_9T0Zm7-d9Dt2UZaOAC_EwHX3HiSVLNKkIfO7w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F6A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=4093100677068217&bg=!fX6lfjrNAAYUOm8VNDo7ACkAdvg8Wg_GpLJCStY3U1YO6vb9XaB01vjeStI7l9Q28uZP-MJQV-2_PQIAAAE4UgAAAAJoAQeZAtSB6_JA7TyWN0OhJwuuAa69LdhkTlPF_J73eYUPR36ROr38gecFdU7wwl8NyEAWkamacL5Snnak-v8iZYmXRj6mwj-c4GWBLcwj6IUuuEhJmXO4a5Z5SlggHMaS5mG7wz13jA8wtPEn4_35UXHTFYiahLX5jC-s2UxdH4_5uOKuTXVOaZITEZZsZxa2wufY9kHTeZ6hbEEQi1uRrKMeL4-ybS13S9LBsnFXd4AoZFmbqw4HvFBZ0lALmP3zIQMWlRbDQ9jebl4Vy2Iex2JMUKkazF9YUaYK_e69s9XoBkyc4kHGXBLxDHovzHFcUJqziv5yWPWLN6aTaGgudkd9BQ-uqTGHM_q1nA7Ybd6ZRFAQoB5gobSzqQ0fDCnQN0LceSZIlRogbHEXxq2q_GUMkTHBo8ApcaFtFTk5wSHVbIBmeuFs4p9z7jeKR2A9-s6hNKdSifbPQI05oIruubizyHH9bWd3qDOQBYrRE8LNu57P4Jr3rD0S30IiqWhEk-akwtP-MIUB6PH71BjQVYtp9nNOkrCLt_iGGNynMPHTr48_TQRNFtlOvXSwICSEuL3m0fsAb_BkdNVMlFvwmGDR-CAnp5Ja9kENz92LLZVuBPQKZ-vBIxlILLQS3kko_etXPWn34wouu-tNySHbFsBDqR8wHUv9qhwbLhVSPWF0sEl6YdTD4rc0O1Me0_N2m6SkEVJpnWAqGJ0H_5mymcBr-HlkLJPYbVUtBMaEa_trqsHU05mwP-TMJ9afE-qZW0ZNDglrX_BARWJXfecH80qSM7fvifkaJd_4D_jRK16tk39KIuk0zX8utnxM_wRgDQ_6dellocnm9qUhEe4QeT0kvm8HMkNkN9-Vr2UL5m7x2RGFgC2EJd-_KHdhbpBFd7DPx3aRHBcKoe9T1EortrllhaLmWA_p1Gc-iJsfv5Z_VBsyD-API292HTfm9OKgtYlTseQk2L6W
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0BE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=125025847797590&bg=!KyilKGzNAAYUOm8VNDo7ACkAdvg8Wu8aXLN-qjp5-T-d1v_YU8PyWR3CRzo7PZKXzwSsn__QjcQvygIAAAFnUgAAAAFoAQcKACLMGuczAkJaf71upZFEtolSDr_UuFH92MD1uEFExHPZLnI5mQK-i9yIidnOHD6vobGpciiS8FFbGXMByGSj2NT4huLDXtRDPrlSErpJy-kupDn2-hg4SLkf439OtvA7wGX8Bqivly05NyGZUTu3FAkIXcbjm9geM2v9usRQOj64Y8X9HD-yJvvrbmrvxsMSoZne78Y3lpQnpA5tWkp5efYaL23JAvcrFusul95wmm1EWO0opjoD-S3SZE3qBeKzChTA8WtVHIyV-smUjk4kyR6mUBqWMieCoTRh8aMADJpFJ2UxTK776qc9ZPsQfDFWEhQYaHpW7ybfL8ayC4-9UDyMhE16w-Usey4MaAezM3OtSBINI2kexjlI50Rn-Xz6ZG3n69rcx0qdpguQ8rkEzrpHy1ejCqpLJ5YJ5wunlGjL3SsVoaeor4QDnLA2d6BaVS8Xa4GreO_SFfHrd3mjKZlJmWSJTJDUqDc2BTwkAXozCdlmXv53eQSmXeDY6pvMgW6_GDtxQ_xHijbSQZG0ilmmNw8ld4k-Z4_j19zcZFKjDHDrPgj7dPGGJvI_rEG9wU8WGnXJLnL8qZglUZzEnugy7_5_o1HXejEB583WSydqlB0XUbagg1x3ECoCx9lABuYdDU9BNO6Q5qpXUIxPUMgf3XRBizZJFz-vCh16Yhcxzlgl-nH6WgAgUbLuAFgd0zpNpd9JoiyBAc8ZFkw7C4Hlw4ih3eHzrCQT_DFyBSzU4LEUVupmqB2ifRDAEX2meJKxSkhf0hAhWfEk6KaPjk2U4ZxP1XhCF7QM0zoXj1CTtytx963BhRNGrYh1TTJGfEKKLWZQ436oPlg4X2fca3o1Ys6XlJ_vKgdhJg0YgqTcXU-PoymOZMrQJG-Uka7m7ZkAkWoDcMqIDC8XvKQMz1jKUwWA2smSNog7cwqJMN0takTIbUZceV3mTnG5yUu_DAx1JeZGz4DpErkgp341HmnA-Ola
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E64E 		109 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 21:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Aug 2022 21:58:27 GMT
banner.js
s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/ Frame E64E 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
27d9d959137c9fbc70e89b1faf019d0657218e6918c4c58daadbdc8c62b5e4fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452788
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10124
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 23:41:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 16:11:59 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E3C8 		0
0
banner.js
s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/ Frame E3C8 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
27d9d959137c9fbc70e89b1faf019d0657218e6918c4c58daadbdc8c62b5e4fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5051118858945841050/BUPA0102-48_OVC-4WF_Prospecting_300x250/banner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452788
