urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin...
Submission: On October 30 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 7 countries across 85 domains to perform 441 HTTP transactions. The main IP is 84.17.37.44, located in Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 96557.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
24 142.251.10.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
31 172.67.72.16 13335 (CLOUDFLAR...)
33 74.125.24.155 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
13 142.250.4.154 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
9 74.125.24.157 15169 (GOOGLE)
5 142.251.10.94 15169 (GOOGLE)
2 142.251.10.97 15169 (GOOGLE)
2 103.229.10.171 16509 (AMAZON-02)
2 74.125.200.113 15169 (GOOGLE)
1 11 142.251.12.157 15169 (GOOGLE)
1 104.16.86.20 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 11 34.98.64.218 396982 (GOOGLE-CL...)
1 18.136.168.236 16509 (AMAZON-02)
1 35.213.117.18 15169 (GOOGLE)
1 5 139.99.49.250 16276 (OVH)
1 23.195.153.54 16625 (AKAMAI-AS)
3 18.177.60.42 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 44.233.47.176 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
5 54.228.225.243 16509 (AMAZON-02)
3 145.40.89.200 54825 (PACKET)
2 5 104.254.151.69 29990 (ASN-APPNEX)
2 104.18.19.126 13335 (CLOUDFLAR...)
2 74.125.68.155 15169 (GOOGLE)
4 142.251.12.155 15169 (GOOGLE)
1 13.225.103.27 16509 (AMAZON-02)
1 13.225.103.38 16509 (AMAZON-02)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
31 142.250.4.132 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
24 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
1 69.174.120.110 3257 (GTT-BACKB...)
5 182.161.73.142 55569 (CRITEO-AS...)
2 104.17.25.14 13335 (CLOUDFLAR...)
15 182.161.73.135 55569 (CRITEO-AS...)
4 74.125.24.95 15169 (GOOGLE)
1 142.251.12.149 15169 (GOOGLE)
2 11 142.251.12.105 15169 (GOOGLE)
1 7 23.36.252.26 16625 (AKAMAI-AS)
1 42.99.140.144 4637 (ASN-TELST...)
8 23.195.152.23 16625 (AKAMAI-AS)
3 20.212.157.225 8075 (MICROSOFT...)
1 1 202.232.238.37 2497 (IIJ Inter...)
7 23 142.251.10.155 15169 (GOOGLE)
2 4 54.251.183.128 16509 (AMAZON-02)
2 4 69.173.158.64 26667 (RUBICONPR...)
6 11 52.223.2.229 16509 (AMAZON-02)
2 2 202.131.200.84 17941 (BIT-ISLE ...)
6 7 35.71.131.137 16509 (AMAZON-02)
4 4 52.220.190.140 16509 (AMAZON-02)
3 3 13.107.42.14 8068 (MICROSOFT...)
2 3 35.213.12.39 15169 (GOOGLE)
2 5 104.18.18.126 13335 (CLOUDFLAR...)
2 2 124.146.215.43 2514 (INFOSPHER...)
3 182.161.73.136 55569 (CRITEO-AS...)
4 23.9.185.218 ()
1 18.66.147.106 ()
1 151.101.129.108 54113 (FASTLY)
1 104.18.13.76 13335 (CLOUDFLAR...)
4 4 52.74.13.196 16509 (AMAZON-02)
2 2 50.116.239.135 ()
2 2 13.225.103.63 ()
1 2 104.18.101.194 ()
1 3 52.46.128.147 ()
1 13.107.21.200 8068 (MICROSOFT...)
2 2 184.31.5.52 ()
3 23.72.44.196 ()
1 1 103.229.206.241 ()
1 182.161.73.146 ()
1 54.86.208.230 ()
1 8 139.5.84.243 ()
1 1 34.111.151.213 ()
3 3 151.101.130.49 ()
1 2 54.185.220.99 ()
1 104.18.12.76 ()
1 52.193.151.12 ()
441 77
1    84.17.37.44 (Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
24    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
233dbc799b6c97eb435d7e4f0d893258.safeframe.googlesyndication.com
3bbcfd225afbb2010c357ba4f90a0a1f.safeframe.googlesyndication.com
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
31    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
33    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
pagead2.googlesyndication.com
www.googletagservices.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
13    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
securepubads.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
9    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com
www.googletagservices.com
5    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
d-7042014433843010914.ampproject.net
fonts.gstatic.com
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
2    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    74.125.200.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f113.1e100.net
www.google-analytics.com
11    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
1    104.16.86.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
11    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
1    18.136.168.236 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-168-236.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
5    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
3    18.177.60.42 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-60-42.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    44.233.47.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-47-176.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    54.228.225.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
partner.googleadservices.com
4    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
adservice.google.com.au
1    13.225.103.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-103-27.hkg60.r.cloudfront.net
adx.holmesmind.com
1    13.225.103.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-103-38.hkg60.r.cloudfront.net
rules.quantcount.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
31    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
24    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    69.174.120.110 (Avondale, United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
5    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
2    104.17.25.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
15    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
4    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
1    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
s0.2mdn.net
11    142.251.12.105 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f105.1e100.net
www.google.com
7    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
cs.media.net
lg3.media.net
1    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
qsearch-a.akamaihd.net
8    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
3    20.212.157.225 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bi.adpushup.com
1    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
23    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
cm.g.doubleclick.net
4    54.251.183.128 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-183-128.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
4    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
11    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    52.220.190.140 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-190-140.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
5    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
4    23.9.185.218 (None, )

ASN- ()
eus.rubiconproject.com
1    18.66.147.106 (None, )

ASN- ()
public.servenobid.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
4    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    50.116.239.135 (None, )

ASN- ()
ad.turn.com
2    13.225.103.63 (None, )

ASN- ()
cr-p3.ladsp.com
2    104.18.101.194 (None, )

ASN- ()
p.adsymptotic.com
3    52.46.128.147 (None, )

ASN- ()
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    184.31.5.52 (None, )

ASN- ()
secure-assets.rubiconproject.com
3    23.72.44.196 (None, )

ASN- ()
ads.pubmatic.com
1    103.229.206.241 (None, )

ASN- ()
sync.mathtag.com
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    54.86.208.230 (None, )

ASN- ()
cs.emxdgt.com
8    139.5.84.243 (None, )

ASN- ()
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
3    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    54.185.220.99 (None, )

ASN- ()
dpm.demdex.net
1    104.18.12.76 (None, )

ASN- ()
cdn.indexww.com
1    52.193.151.12 (None, )