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10124
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 23:41:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 16:11:59 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 21:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
container.html
1de16669a104844fc3a45d744c72bb10.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3DE2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1de16669a104844fc3a45d744c72bb10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 21:58:28 GMT
expires
Wed, 23 Aug 2023 21:58:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B303 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRh8Yf--OZrsHN_mycK2GBE5ykcr5bNt39UKaP2Ib1E3GdukqURbMaj17ZIXuL-0i-_NKtenAjruzPVB1K3qzLoyd2KXA3OPitY9ZUMmZ6mmJZylUrgcbJGeerVS7ckT7VnvoDqnaE0g&sai=AMfl-YQ8WJR9CNBh4IUt-WIPQ_H8sivspjfAJ05unQw2-MuhgbPl_L5kZhpvaivsUU8y6JxaQT9za7Xi3WCD6g-nQ10TzR6McV1c8Ck&sig=Cg0ArKJSzAym0_ZmmLvKEAE&cid=CAASEuRoII0T1VRAY9rA_fKh0LenFA&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=934391782&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661291905548&rpt=1390&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 21:58:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
rtb.adxpremium.services
URL
https://rtb.adxpremium.services/openrtb2/auction
Domain
c.eu1.dyntrk.com
URL
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENU3vzepk5TL5OBo5XtZoEo&google_cver=1&google_push=AehlK4DZkjo62O9R8HJCnGDD2j-jBQYHy5rfT9DyPdmgUaNipD27slcMOTjSlLjrmleOdUX95OClHTNCYx1koelXc_Y1D-jhSW8WvkaBBqK_ZdJvb8maEq7qHQwvEZ_YUW3OHrtS4VNIaTA&prevuid=05030002_63054d83cc400&knw=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4B1mif0IZE72JGHLnOabgljZDWfwyb1HmwHIYMVFJIDvX0l9X6GAwdZm8v-qRvJTieVlkxN4WszjF-Bcem5SBZv0YydRP_RV5buWW4--tAiYAR2nWvjKppEM7ubqm5h22faQjlzG7o&google_hm=9_MQRL3jSIWawiMxHQHmPA==
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG9FFo8aJ1ZoPcyyEh8O4Bg&google_cver=1&google_push=AehlK4A0ZDSOrY_EYoiSg6npNn0BWjWKPuoF1yrPREEXfmwpb_BL3pceJ5saBN6G9biZJpW5d365EZ-Aq1AtjyGy2ROkWAvN_Ld1DgIA6cKVtN4YID8XIoQLI3HqC3t0Z0sjXMeyfTVwLmQ&uid-set=1
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4427852875356475&correlator=1985041180935038&eid=31064019&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D8256ec1e0a71121%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D831970027f95846%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Dc2c786473b7a9f2e-22e49aa7bed500a2%3AT%3D1661291903%3ART%3D1661291903%3AS%3DALNI_MZnIMZhKgQEq87ggMTx3mNO8ikWEA&gpic=UID%3D00000572e7bba7a8%3AT%3D1661291903%3ART%3D1661291903%3AS%3DALNI_MbHLKAqI944NuroFvfgrths_YOtjA&arp=1&abxe=1&dt=1661291907897&lmt=1661291907&dlt=1661291900286&idt=4356&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=450118224.1661291907&ga_sid=1661291908&ga_hid=6532&ga_fc=true&ga_cid=amp-0QPszocIMwd47-UbL9n9Zw
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter function| setImmediate function| clearImmediate object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator string| currentState object| listeningFors number| 3pla object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| dataLayer function| gtag

26 Cookies

Domain/Path Name / Value
.aralego.com/ Name: sspid
Value: 7009cb03-873c-315c-bc5c-8189900b9f02
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.bg3.co/ Name: _ga
Value: amp-0QPszocIMwd47-UbL9n9Zw
www.bg3.co/ Name: __AP_SESSION__
Value: f74b4f7d-d321-42b7-b473-d86d16213060
.bg3.co/ Name: __gads
Value: ID=c2c786473b7a9f2e-22e49aa7bed500a2:T=1661291903:RT=1661291903:S=ALNI_MZnIMZhKgQEq87ggMTx3mNO8ikWEA
.bg3.co/ Name: __gpi
Value: UID=00000572e7bba7a8:T=1661291903:RT=1661291903:S=ALNI_MbHLKAqI944NuroFvfgrths_YOtjA
.adpushup.com/ Name: ap_uid
Value: b5dcaf00-232e-11ed-91d2-000d3aa31169
.adpushup.com/ Name: ap_usid
Value: b5dcaf01-232e-11ed-91d2-000d3aa31169
.doubleclick.net/ Name: IDE
Value: AHWqTUn4IYkqxab5uXVHsCh6_No2fJNPEtn4A82wmQBXPqMNcHwCE7O2PLsb3mPTICw
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 0ebf02e3-7c5b-4906-95e5-eb1669f9a0e6
.openx.net/ Name: i
Value: 0ebf02e3-7c5b-4906-95e5-eb1669f9a0e6|1661291905
.quantserve.com/ Name: mc
Value: 63054d81-9a005-49582-fc9f6
.bg3.co/ Name: __qca
Value: P0-942368390-1661291905527
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwgZuVmAY4AUABSAEQgZuVmAYYAA..
.adnxs.com/ Name: uuid2
Value: 2161922605789088448
.rubiconproject.com/ Name: khaos
Value: L76QB2AL-3-CWDL
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIdq2OR8xz8YrUyebV3a1stjB2P7pkii5JVnVkuReyT6y5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.prebid.a-mo.net/ Name: __amc
Value: 1_1661291905_1661291905
.a-mo.net/ Name: amuid2
Value: e8c93595-d8a9-4152-8798-a46efb96a511
.prebid.a-mo.net/ Name: sd_amuid2
Value: e8c93595-d8a9-4152-8798-a46efb96a511
.teads.tv/ Name: tt_viewer
Value: 34373bdc-890b-479f-9cfb-562cbf20bd50
.casalemedia.com/ Name: CMID
Value: YwVNgsAPPFP6JIPwNgPsQgAA
.casalemedia.com/ Name: CMPS
Value: 914
.casalemedia.com/ Name: CMPRO
Value: 914

2 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhui-xin-liang-liao-tian-long-ba-bu-quan-fu-di-yi-tian-long-la-feng-ge-shu-xing-pu-guang.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.adpushup.com/42753/L2EvaHVpLXhpbi1saWFuZy1saWFvLXRpYW4tbG9uZy1iYS1idS1xdWFuLWZ1LWRpLXlpLXRpYW4tbG9uZy1sYS1mZW5nLWdlLXNodS14aW5nLXB1LWd1YW5nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12338e95ced18b26e2c1210b28d0b624.safeframe.googlesyndication.com
1de16669a104844fc3a45d744c72bb10.safeframe.googlesyndication.com
7358357089a442e3521b33ebf7c65782.safeframe.googlesyndication.com
9e4386436ecf9748ea49a21e8ae3fb55.safeframe.googlesyndication.com
a.teads.tv
adpushup-d.openx.net
ads.aralego.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
aplogger.adpushup.com
bidder.criteo.com
c.eu1.dyntrk.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cr-p1.ladsp.com
cs.chocolateplatform.com
d-9087918963970341420.ampproject.net
delivery.adrecover.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
fastlane.rubiconproject.com
fb8de054611129e4a4dff52e768ae783.safeframe.googlesyndication.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
px.ads.linkedin.com
rtb.adxpremium.services
rules.quantcount.com
s.ad.smaato.net
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.aralego.com
sync.dsp.reemo-ad.jp
sync.teads.tv
tlx.3lift.com
tpc.googlesyndication.com
us-u.openx.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
c.eu1.dyntrk.com
cm.g.doubleclick.net
hb-api.omnitagjs.com
rtb.adxpremium.services
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
sync-dsp.ad-m.asia
103.229.10.247
104.16.88.20
104.18.19.126
104.211.156.162
104.254.151.69
104.26.5.103
13.107.42.14
13.227.254.11
13.227.254.51
13.227.254.74
13.76.45.37
142.250.4.132
142.251.10.132
142.251.10.157
142.251.12.100
142.251.12.154
142.251.12.157
142.251.12.97
142.251.12.99
145.40.89.200
150.95.47.241
151.101.66.49
159.203.145.121
172.217.194.155