ASN- ()
g2.gumgum.com
Apex Domain
Subdomains		 Transfer
66 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 135
233dbc799b6c97eb435d7e4f0d893258.safeframe.googlesyndication.com
3bbcfd225afbb2010c357ba4f90a0a1f.safeframe.googlesyndication.com
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
757 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 213
527 KB
44 criteo.net
static.criteo.net — Cisco Umbrella Rank: 658
csm.as.criteo.net — Cisco Umbrella Rank: 16996
pix.as.criteo.net — Cisco Umbrella Rank: 16375
566 KB
32 bg3.co
www.bg3.co — Cisco Umbrella Rank: 96557
static.bg3.co
880 KB
20 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 383
434 KB
18 google.com
adservice.google.com — Cisco Umbrella Rank: 71
www.google.com — Cisco Umbrella Rank: 2
5 KB
16 media.net
prebid.media.net — Cisco Umbrella Rank: 1165
hblg.media.net — Cisco Umbrella Rank: 1562
contextual.media.net — Cisco Umbrella Rank: 553
warp.media.net — Cisco Umbrella Rank: 2208
cs.media.net — Cisco Umbrella Rank: 1368
lg3.media.net — Cisco Umbrella Rank: 4030
177 KB
16 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15244
e3.adpushup.com — Cisco Umbrella Rank: 16838
aplogger.adpushup.com — Cisco Umbrella Rank: 15648
bi.adpushup.com — Cisco Umbrella Rank: 19774
300 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 470
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com Failed
12 KB
14 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 946
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
pixel.rubiconproject.com — Cisco Umbrella Rank: 338
eus.rubiconproject.com
secure-assets.rubiconproject.com
17 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 735
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22208
ads.as.criteo.com — Cisco Umbrella Rank: 16603
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17381
gum.criteo.com — Cisco Umbrella Rank: 408
dis.criteo.com
119 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 548
eb2.3lift.com — Cisco Umbrella Rank: 357
6 KB
11 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13989
u.openx.net — Cisco Umbrella Rank: 681
us-u.openx.net — Cisco Umbrella Rank: 414
jp-u.openx.net — Cisco Umbrella Rank: 6506
3 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ups.analytics.yahoo.com — Cisco Umbrella Rank: 286
4 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
4 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 78732
1 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 595
secure.adnxs.com Failed
22 KB
6 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1540
public.servenobid.com
6 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28942
sync.aralego.com — Cisco Umbrella Rank: 3097
4 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 750
3 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
3 KB
4 gstatic.com
fonts.gstatic.com
98 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
188 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 897
x.bidswitch.net — Cisco Umbrella Rank: 291
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9194
46 KB
3 everesttech.net
sync-tm.everesttech.net
746 B
3 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com Failed
17 KB
3 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 373
1 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 932
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 adsymptotic.com
p.adsymptotic.com
478 B
2 ladsp.com
cr-p3.ladsp.com
1 KB
2 turn.com
ad.turn.com
866 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 597
cdn.indexww.com
2 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1149
2 KB
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2859
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 208
10 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 869
1006 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
502 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 919
pixel.quantserve.com — Cisco Umbrella Rank: 622
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 665
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16418
10 KB
1 gumgum.com
g2.gumgum.com
2 KB
1 brand-display.com
dmp.brand-display.com
349 B
1 emxdgt.com
cs.emxdgt.com
67 B
1 mathtag.com
sync.mathtag.com
728 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 252
670 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 66711
716 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1522
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
46 KB
1 doubleverify.com
tps.doubleverify.com — Cisco Umbrella Rank: 472
138 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 851
634 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 509723
1 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3906
517 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1402
520 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 387
2 KB
1 ampproject.net
d-7042014433843010914.ampproject.net
0 creativecdn.com Failed
creativecdn.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 lijit.com Failed
ce.lijit.com Failed
ap.lijit.com Failed
0 yieldlift.com Failed
x.yieldlift.com Failed
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 adform.net Failed
cm.adform.net Failed
0 inmobi.com Failed
sync.inmobi.com Failed
441 85
Domain Requested by
31 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
pagead2.googlesyndication.com
31 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
www.googletagservices.com
tpc.googlesyndication.com
www.bg3.co
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
31 static.bg3.co www.bg3.co
24 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
23 cm.g.doubleclick.net 7 redirects 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
u.openx.net
eb2.3lift.com
g2.gumgum.com
20 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
15 pix.as.criteo.net ads.as.criteo.com
13 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
11 eb2.3lift.com 6 redirects cdn.adpushup.com
eb2.3lift.com
11 www.google.com 2 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
9 googleads.g.doubleclick.net 1 redirects cdn.ampproject.org
pagead2.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
8 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
7 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
7 match.adsrvr.org 6 redirects cdn.adpushup.com
g2.gumgum.com
7 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 e3.adpushup.com www.bg3.co
5 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
g2.gumgum.com
5 csm.as.criteo.net ads.as.criteo.com
5 ib.adnxs.com 2 redirects cdn.adpushup.com
acdn.adnxs.com
5 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
5 onetag-sys.com 1 redirects cdn.adpushup.com
www.bg3.co
public.servenobid.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 us-u.openx.net 1 redirects u.openx.net
g2.gumgum.com
4 ups.analytics.yahoo.com 4 redirects
4 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
4 pm.w55c.net 4 redirects
4 pixel.rubiconproject.com 2 redirects www.bg3.co
4 pr-bh.ybp.yahoo.com 2 redirects www.bg3.co
ssum-sec.casalemedia.com
g2.gumgum.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com cdnjs.cloudflare.com
securepubads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 sync-tm.everesttech.net 3 redirects g2.gumgum.com
3 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
3 s.amazon-adsystem.com 1 redirects eb2.3lift.com
ssum-sec.casalemedia.com
www.bg3.co
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 x.bidswitch.net 2 redirects eb2.3lift.com
contextual.media.net
g2.gumgum.com
3 px.ads.linkedin.com 3 redirects www.bg3.co
3 bi.adpushup.com www.bg3.co
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 ads.as.criteo.com googleads.g.doubleclick.net
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com www.bg3.co
googleads.g.doubleclick.net
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
3 prebid.a-mo.net cdn.adpushup.com
www.bg3.co
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 secure-assets.rubiconproject.com 2 redirects g2.gumgum.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 ad.turn.com 2 redirects
2 tg.socdm.com 2 redirects g2.gumgum.com
2 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
2 sync-dsp.ad-m.asia 2 redirects
2 cs.media.net 1 redirects contextual.media.net
2 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
2 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdnjs.cloudflare.com ads.as.criteo.com
2 aplogger.adpushup.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 cs.emxdgt.com contextual.media.net
g2.gumgum.com
1 dis.criteo.com contextual.media.net
1 sync.mathtag.com 1 redirects g2.gumgum.com
1 c.bing.com eb2.3lift.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 sync.fout.jp 1 redirects
1 warp.media.net googleads.g.doubleclick.net
1 qsearch-a.akamaihd.net www.bg3.co
1 s0.2mdn.net static.criteo.net
1 tps.doubleverify.com ads.as.criteo.com
1 pixel.quantserve.com www.bg3.co
1 3bbcfd225afbb2010c357ba4f90a0a1f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 233dbc799b6c97eb435d7e4f0d893258.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 d-7042014433843010914.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 creativecdn.com Failed g2.gumgum.com
0 cs.admanmedia.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 bh.contextweb.com Failed g2.gumgum.com
0 sync.1rx.io Failed g2.gumgum.com
0 b1sync.zemanta.com Failed g2.gumgum.com
0 sync.srv.stackadapt.com Failed g2.gumgum.com
0 image6.pubmatic.com Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 um.simpli.fi Failed ssum-sec.casalemedia.com
0 secure.adnxs.com Failed ssum-sec.casalemedia.com
g2.gumgum.com
0 ssp.disqus.com Failed public.servenobid.com
0 ssum.casalemedia.com Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 ap.lijit.com Failed public.servenobid.com
0 ce.lijit.com Failed public.servenobid.com
0 x.yieldlift.com Failed public.servenobid.com
0 ssbsync.smartadserver.com Failed public.servenobid.com
g2.gumgum.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 rtb.mfadsrvr.com Failed contextual.media.net
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
0 p.rfihub.com Failed contextual.media.net
public.servenobid.com
0 stags.bluekai.com Failed eb2.3lift.com
contextual.media.net
0 pixel.tapad.com Failed www.bg3.co
0 cm.adform.net Failed www.bg3.co
0 sync.inmobi.com Failed 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
441 131

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh

This page contains 65 frames:

Primary Page: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Frame ID: 8865A6B825B9D8E782729FA4DB959980
Requests: 115 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 4E4E9FE1EAF9CA54E6732B79946A82FC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: ED339E74CD452C05738931AEBF55C74F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 7278C2F75AD8F8521AB987C959255F90
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F020BB59239C0C2734864BE3488DE237
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: BC4732C5F77974D6EAA1523DF439FDEC
Requests: 7 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: FDCC085B7A66BDA50CE760447898A9EB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911631&bpp=11&bdt=1738&idt=593&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=1&ga_vid=2011282796.1667120912&ga_sid=1667120912&ga_hid=2107020429&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=116132446&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775017%2C44776449&oid=2&pvsid=892672002309594&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uhcmtbqt0l9l&fsb=1&dtd=615
Frame ID: 1DEC12C0E2DFA1E3541CD22150D50C54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CzQn8ED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSLAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogovIuKAkxbXjzgk_KdgdrYH0XxTsR1SXzPj0j9b0Vc847K-o2bdl4AGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=Zc6MvjQu-qY&uach_m=[UACH]&cid=CAQSGwDq26N9JAP6BUtUmAk1RUfP0WmNeTLHqf68aRgBIBM
Frame ID: 5C3DFA74E0163FEAFE7650A7A3152334
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: D40153B2541473CAFF2A16F5C3F51522
Requests: 11 HTTP requests in this frame

Frame: https://233dbc799b6c97eb435d7e4f0d893258.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 22E6D95C93A676413291D2DAA78CF421
Requests: 1 HTTP requests in this frame

Frame: https://3bbcfd225afbb2010c357ba4f90a0a1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: EF66749F932D4C1E26514B10CDD1C9B0
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Frame ID: 29DEC53C66A1F84A4BEEF8292BE9E2A8
Requests: 18 HTTP requests in this frame

Frame: https://static.criteo.net/html5/95385/20220922_fy22q4_nonpro_savvycomms/yoga/300x250/index.html
Frame ID: 38B791247B93D14B8169046B261DD6CD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Frame ID: C9C01B43D88CEA59C2DD7E5051AAE851
Requests: 1 HTTP requests in this frame

Frame: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6269226A0D542290468D7C53D09643C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B2AF20C2AD5FF7369E400C18222CC1F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54F8F896853250E123693F298F0B97C7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE29959B90213624C80C89A6DAFD198F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 101CBA154096F5973BE0E95AF6857FBC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C_5ylEj9eY62XGs2c1AbsnJ_wAazX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBK4BT9D_oqDqgHqYXUiVYTr31tiuUSakNjUn_4eHEHl-eu1zAxjvgIkku_KWQOIvJYwuqY8OWtImWy-i8YVKPOrYi3auo_8NoUzJDvXsrkLwrh4E0WJjVbPxivMk1fw8qgx2QH9CPShZTLyToV52tC67tjUp3rm_Lsf1xjXhXGNTyBLe3JllvF4Ms11ppvkGGLly8_vR5lmA82dswRVVaVacJIJuOmCPJGFVSANjilVPgAbDxd-byq3NmOkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=edoLrXraGlE&uach_m=[UACH]&cid=CAQSKQDq26N90xpYB98i6Ht3dujoTre3fvmQqHIcpHGH1SLUx4uOzakRqKa0GAEgEw
Frame ID: A362546291DDB664002248FA3280A0A9
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 08C26F235B2F2D6508767D66E119F534
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 71CAE5FD6EB6A10B116B055CC1022F7C
Requests: 17 HTTP requests in this frame

Frame: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 885726B27843E625DAAC986C73099846
Requests: 11 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: A7FB534436196A7D76AC62EE33D607F0
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7DE666ADF607027AD97DEE9CA9D470FB
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 525FD3B44A4F9FA6382252F7FB610603
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6138581E6086E21397787C0DB47F26B7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7E42B8D4614E4A0A762C84877DB8EB3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4C3DC8B52F6842B1E10A4E0A09A5593
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9B7BD227B36DA8B8DF767072682E6A2E
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7DA37092F15DB99BD66DEEBBF2F4B1B9
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6C818B74EC27984333EF016F3771D900
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1667120912566
Frame ID: 32308C270AB2640B18D4C9D89AD2E01A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FE40595DA9C10A8C59FD869402CB3817
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3713239BE4EEA8A71CE59B4400DB410C
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D72390AF48D0E4F1D6D71B805304EBDD
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 118478A40865F63A5F97FBDBD8921C37
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A2B5ED21B502FAB2F0B610D564504928
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 049B42634D872FB2F682381B7E76A90F
Requests: 2 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Drkt%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D%7Buserid%7D
Frame ID: 4CB46165CB0B165FB35980F28E649849
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dpba%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3DPM_UID
Frame ID: 172A5748DF13BA645A902990760E7F3A
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8349DDF00E8CC2603BB1F4BDB634871A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4462F77292A97817C2228125017B6D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 430C57871C47EFB4DD0D9371843C3BEA
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 9820637C4378C28F6F65654902AD7A93
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 54D77FBB5BA880F23DBC4D5548BF434E
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: EAAE87457EC781289D066FE94C4B72C4
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: E252A00FC700762AEEB00CE474D854A6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 7BC41D88FBF59417BCFBDCA49C845269
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 44628FB88D9813F69AA7D8B3BDF92D1D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 31CFD4760BFA9C1F8D155D96117A9E40
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8967F282A45651BF8D0CEDD221D672A9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDB878E89B2E632E30EC1BB7B62A6726
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 01CBD21ED3CD0C3E9BE9C4801A2D625F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 4BDCBF649193998E62A518D3844BFBBC
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
Frame ID: F9D03666F146C9AD7C60796EAC2E926E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: BA40156BEC80D1C860904988CDEA2615
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9jNDUxYTdhMi04MGNlLTRiYWUtYTQ3NC1kNTJhZDFhZDFhMzc=&gdpr=0&gdpr_consent=
Frame ID: 6E14D8229085C7A0C3C0FA9707E00408
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 115CB4EF7E50593BBF83391989E9FFEC
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 5DD6B82EAA9C79A9CF6B2A68321CFE68
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: 9A48E2725967192587862BED58E073A8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 3E74DF71521FBCBBCE7F0AA26A44874E
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: B02A3753CB146002222B90FA37D7AEB6
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Frame ID: E2F71097D3C50BDB3BDDA95D0258BFD3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HOT・Stuff/歐陽姊妹花同框!妮妮比娜娜時髦 搶到SAINT LAURENT最新包 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