172.217.194.156
172.253.118.132
172.67.72.16
174.137.133.49
18.180.74.207
182.161.73.145
209.58.171.197
23.195.153.54
23.54.57.83
34.107.148.139
34.98.64.218
42.99.140.161
42.99.140.201
51.79.234.100
52.193.82.11
52.212.135.106
52.84.251.123
54.251.169.230
64.120.88.131
69.16.175.10
69.173.158.65
74.125.200.154
74.125.200.94
74.125.24.148
74.125.24.157
74.125.68.156
84.17.37.44
00384a0b28ad14f0084a3017711ea0ae568a5a8d3230b98d018cb51621d75d2d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
034ae9bd51eebf58083916aa1d7a4424ce16941c44a9ff636d5b9831a26f96fb
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d563742f862fdb18ae9637a9c2d56ead8920198af988badfc3a6bfcc0cabc65
0fb178cf8143f7dacd8218aaec82129d1632cf45f377e9a5d6cd034938954530
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1504478b21235fc602dd8014ce2e951ad2e89b14753b2084e49ada7579a466f1
1793538c3e3d2d33f923e9a24b02fe8747ed13c56f872794c3dcbaf905bec7f3
1a800429e455c186e0959c77615dc91daaed0259c8f6f3c31c040ee7e1e3b425
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
26375312a1c16fcce75642319052bb66431502b9927e46871d8ffeb4cf17be91
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27d9d959137c9fbc70e89b1faf019d0657218e6918c4c58daadbdc8c62b5e4fa
316963dab1c1ff0d599e881cf322c38f90a3f85f8855bd49f82768ef29f8e3bb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
38bae57e31a12969249047c7b575b8863774b5bfa4489ae971a35dc4525c9b5f
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
4110d6a21b733510be07a590d0e1d30b05d24f2d9e05fce0b345a40d1d883aba
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
437e99bde68c21cc1308d8b043c4d35b7a9140b1f0fb355b8034058404127fbe
43b8bc0ed3b0ced932155c336b90fc698062479739e0b08b118c2fe8525b507a
48c5dfe528f2662ec5be8bc62e0e5452102a819079490def3429b93cec646486
493b57d6181750a2403d2ddb755fde74fa92642789e477d822e5d7831a8c2ae5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd3ab1a412b387025e18aa93b83ebc2566e9b3b2b4d2bb8ed1b18ab27f3f52e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53877e0361b3747340639d5edc8c040a59031e8207ace7e97258f8499771d857
54dbb845bf7cd1b44213e46ca06c970e0130d0189730d16130b642078680624e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56637496f4e035e19e1ddc0b3d64ca137551d37b71449f74e21f74c686fa4cbb
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
59c8453f786546767f7e22aee7182eef9a21ce4ce208342a73bfd8a5aff4594a
5acae8751c431db8af1bc3f6ccb5c33001ca3f3ad9f46959f38982ccc9738c3a
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
5c7f34f34585e8d7c2fb0147c6ab93868bc5c21dfc5f26cf913b8f8802d78131
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
63e6145f79ab19cd5b2cdbec2cba1353019fe4618bf66bb6dcefbc3d4daf76b2
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67fc91defcd98bdc6901e111dbcbae4dd702f24acbc3325eff5c22413e0d97a4
68a8f24c102a1e9e46265b9bb19c11d0d0f5ddd9f8ec376fc3df5850496fbd03
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb31466abd327f67436b68da439bae3aa414bdc41872972fdd8f90dba365c87
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
717204465bb7446bd4670757deddd2cdec8a51abc4fbafb11609410ec0b8a8a3
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74154c7ad18c0064c7e850437c444e715bc45e0c95111dd1f5a03d8009c806ca
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
7b2356a3a2ceca5e55a5546513a74f39641cb04fb004195efa2110055f1c7a85
7b75304ef8f697efd18262a20789f4fefb456606cbdb4f11f0877b7ac6bebedb
7d4cb9017609e393b60d95eae88c62982b5302da28f6471f6703f40faa6cae08