441
Requests

75 %
HTTPS

0 %
IPv6

85
Domains

131
Subdomains

77
IPs

7
Countries

4409 kB
Transfer

10353 kB
Size

62
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 106
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911554&bpp=21&bdt=1644&idt=537&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=2&ga_vid=192308172.1667120912&ga_sid=1667120912&ga_hid=595388031&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10761&biw=1600&bih=1200&isw=336&ish=280&ifk=2015352152&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44774648%2C42531705%2C44774652%2C44772269%2C44775017&oid=2&pvsid=2839313750244914&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.15wvk90s5il&btvi=1&fsb=1&dtd=555 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 233
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 241
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 248
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEAx4srbSGhNM7sV3W_u8DW4&google_cver=1&google_push=AZmPxg891P95oKSgZlY5ChMxipZoXftSjyTmKAvqRXR8uBvdubVHDrwI-3UHGU6CgDD33cthDxTvpOkGxM03B5hoDpOX8LH-Btckq5qQf4m_JyvxXqg9fcWwLk9A-mMuHHoCYTpJ9tMpaL7sqDUTd03oLnY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg891P95oKSgZlY5ChMxipZoXftSjyTmKAvqRXR8uBvdubVHDrwI-3UHGU6CgDD33cthDxTvpOkGxM03B5hoDpOX8LH-Btckq5qQf4m_JyvxXqg9fcWwLk9A-mMuHHoCYTpJ9tMpaL7sqDUTd03oLnY&google_hm=NUtHeHJKWnNGMTNSTV9UNUxPMzF6NlZCWjg4&from_google=pc1
Request Chain 249
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKOn5Jx43gwAy91l9vnnSqY&google_cver=1&google_push=AZmPxg-lp9tqy6p20GynvSYvSe3VZwsPv1OxGGbaLO81fFAuEEumhjsK5sSKvM0KK2Vny01D2gfofH5dUT6DI5i8Ipln1ty-NXgb9E-diWaVL719yNImfSmrvaicM36I6oFQDnfrhGN0xOWu2Q43sFaH0cE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-lp9tqy6p20GynvSYvSe3VZwsPv1OxGGbaLO81fFAuEEumhjsK5sSKvM0KK2Vny01D2gfofH5dUT6DI5i8Ipln1ty-NXgb9E-diWaVL719yNImfSmrvaicM36I6oFQDnfrhGN0xOWu2Q43sFaH0cE&google_hm=NjIwNjI0NTU5OTE5MDc3Mzk3Mg%3D%3D
Request Chain 250
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKb4X6MIWb9CjsmA9ZUkx_E&google_cver=1&google_push=AZmPxg_pML_-6muwl16fXg4kuE8T6MDftHUPxEtPxlIhnaRh--j-iV1ROmLMshUfHd6YmgcX5s4zASwRDa_KiuywmXBNwtSVWaVKDfGneW3LtL_Eh3hvovG4_SLbeYTbbzpbRRv0qWr7u5a3cu5tqlKyB-E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWNFFYNTEtMjgtN08zVQ==&google_push=AZmPxg_pML_-6muwl16fXg4kuE8T6MDftHUPxEtPxlIhnaRh--j-iV1ROmLMshUfHd6YmgcX5s4zASwRDa_KiuywmXBNwtSVWaVKDfGneW3LtL_Eh3hvovG4_SLbeYTbbzpbRRv0qWr7u5a3cu5tqlKyB-E
Request Chain 251
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMaK0IHdYsvvZLrE7AjYtkU&google_cver=1&google_push=AZmPxg9TB12o4ARyQNeYL_FFFvMCpx7mw3SniZu-TIJLusEoX_tw1WlFXd5QfXyYamq7u7zsn08YSR729cAhKYe9H1NU4IFcxKkBo0Slmr6VY3M0S7-1Q9M8UUU1LQY3odquqFLGIiXj_Is7b5J4DRUvoPs HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9TB12o4ARyQNeYL_FFFvMCpx7mw3SniZu-TIJLusEoX_tw1WlFXd5QfXyYamq7u7zsn08YSR729cAhKYe9H1NU4IFcxKkBo0Slmr6VY3M0S7-1Q9M8UUU1LQY3odquqFLGIiXj_Is7b5J4DRUvoPs&google_gid=CAESEMaK0IHdYsvvZLrE7AjYtkU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1ODY3NDAzMjY4Njc3NDk3ODM0Nw%3D%3D&google_push=AZmPxg9TB12o4ARyQNeYL_FFFvMCpx7mw3SniZu-TIJLusEoX_tw1WlFXd5QfXyYamq7u7zsn08YSR729cAhKYe9H1NU4IFcxKkBo0Slmr6VY3M0S7-1Q9M8UUU1LQY3odquqFLGIiXj_Is7b5J4DRUvoPs
Request Chain 252
  • https://cs.media.net/cksync?type=g&google_gid=CAESENt_Cu3i9_CWP5OUbvNVZBc&google_cver=1&google_push=AZmPxg-kvbScvBWkwdgVPe-eQAhZaNk_Eilcbz3Iy61LCZve5XYbFiBHBbkMgiY6Lo76f0FKp1WgiMNg1cCGZScLzJtuwR6GztggBzNvTwMe0j4pDp4q04cM3uVMMwTbSM0WU4DgyGNzDwgPbln-dCrN-VE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwMTIyNTE2NjgyNjc3MDAwMFYxMA%3d%3d&mn_hm=MzEwMTIyNTE2NjgyNjc3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-kvbScvBWkwdgVPe-eQAhZaNk_Eilcbz3Iy61LCZve5XYbFiBHBbkMgiY6Lo76f0FKp1WgiMNg1cCGZScLzJtuwR6GztggBzNvTwMe0j4pDp4q04cM3uVMMwTbSM0WU4DgyGNzDwgPbln-dCrN-VE&gdpr=&gdpr_consent=
Request Chain 253
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEE429EU6ew6ccTNHeqx0tsk&google_cver=1&google_push=AZmPxg-PkS-ZJPE4M-VTK8CumijGnxEOVn0VjeB0Q7UJwlI1M-LpYpdhO-foa20GUtYVsJdf4QHbiD4lhmpgENNcJ7AsDL1vl7ZAv9ik4nAMwlm4HT9JcMcTsRa7JqxY33UnUNswiICYekzh3sFJFWuqhlRN HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEE429EU6ew6ccTNHeqx0tsk&google_cver=1&google_push=AZmPxg-PkS-ZJPE4M-VTK8CumijGnxEOVn0VjeB0Q7UJwlI1M-LpYpdhO-foa20GUtYVsJdf4QHbiD4lhmpgENNcJ7AsDL1vl7ZAv9ik4nAMwlm4HT9JcMcTsRa7JqxY33UnUNswiICYekzh3sFJFWuqhlRN&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg-PkS-ZJPE4M-VTK8CumijGnxEOVn0VjeB0Q7UJwlI1M-LpYpdhO-foa20GUtYVsJdf4QHbiD4lhmpgENNcJ7AsDL1vl7ZAv9ik4nAMwlm4HT9JcMcTsRa7JqxY33UnUNswiICYekzh3sFJFWuqhlRN&google_hm=MmhlSUZyT3hjR08=&suid-set=1
Request Chain 284
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=cc04825d-dc54-49c1-9d91-dc6dbe5beadd
Request Chain 285
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB1DV4lJGyfUIFwqeFR7Jtk&google_cver=1&google_push=AZmPxg8RhWewXcPbylP59x3Uqp0MC1nkxKQE4rElb16fk83stdYFLV1FeSWI6NdK5iOy8IuaujyYPlqfWqbVMPbUiUvTdka10CoPiBgew6iCPgZKt-UgWmhSNfYKjUeVoKWaTS7L9Hc975e4 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB1DV4lJGyfUIFwqeFR7Jtk&google_cver=1&google_push=AZmPxg8RhWewXcPbylP59x3Uqp0MC1nkxKQE4rElb16fk83stdYFLV1FeSWI6NdK5iOy8IuaujyYPlqfWqbVMPbUiUvTdka10CoPiBgew6iCPgZKt-UgWmhSNfYKjUeVoKWaTS7L9Hc975e4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QlRmOXhwYXoxT1A0ajM1&google_gid=CAESEB1DV4lJGyfUIFwqeFR7Jtk&google_cver=1&google_push=AZmPxg8RhWewXcPbylP59x3Uqp0MC1nkxKQE4rElb16fk83stdYFLV1FeSWI6NdK5iOy8IuaujyYPlqfWqbVMPbUiUvTdka10CoPiBgew6iCPgZKt-UgWmhSNfYKjUeVoKWaTS7L9Hc975e4
Request Chain 286
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELj-h6Rjn8kPStXeT3SS4_Y&google_cver=1&google_push=AZmPxg8JUKuU6OKEpjGtwIKr8OK6Hp8ETBpcunffBzfY5qyY4kpsUBvLa-HsjyfJ2Zj-hnVPj8kItBa-sHZHuhpEb-ipQlDrGCzTYGOhfE4RoswEp746pzfXvaRYrcC3RXMYyg4VB4y1tPQ6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg8JUKuU6OKEpjGtwIKr8OK6Hp8ETBpcunffBzfY5qyY4kpsUBvLa-HsjyfJ2Zj-hnVPj8kItBa-sHZHuhpEb-ipQlDrGCzTYGOhfE4RoswEp746pzfXvaRYrcC3RXMYyg4VB4y1tPQ6
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHTa3l83jo42ikMVoNN4tjA&google_cver=1&google_push=AZmPxg_mz50Uc_hSpS3x0mWdFQ0TZvcJfTSFvRf-Xy6a_GQMezrtZZXxpwYeYl9F6k2YOHnCoJzu4RqMUtBlqkPgZI-wpJh7a3iH54oaPdch4eZ3tUoDS00DkpfM56eXPG9MdkxxqsZhOJg7cw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHTa3l83jo42ikMVoNN4tjA&google_cver=1&google_push=AZmPxg_mz50Uc_hSpS3x0mWdFQ0TZvcJfTSFvRf-Xy6a_GQMezrtZZXxpwYeYl9F6k2YOHnCoJzu4RqMUtBlqkPgZI-wpJh7a3iH54oaPdch4eZ3tUoDS00DkpfM56eXPG9MdkxxqsZhOJg7cw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_mz50Uc_hSpS3x0mWdFQ0TZvcJfTSFvRf-Xy6a_GQMezrtZZXxpwYeYl9F6k2YOHnCoJzu4RqMUtBlqkPgZI-wpJh7a3iH54oaPdch4eZ3tUoDS00DkpfM56eXPG9MdkxxqsZhOJg7cw&google_hm=CCR5xDQdTkelYbq36zfnIg==
Request Chain 288
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_cver=1&google_push=AZmPxg9cb5-aeT8C7p-vpIwMiS9O4AUuyA2VNjqnVqfJcTzwcvyXSpPRd1U6AmU3Hv6aLZF3lkcSlFFf6xVjOFPBMAYM285Nab5xNfzDX_g96MFBfsnQYXOUJniLx8iWCLKaWBS7Y2QtZe_J HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_push=AZmPxg9cb5-aeT8C7p-vpIwMiS9O4AUuyA2VNjqnVqfJcTzwcvyXSpPRd1U6AmU3Hv6aLZF3lkcSlFFf6xVjOFPBMAYM285Nab5xNfzDX_g96MFBfsnQYXOUJniLx8iWCLKaWBS7Y2QtZe_J&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_hm=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&google_nid=index&google_push=AZmPxg9cb5-aeT8C7p-vpIwMiS9O4AUuyA2VNjqnVqfJcTzwcvyXSpPRd1U6AmU3Hv6aLZF3lkcSlFFf6xVjOFPBMAYM285Nab5xNfzDX_g96MFBfsnQYXOUJniLx8iWCLKaWBS7Y2QtZe_J
Request Chain 289
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMaK0IHdYsvvZLrE7AjYtkU&google_cver=1&google_push=AZmPxg8Ph4akS27YMtr6xcV_2-5Ol6emoQhVk6wkYqQfUK0MKUiSyesYBqsKTJhGaV2Kzhl6NLNuHPfedKHN8UmkTLwc5rh9d8gWyCM2sJhLvscy0IJnNK44xFMqFS3NhEFVlpxMJ3crS6V1 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8Ph4akS27YMtr6xcV_2-5Ol6emoQhVk6wkYqQfUK0MKUiSyesYBqsKTJhGaV2Kzhl6NLNuHPfedKHN8UmkTLwc5rh9d8gWyCM2sJhLvscy0IJnNK44xFMqFS3NhEFVlpxMJ3crS6V1&google_gid=CAESEMaK0IHdYsvvZLrE7AjYtkU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D&google_push=AZmPxg8Ph4akS27YMtr6xcV_2-5Ol6emoQhVk6wkYqQfUK0MKUiSyesYBqsKTJhGaV2Kzhl6NLNuHPfedKHN8UmkTLwc5rh9d8gWyCM2sJhLvscy0IJnNK44xFMqFS3NhEFVlpxMJ3crS6V1
Request Chain 290
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPgoRx96Doz1wyGEtPLoxT8&google_cver=1&google_push=AZmPxg9o56Cf24_AxFkIBY0oCFrR3nmlAf-wq_H9P0rZ0YKuTBsesqTsaVQ9M__I_Km4cbciEYMMFByCDQ65HeR8b39pZMkClaRlB5kX6JmLNntCrPSw9omP_puKNt-xazChOHP-IIAx_yRxYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9o56Cf24_AxFkIBY0oCFrR3nmlAf-wq_H9P0rZ0YKuTBsesqTsaVQ9M__I_Km4cbciEYMMFByCDQ65HeR8b39pZMkClaRlB5kX6JmLNntCrPSw9omP_puKNt-xazChOHP-IIAx_yRxYQ&google_hm=WTE0LUZjQ284WDBBQUZ6RTBMd0FBQUFB
Request Chain 291
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHJdydhJJ35gaVOqKM9XmbA&google_cver=1&google_push=AZmPxg8zSeZEsxJeNZ6X4u52pnCbhKrnwfWslR5HCpAXcM3DyeATEYpT7awaep2Q9GU7-rKPI2GNJC2_YNDN-KDn30IZEoMyFFncrP9WPsTN6mRGErgQUCOQNd9ECpby4rHgse3PW-E0gRXT-WM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8zSeZEsxJeNZ6X4u52pnCbhKrnwfWslR5HCpAXcM3DyeATEYpT7awaep2Q9GU7-rKPI2GNJC2_YNDN-KDn30IZEoMyFFncrP9WPsTN6mRGErgQUCOQNd9ECpby4rHgse3PW-E0gRXT-WM HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 318
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dfbcdb459-a949-44fb-94a3-2d477a5ce373&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4680%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dfbcdb459-a949-44fb-94a3-2d477a5ce373%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1mYmNkYjQ1OS1hOTQ5LTQ0ZmItOTRhMy0yZDQ3N2E1Y2UzNzM%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/4680?gdpr=0&gdpr_consent=&us_privacy=1---&A=fbcdb459-a949-44fb-94a3-2d477a5ce373&bidder=appnexus&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1mYmNkYjQ1OS1hOTQ5LTQ0ZmItOTRhMy0yZDQ3N2E1Y2UzNzM%3D&uid=800007378547266485 HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4680%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dfbcdb459-a949-44fb-94a3-2d477a5ce373%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1mYmNkYjQ1OS1hOTQ5LTQ0ZmItOTRhMy0yZDQ3N2E1Y2UzNzM%253D%26uid%3D%24UID
Request Chain 319
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L9V4QX51-28-7O3U&gdpr=0&us_privacy=1---
Request Chain 320
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=fbcdb459-a949-44fb-94a3-2d477a5ce373 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A&gdpr=0&gdpr_consent=
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=fbcdb459-a949-44fb-94a3-2d477a5ce373&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=fbcdb459-a949-44fb-94a3-2d477a5ce373&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6c54b03f-41f0-4dab-b918-c8e102069481&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545650020718409&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0
Request Chain 326
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4584328454131231750&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 327
  • https://match.adsrvr.org/track/cmf/openx?oxid=f68935d5-a0ad-7d99-cce6-208c8a3669a7&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&ttd_puid=f68935d5-a0ad-7d99-cce6-208c8a3669a7&gdpr=0&gdpr_consent=
Request Chain 328
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y14-FcCo8XYAAEfS1n8AAAAA
Request Chain 329
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afj10kxIOHXDks8ADv76OIxij88AAAGEKCZwlw
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9SWpJpFBm-X4xtR1mxloc&google_cver=1
Request Chain 332
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&dongle=0cfd
Request Chain 333
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAYd6X1lHNBGhjlOlDgBK9M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 335
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D
Request Chain 336
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1163409232312574522638&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1163409232312574522638&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a46fab57-45ea-4394-b569-f5269175b283&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a46fab57-45ea-4394-b569-f5269175b283&_noobservation=1&_expected_cookie=117ae4bcfd545b17375a0fbd756f379c
Request Chain 338
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1163409232312574522638?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-2N5jveJE2oQzSV.nd4JdlB9hb7xgyzHxxMhWBMt2wA--~A&dongle=0883
Request Chain 339
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1163409232312574522638 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1163409232312574522638&dcc=t
Request Chain 341
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=3mbpXOguamg9hJgwocjj&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GNWWE4CYJ5TXKYLNM44WQSTHO5XWG2TK&gdpr=0
Request Chain 345
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 348
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dapx%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=apx&refUrl=&vid=71209177463101225166826757000V10&ovsid=800007378547266485
Request Chain 349
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dopx%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3101225166826757000V10&type=opx&refUrl=&vid=71209177463101225166826757000V10&ovsid=3ea55c4a-0bad-4779-afa9-5ee238d9fb7b
Request Chain 350
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dmma%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=mma&refUrl=&vid=71209177463101225166826757000V10&ovsid=2a5f635e-3f16-4700-93b7-beb0c323963c
Request Chain 351
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dr1%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dr1%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D%5BRX_UUID%5D&cb=1667120918252 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4392965428 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cc04825d-dc54-49c1-9d91-dc6dbe5beadd HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dr1%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3DRX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004
Request Chain 352
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Ddxu%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=dxu&refUrl=&vid=71209177463101225166826757000V10&ovsid=BTf9xpaz1OP4j35
Request Chain 354
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D91e5393f-ee1f-4eb2-89a4-219cdb69918a&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=2a5f635e-3f16-4700-93b7-beb0c323963c&expires=30&ssp=medianet&bsw_param=91e5393f-ee1f-4eb2-89a4-219cdb69918a&gdpr=0&gdpr_consent=
Request Chain 355
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dzem%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=Ntmld4qQYtS2ren0PoQv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKOORWWYZBUOFIVS5CTGJZGK3RQKBXVC5RGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3TCMRQHEYTONZUGYZTCMBRGIZDKMJWGY4DENRXGU3TAMBQKYYTAJTWONUWIPJTGEYDCMRSGUYTMNRYGI3DONJXGAYDAVRRGA
Request Chain 356
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3101225166826757000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3101225166826757000V10
Request Chain 361
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&dcc=t
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_cver=1
Request Chain 363
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&expiration=1669712918&gdpr=0&gdpr_consent=
Request Chain 364
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y14-FUB6IBXdEDD.kK5MCwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMMKXezdCh9XyI_qCszaiBU&google_cver=1&google_hm=2
Request Chain 365
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=41492c74-6660-002a-c977d79b
Request Chain 366
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y14-FgAAAJltZAAW HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y14-FgAAAJltZAAW&_test=Y14-FgAAAJltZAAW
Request Chain 367
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BTf9xpaz1OP4j35
Request Chain 368
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y14-FUB6IBXdEDD.kK5MCwAA%264787?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y14-FUB6IBXdEDD.kK5MCwAA%264787
Request Chain 374
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&gdpr=0&gdpr_consent=&expires=30
Request Chain 375
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/SynMzzO5JSxpGDgmr1YM_Mn5EUdSAgOZEtemQ7w0kco?csrc=
Request Chain 376
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWNFFYNTEtMjgtN08zVQ==
Request Chain 378
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Request Chain 379
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBkZDRhMGQ4N2QxMDMyNGMyZjU0YzhhMDZjZDgzNzExYzdjNWY0Mg
Request Chain 380
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9V4QX51-28-7O3U
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOXCToGVfJjcRczbHGKNPRg&google_cver=1
Request Chain 387
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 389
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9V4QX51-28-7O3U&gdpr=0&us_privacy=1YN-
Request Chain 390
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=800007378547266485
Request Chain 391
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Request Chain 392
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
Request Chain 394
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1789973788 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cc04825d-dc54-49c1-9d91-dc6dbe5beadd HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004
Request Chain 397
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1213%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dfbcdb459-a949-44fb-94a3-2d477a5ce373%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D
Request Chain 398
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A
Request Chain 400
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A
Request Chain 408
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4584328454131231750
Request Chain 409
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
Request Chain 412
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y14-FgAAAJltZAAW

441 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
www.bg3.co/a/ 		56 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 , Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
910457e169a1a6b06040465dbd7bf591a14560245bf96368d13a1b2665cef4fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Oct 2022 09:08:28 GMT
ETag
"e030-ZbJwvudxzJoysAftcBYH6y+/yIs"
Expires
Sun, 30 Oct 2022 10:08:28 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
ad2d94bc9242f8bc340a18b57e4515ba7726222cccff509b140254060744915e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 30 Oct 2022 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72656
x-xss-protection
0
server
sffe
etag
"bbbc87a61b096581"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 30 Oct 2022 09:08:29 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a4309265903052524638da5af6d5447080aa47a72e9591a63f02c407f2b6c0be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 30 Oct 2022 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
sffe
etag
"0306c954ffbc2f1e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 30 Oct 2022 09:08:29 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
02dcde77543120bc35b625b94c080f9be268af328c81fef34454a181caa8322d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 30 Oct 2022 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
etag
"6775092f92c2a700"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 30 Oct 2022 09:08:29 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
f2164a3211cc8cb0f494c8925129fdc89f1acdc7fd35419de169c3415801c499
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 30 Oct 2022 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31972
x-xss-protection
0
server
sffe
etag
"750ba38df7e54722"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 30 Oct 2022 09:08:29 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44539
last-modified
Thu, 27 Oct 2022 03:15:18 GMT
server
cloudflare
etag
"6359f7c6-adfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiRR%2FRSArbZ6LYttr%2Fp4HhYWevozqEmSAj8CM4aLal%2Bw0UhwKQBSm%2B9oLLXZEYnzQ9NonX%2BtuN8MjNfnr0OnRB01MP8X6Nx%2FsgaQMg5atHIoUdjEdf2YXRkqnzrUnocDGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
762301b66d54a883-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 30 Oct 2022 09:08:29 GMT
content-encoding
br
last-modified
Sun, 30 Oct 2022 07:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=62
x-cf-geodata
AU
content-length
9035
expires
Sun, 30 Oct 2022 10:08:29 GMT
adpushup.js
cdn.adpushup.com/42753/ 		848 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0b438028bfa67d4d8e510277da5d2ef09e44259275b785306daa0194ec33eaa8