7dcd7297a19b452663099c591bd2c08c03201ebffa03b89bddd9fdd7add57ada
7dd8aca7bc83e6d2a2ed783b37d991e2c9369bbc5b53b9521d18cbb898cf1a70
8059f21e6a41a86ddf012078ffcf2137b5f89ad148e11b41821e0b623eac5ce8
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8588b97ad68ede2e9e424a36ab3663fa0fc4db3773969246ffdc71d89a270534
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
87ebb3dd52cdd0a654252673e46fc01397058e76fe91a3c39959836013f00d34
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
90e32314952b80fa64a4d4b4de7de7d2b84cebc8a4b413745e139df027a6e265
9227a2b727a56bbb844d5a0ff597900247d31c99915ec4575e5def9d05b53a02
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
949630d7d3a516c7ad8d4f1d942bdddf968dda8daac0a35cfaa21f388f0c9b78
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
98b076f30999d12f9b01db9424289f82cc1a75d204ae0f9cbf2ad158a877bebb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adcc6b06d3a61d47f3337c316a71e829fe680a2a2bcfc0207618546836619d1
9b91a37ebcc7205e8252d128dd440c93a14ea1b2b70ebfa7cecf10e915b24550
9d2c9c9f82fb7c73c50fac260546953a83ede3bb46d6ce302d499796c19e0a3b
9ead2b798a1f5d5683fa20a93978fe3c6fdc7cc17a956b643db8725ae67dcfa5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
a69149e83c2f419fce7c2136671ab6bd0f83aa7c6d530ddf18700896a4a6bf27
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b
ab76240617c9616425cfa63ac19617fafeb572bb05b0dc1b407af5ef2f9bb7d0
b081f0ff758542a0a48e7f76603e6ca7766c20b4dad14c6c639bdaae90cc812c
b0b92c7b0111cb2fe2039fc9d1d134689db97000c44657a7f07109615e8cad17
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b187fb9bba3317c878aee6481fd1bbf7ded18fad1de4ba5701dbd0ec836957cb
b2e4c0b7f7d5400379b670c073c9e5a35d8107cf694621026c7dbbe0b1979156
b5c8d6f94cf1f3d3718bee90969823d4c0ab35fbb1b6647eea7a7c66f94f5d78
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
b8726e3d096bf8148b88d4e78a0bde9401d9f5f5641fd6a0cca5ca3afb818009
bb05ed6b91dc7c4e98f28f1131b2935ba95d107f7cc21b61d0aa4374af3f4d94
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c0d3be2c0ba0ad5e6292f73e7ffb98157797dd26caa38b58dae57b555ea208a2
c42b9b0380164500bca906db09069fa9f07cedfd8247f1d6e8d24e3a54fb235a
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9d63f7c4631e78472204768f7cc5b3bf468681c5141ea579a033e2766672fce
cab80267db2d596d7019de4c7e1b9e4f6180d512a11a1969a6eb9104d825c29c
cb32a52d4b7fc3d73d3c01e63a3837ccda52ced52a0ba1857ffd32a510d4b886
cc386d0f934fe3ef84771253f46188e11c3d38ea1aa69e1449a49a522fd8abe8
ce17b344a418ed8c76ce720ed996c2dcc1f96580c57ac2aa98835f65f1f3bd9d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d29ca6dff82beb0e2364fd0bdc413dcea38404fa3236cfe3a17ede7b5ad33529
d74039c2003fc47660dcf01d5da5c095506b6abf29c1365ac20a9ef80645caa9
d7ca275e68fd586ab3699b9d055a23dfb3cd1449733c0abd1d9ee5e991809295
ded1819d0c9702fe962c881ca7d889b57395b7056efe7df2cfbe07bbe3230c50
df441f11a28f6f8f85ee8b7e0b085da4464c0aba01306ed221ae0227a3679fcd
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e9684177ed1a5dd938c3f0f98993aa5100f268fe543839905ab84161411c12c7
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e
f29c5a55881603dca920d1624d247342db775ca6f1c9fbc3821cd5d511c6309e
f67d47baf39a87cc4da1eda8f3bd9b2f56f1553e40e7420f5f76574c18991b10
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f81e99e07b26d1920196c0025b0809d38a2e6227f9dd332b16968009ef9e5f2b
f8c0bd71477cfeb8866b0d59984b3efdda69ee8347ae3d0de1cb731cbe6d680a
fd55646df908cf289bfcd99e2f430b2600e15e16aed2fd0f02a1fab9f34b8241
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e