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 30 Oct 2022 09:08:29 GMT
content-encoding
br
last-modified
Wed, 26 Oct 2022 19:18:47 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7
x-cf-geodata
AU
content-length
190253
expires
Sun, 30 Oct 2022 10:08:29 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJ6a+ZoGEokBCiRlYjk5ODg0MC1hNjNhLTQ4MjEtYTMwNC02YzkzOWUxOWYzMjYQ6JCNkN3O+gIaBgiO/viaBiIOMTczLjI0NS4yMDkuNzUo6OoCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQwZmYzODdlMS00ZGNjLTQ2ZWItOTIwMy1mZmM3NWIyNGViMWMYuOkB.9QiYJP0yT/podSf5cgZGgyuYmmbPk9eGWB5qYw/PtNY=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1667120910.dop232.la3.t,1667120910.cds219.la3.hn,1667120910.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
7c148bce882f57248090b6f79a0367fe.jpg
static.bg3.co/imgs/202106/ 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7c148bce882f57248090b6f79a0367fe.jpg?w=800&h=555&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c492670963a6d8685b9338a44c896e9d37a5291d2211eb901e153683fecfc851

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 09:51:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7C148BCE882F57248090B6F79A0367FE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH4PitSOx4wtZN6WVxjyaSh8aLpfel4eBa1Gt3LCqaTOZ%2FXRwLXJByWiagtZyC%2BdcY%2BMrfAPJhwogKeLla3PFN2xyS5gZOcNBawWmBkMcl8qqulViGk9t0WeScF9hn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b8ee7baafb-SYD
content-length
207649
expires
Sun, 06 Nov 2022 09:08:30 GMT
76d019dc915f33e832ca85683b7e91f6.jpg
static.bg3.co/imgs/202106/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/76d019dc915f33e832ca85683b7e91f6.jpg?w=800&h=600&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4b9ea70a95afad778c5588333e1fe46b8eccca216765b88ae329bb224120ca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 09:51:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"76D019DC915F33E832CA85683B7E91F6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kocWIHw3v63qP8QdOXkMXtIT1haSP2XtzsjkfzAqRB%2FnXChTX5prpMIP%2F4aTJe48yIeb64oHGxDXMgROTDG%2FwejbIaqtlOBZO%2FrvRfO962XDrpipdG0Zk03XeuGLcz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b84d9caafb-SYD
content-length
139602
expires
Sun, 06 Nov 2022 09:08:30 GMT
efcd0bc3b2cf529ca7d2725569d73868.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/efcd0bc3b2cf529ca7d2725569d73868.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3214f17ddc3e26627a49a114528ef4964325dce904a739a7d15b8668c98c7a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 08:44:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"EFCD0BC3B2CF529CA7D2725569D73868"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NdjcgVn%2FEmZes8EsgzllUvoi1gqZV%2FeDF%2B5va%2FAKezpoo2znXYYC9a4OlEy9HvZGHgcsUZiFxZfs4jpeaaXxNyF4G0SISQPNNP1NDWIHGsGavFcT1Gq7lUs50uslhc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b84d9aaafb-SYD
content-length
4693
expires
Sun, 06 Nov 2022 09:08:30 GMT
eead79d183f8ec05bf48b0e470e72954.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/eead79d183f8ec05bf48b0e470e72954.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991e44c88b92c8794f08e6a4e069c6e19c762f7c63ee281a2c2b033add20f3fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 03:43:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"EEAD79D183F8EC05BF48B0E470E72954"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb1zu016L5qN6m6kqpKJtmyYNS5o7PPki3n4CNvsXkPhJ6zIyhCxX%2BrMbK6jxRp3WX9iq6vbNioVVDrLgMJK%2BvrC2NCD7OYMqX9HRRb7WBjaRu9UJovuGiGBsOdiX%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b8ee7aaafb-SYD
content-length
5443
expires
Sun, 06 Nov 2022 09:08:30 GMT
31ba24bc89789b9e7924aea415fab199.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/31ba24bc89789b9e7924aea415fab199.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deaec616ab9e72871362b693bbf5c55f738d13bad029f7fc801db46cf4cf98e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 13:50:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"31BA24BC89789B9E7924AEA415FAB199"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1E6WPulUV5KaQhPe0vu1g%2FlNGx7Vw55W7eU9KUHA0kob8K8dXx52iXKy6DF5Oj4GqmuynRNpxIclEoCt52FOJASr37ExLATc1sG7JYc1m6UhIdFKpvdwR0pQ3WiiM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b84d9baafb-SYD
content-length
6433
expires
Sun, 06 Nov 2022 09:08:30 GMT
89056360e215ba6aae61f97bfee7ed7e.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/89056360e215ba6aae61f97bfee7ed7e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14d7a3f81c1b07c43bb868b6a6f5c0b6400ce7f56c919f7ebdb65e5ed7104a1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 05:48:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"89056360E215BA6AAE61F97BFEE7ED7E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsXKA1mPxz3owoy8yOsadXHMTdzcLM4kXTETMrlPHfi%2Bl5VN9L%2ByDJ2OYy6IVuZ7NGNBH7c0N5OQG2YT4vp1O3RMOuUYKUZiTpEFAac5IWOqPihC0eOF9poq2UF1Ji0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b8ee79aafb-SYD
content-length
8470
expires
Sun, 06 Nov 2022 09:08:30 GMT
2fe70cc062a5a67a1e736c88cb4ac01e.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2fe70cc062a5a67a1e736c88cb4ac01e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046c4196ba90f3fdd62ac6a79afe297e49c52e6ca2affa036cc05734a5a9e57b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 09:05:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2FE70CC062A5A67A1E736C88CB4AC01E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvrKatbAWh2q3lBfkhIO9%2FgNqDgEsuK4u3Yfkqq%2BVmjbzIGllUTUyiGFs451ge84dxv9t9ECAxhlbVoaalcTF%2FC4QUu7WDkDUKjig491OTcMripJeTGJ26ScbcHJsKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b84d97aafb-SYD
content-length
8016
expires
Sun, 06 Nov 2022 09:08:30 GMT
ae0b16fe337436ef4a2b958fa175f07d.jpg
static.bg3.co/imgs/202105/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ae0b16fe337436ef4a2b958fa175f07d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6139013c9b03e4e9ca86a7ba3e35d5065f34b91d544d0f0592810f0176debc6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 20:38:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"AE0B16FE337436EF4A2B958FA175F07D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdWeoaH7kwaYW7CslkklUU2xK4H1dmnEFq6foYnZCi0vKGcLETIuZFq6OubSwzPyhG9V2y7dBc5gJnlB4i6luTTl2FGgG5L2bfmDwKa2XZ8pPCjf7lLMpijucSC%2Fs9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b84d98aafb-SYD
content-length
12822
expires
Sun, 06 Nov 2022 09:08:30 GMT
539725f92fba11b3c87519a943b8113b.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/539725f92fba11b3c87519a943b8113b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c1bacc0c1dce5279effe946670ac84a9a2a143302b7b92af00016b080e50b5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 00:40:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"539725F92FBA11B3C87519A943B8113B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TtH20pK3KkHIkqkzMXvMIRtcCrw9%2B3lHs5ONNMwBfqYRclpMv5vNTcEJHJWMpgZWKnn5IWTmmH7%2Bp6CnFj8lZBp4Q4jbS%2BYhT02vu5YBAIV%2BJUNDEY67DKy2rCoL0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b84d94aafb-SYD
content-length
9356
expires
Sun, 06 Nov 2022 09:08:30 GMT
16671f7fc0e25599e45451e25e2b5e3d.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/16671f7fc0e25599e45451e25e2b5e3d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbff71b9cab298de1d2b36ee8c6bc30d986323950c564d6399408fa838ecfacf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 02:20:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"16671F7FC0E25599E45451E25E2B5E3D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3enCMTl9WTCUrlRpTohQ%2BBr1gxKnDVvAkmv3aFaKHpDvW%2FxRGkI1bN5L%2FGLCEoeMhEXY%2BT3IVntBZyQ%2BP%2FQ7fgPKTQSSoPBiNiU0fICPPCsNqv70GS3f7V6Y%2Fih6t4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b84d95aafb-SYD
content-length
8656
expires
Sun, 06 Nov 2022 09:08:30 GMT
c64c4b88e3a9c5ed16882f53528b0ec5.jpg
static.bg3.co/imgs/202106/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c64c4b88e3a9c5ed16882f53528b0ec5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d29930e301c98943706a232f813e6b0496357d023d66ce24539ddce2e68d63b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 18:07:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"C64C4B88E3A9C5ED16882F53528B0EC5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dktJui9Iymy2cVTDEiFXswVuy6YjApNiNOb5twjuzOhsWRjroiZemvpChxx0VTk5aSH3sMdXRKXUKQo8Sivtf%2BDdDCx20SjmJDh8Eu6plN%2F5%2Fuo2%2BV3qCClm1cV78Es%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301b84d99aafb-SYD
content-length
12224
expires
Sun, 06 Nov 2022 09:08:30 GMT
caebe3e089dfa78694af57667a8c5a71.jpg
static.bg3.co/imgs/202106/ 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/caebe3e089dfa78694af57667a8c5a71.jpg?w=800&h=555&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa3dd5a11a39ee7b20c24fe0f43a2b2a2e86f7aec5329ee74545f3efb1e0119

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 09:51:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"CAEBE3E089DFA78694AF57667A8C5A71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0C3l8W3P0raACDjcR%2Bd8gqKRJrE8IAq8KjqrKaW0V%2B33HXA9fDwsDK%2FnUr%2BHp0SZW%2BLxLk1nyApNQRhNBLec6V1AbHqOok77xUgElc5ZHkAbjYuVkvNxydKOUAktxak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac955aafb-SYD
content-length
178534
expires
Sun, 06 Nov 2022 09:08:31 GMT
611f2e936a6414b9f44167ef79f9a511.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/611f2e936a6414b9f44167ef79f9a511.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1235a29955a58c7ab1047cdc7b7a605ea49a58a0a0e96242f3fc4b209cd2b72d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 01:24:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"611F2E936A6414B9F44167EF79F9A511"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkiWr5FrdssrqAFmN4jR%2B5V31%2B4easZOB47RtR3OTCMa2a%2FFxx8Gl9oqf4UZ7FcdlEtJhibpB7D73P3hc0iZr%2B7iIu8NkgMrlhQALZgUVP3UXWZBpVCQvmrvCRP6DRo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac959aafb-SYD
content-length
6764
expires
Sun, 06 Nov 2022 09:08:31 GMT
aaeaf5c06b62d77b7d04c29208a9afdb.jpg
static.bg3.co/imgs/202105/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/aaeaf5c06b62d77b7d04c29208a9afdb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7486f391bc8fe950f051973ae6b6bcda5587c0f2ad5d06b317859f2f18a62683

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 12:05:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"AAEAF5C06B62D77B7D04C29208A9AFDB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67CxbnikPdADcr21bF4t4Pj5YwrvNOqo%2BGAiPNsfB7ypgud7aMp1paTcC7k03HPEkmo4UMHDtdn20fI6i9KsYazcqD7hApVo1Yi8BFZ6%2FMjBYpC5FR0%2FN7MBiICrm%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac95caafb-SYD
content-length
14221
expires
Sun, 06 Nov 2022 09:08:30 GMT
d4b66318b509549d1c8733a40e735ce8.jpg
static.bg3.co/imgs/202105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d4b66318b509549d1c8733a40e735ce8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11500ad29834b77c9418c6bf4675aebeaeb0134175d3efac013eb934775c15f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 13:04:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D4B66318B509549D1C8733A40E735CE8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9oICrmq6QBNAA5Q49KPkcQJxvqdEsIOaeLJuL1ogkU2%2F83GMMh4r5Y0uBvtUDQqFdfYdMYAGfLFlijL%2BMV7eErM%2BFip20zdcwRkzUueOXNeG88hE9byLNP5xmXow1M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac95eaafb-SYD
content-length
11396
expires
Sun, 06 Nov 2022 09:08:30 GMT
34c9f701d3c3b6db7042d8b7d2da4fe4.jpg
static.bg3.co/imgs/202106/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/34c9f701d3c3b6db7042d8b7d2da4fe4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8f41bcf72d52660a42d61167db039b5d785675c74d57b13ff318143350973f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 07:27:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"34C9F701D3C3B6DB7042D8B7D2DA4FE4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW%2BgFwlo8HeLiTFM6g6toe0QxwxdfmrFFQ0IGxQpYlYwp3PySQB7cmsmTj2n9vF4ZPEz5JeRyHJ6oowH%2BxBDQkUeqR%2FxoiXRCmXVVLN349GUVRwhsKC1%2Bev%2BgcFAtMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac95faafb-SYD
content-length
7400
expires
Sun, 06 Nov 2022 09:08:31 GMT
77b0c879a3ad047a05b619fa7c80e425.jpg
static.bg3.co/imgs/202105/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/77b0c879a3ad047a05b619fa7c80e425.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a64559251d22e177481e823ab195125df6201e95b60354faf5fad87afea386

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 10:13:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"77B0C879A3AD047A05B619FA7C80E425"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9Sw%2Fp3Y8jMoKioGbpF4FEFQzZsi94EoHqY6WkxpDUmVOnRlOzf7BlAUJQCeiterk4X51UNaJZYsJ454EME5bZIekYnQ1dB4Qti%2B7h03oQ76CRb%2B%2FindCVtuUxho4v0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac960aafb-SYD
content-length
2544
expires
Sun, 06 Nov 2022 09:08:30 GMT
39266b6ee3a9f1ca96aa2d6e5bae5cbf.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/39266b6ee3a9f1ca96aa2d6e5bae5cbf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc839e2b8061fd18ce70846df02ab475717bec1b85317223b8675ce068c9e238

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 09:48:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"39266B6EE3A9F1CA96AA2D6E5BAE5CBF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpiUTV30Hpogwhe3mzokXRsBwtlCJQzeEqL7U%2FzvoGYVRSVL9et515nLKTuJ%2BGWjNUR6TdiXlgi0VXY1cc0hXs3iO7DBifFlCz%2Fg3Q8aJrJ%2FBcvhZGyEqMN0%2BZmZCcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac961aafb-SYD
content-length
8004
expires
Sun, 06 Nov 2022 09:08:30 GMT
b9c9ead9ca283b0b348a455c29b76681.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b9c9ead9ca283b0b348a455c29b76681.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b05f1317c1890e72e2fa3990704371ae45dff00c861b84ae8afd0b5915cde8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 23:46:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B9C9EAD9CA283B0B348A455C29B76681"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j4YTIDjHl25UOTlyETFCr4iD24q7ITBIAV2a4Hv3YRj8YW3FlVnxZ%2FXA5887tdiJn906Wt6ukhkbh55KlXxbJYyGm80LtB0J5dxy3gOfuqboFKSCZ0q%2FfXGY5gW84o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac963aafb-SYD
content-length
7747
expires
Sun, 06 Nov 2022 09:08:31 GMT
35d892ff1c79e28f745eacf23e58267c.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/35d892ff1c79e28f745eacf23e58267c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8510ac1dd6b0e066b605d40a9f8c8922eb42dbc7d7c3d4c5b343f3d7c1f786

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 01:49:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"35D892FF1C79E28F745EACF23E58267C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eOulPF33Zba5oFdIk4ilijtGKTYt5KLxP8s39kmQFTi2hgY0NY%2FGQMIn8QMDUuAly2HAxNfXDMFWkt2NjwNGzosTvX5Y2K%2Bg7FCgKGlUh7OpF1zeeA%2BiCb9sqvD%2BrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac964aafb-SYD
content-length
6735
expires
Sun, 06 Nov 2022 09:08:30 GMT
68af95b535dd21ae681fabce89bf4f49.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/68af95b535dd21ae681fabce89bf4f49.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3deb24ca4332d5c92047aaf3c11f43bc620b423c98b65c51f262c1cdf90dd343

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 08:54:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"68AF95B535DD21AE681FABCE89BF4F49"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwO%2F81dlELeil%2FMQCI%2FOlMEU1YDfi6UuS4cReTBrJBp5%2FVYUElXSfEGojcSG69hsWCOkjwRCTpzeOGcrMre9AfY4RHhwF3QXBwQUk%2B%2FEaWfmc3WQFI%2F3Lcf6%2F7ToXsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac965aafb-SYD
content-length
2929
expires
Sun, 06 Nov 2022 09:08:30 GMT
f15588accee4c51b5c21ab20d81de10a.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f15588accee4c51b5c21ab20d81de10a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6a5c04df0e2d77fbdfd9f5eee27037d67e82f26e9a233379b7964e5401146b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 09:48:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F15588ACCEE4C51B5C21AB20D81DE10A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzwZjOmmwZZ4RxnfeWBwEW0p9pmyiQCSc7UkNZ9Cv85tVZP9fUQ1%2BHgPJx9Me%2BpY7zggu8hmK5xTlQP6%2B9qmw927NH9Y6YjUf0wdEjBGwGla7NUGOu8u0Kb6i%2FeflhU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac966aafb-SYD
content-length
5464
expires
Sun, 06 Nov 2022 09:08:30 GMT
7e3cc44c2e7bc8aa06f5443b58594f79.jpg
static.bg3.co/imgs/202106/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7e3cc44c2e7bc8aa06f5443b58594f79.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd3b761e0e5ec9cac677e0ac84730bf2129382f084f215b8a4a9eb48cca8184

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 09:51:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7E3CC44C2E7BC8AA06F5443B58594F79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9LNBZLxj%2BbCz4dx6CELks6wQtYJlCAaYfL7qPvad8mhKzJbs5x3zqzeVnhiHhHkx58NZuWEHzuaw7R0xtOGLbOzzlEr4J2L1xYP4rZIzmYxlTsIOezkiO4tQP7P5O8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac967aafb-SYD
content-length
132514
expires
Sun, 06 Nov 2022 09:08:31 GMT
c22b911010bfeedabc6fc2faaae5c762.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c22b911010bfeedabc6fc2faaae5c762.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c47bcf82a73a53d2f1514c01c144e59298d29f5ebc75c0bb5499fead4e91d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 21:30:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"C22B911010BFEEDABC6FC2FAAAE5C762"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMLmvrW%2BxJ5wv4%2FF5LclvJL%2FAzWqG94Jb0vQIv4%2FDER7csb8hJ20W56b49z01HVRjr7UPV3qVw5BXxq3juyrnJZk05gLorTVA1oRrn%2B85%2FWyrCd4dsMz3Ddi7MjFCbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac968aafb-SYD
content-length
7902
expires
Sun, 06 Nov 2022 09:08:30 GMT
59bc7db06d6ba63a1f3b810dea1dd4d1.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/59bc7db06d6ba63a1f3b810dea1dd4d1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5350173a6a42d5440f01475cdd5450346873e913280d9a429079c96df993eb3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 10:35:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"59BC7DB06D6BA63A1F3B810DEA1DD4D1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1t00p2aE8ORg4W7BSJZ%2BuBlV8kb0SIS8d%2F5zVALXtIxPlfcBROxE5LfEFN2iAu%2FdjZ%2Byi%2FHJMp4TNoT4pbYGagRdwUl3jKiBDC2KQTnIqXIZc%2BXQrtvhCGIzk94IiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac96aaafb-SYD
content-length
6989
expires
Sun, 06 Nov 2022 09:08:31 GMT
5bb27fa80f4424c9032f20f06a500301.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5bb27fa80f4424c9032f20f06a500301.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d87329328583cde577a8bd57fa210f86a6e48e79311f7c421b1d29594383703

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 12:05:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5BB27FA80F4424C9032F20F06A500301"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVpxVrbxq9LdWcGHV56pV8n26V3Rsxiw3FlMZeaHf3bwXhq0mAURb6DAQ9PXYQpQbYZ%2FrZlfBR3Ed1IPHaJzrsJpa1o4Pp8zhc3uTLXBFxJOVsOsd34eT4efvyQisLg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac96baafb-SYD
content-length
7128
expires
Sun, 06 Nov 2022 09:08:30 GMT
7c56efb8d347ce8693349895fdc66824.jpg
static.bg3.co/imgs/202201/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/7c56efb8d347ce8693349895fdc66824.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e733a5425d1408ee7574730bd0d7f2d7ad1b8aab65c7caf090480bab275f22a1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Sat, 08 Jan 2022 10:16:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7C56EFB8D347CE8693349895FDC66824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDiW3IQy6%2BUtFBltTEIYPlVq6jIfcbYU09ij2x2LZ7Mmpw2v%2FGA2UDMvdEmnWaXVFVtCb2X%2Fh9mECUPQRIzAvjjc8eJF7bR339UPGDHQxL1v5Hco0qPIJoAxkIf3hl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac96caafb-SYD
content-length
4083
expires
Sun, 06 Nov 2022 09:08:30 GMT
e10c86f73b55d074c4f082ebb8e52686.jpg
static.bg3.co/imgs/202105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e10c86f73b55d074c4f082ebb8e52686.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71a96f7c720bb3051a55f893575c800365cbc2132bb0037a189449705863ab2b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 22:39:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E10C86F73B55D074C4F082EBB8E52686"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYz4AWohldSPdXcusae%2B0hfnIGhtxYS07v0kdbh1x1vZpA%2FHTdIOWQkNWhmdoKhjCMNEm3ewVHP7MqLAJdYRwJmir7K8wHSFcT0N%2BX%2FPX6uavdRVggFvHfV8S5KYklk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac96daafb-SYD
content-length
11014
expires
Sun, 06 Nov 2022 09:08:30 GMT
9db4ae922ecc827fb0430facca35e8c2.jpg
static.bg3.co/imgs/202105/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9db4ae922ecc827fb0430facca35e8c2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
476e63a6d29df70d70d6feac80a366865900053a593ee6c2c17f4f2ca426cfbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 20:25:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9DB4AE922ECC827FB0430FACCA35E8C2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VNxdvAdYQ9m3emXDc2GfaB0Uqy30sc%2BOBlUzwv7Gq6gCtYUXU5Xo8umqC7zNajwYMkfK0Jjt7TVCxNe4O1FapqpTGTJ0YJoPaciLGvujNWwGE4pcu9Igm%2FSWWxlVjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac96faafb-SYD
content-length
13937
expires
Sun, 06 Nov 2022 09:08:31 GMT
e93799e5d9ee16d90fba3da15bdcf917.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e93799e5d9ee16d90fba3da15bdcf917.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6718dfbc1923fc97d8e7b451aba19807cd323c1d4cc60d01ed92a2dfbb528b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 19:59:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E93799E5D9EE16D90FBA3DA15BDCF917"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtbzxnlfOvlg6umXOicU2Re6s0%2FA6ya3y2V31OtcYpsjHtVZUF2VMA4ETG3fP78k%2FJdnvi4ggLcqIQuGoIJuju6KCICpQwgpduZ%2BPo3XCZ4GcErkCUlfE33ZUJ8WeoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac970aafb-SYD
content-length
8116
expires
Sun, 06 Nov 2022 09:08:31 GMT
57f067b51b15045ffb28e7f44b9bc72c.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/57f067b51b15045ffb28e7f44b9bc72c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ca71e42807ca4edcd88f4df36fb382ca31abaa167e961b5d8821b90df84753

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 12:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57F067B51B15045FFB28E7F44B9BC72C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0%2FkpaIVWCkHeiJlKPcxKMJrGRia9VUIGpNntfKOZptW109C3WZYfxEOUOWBBXjZ%2B0Hz6ASQWr9DHoXCAPRwOp5s%2FnUNsy0acjKe8hEfcGfFuO93tUG%2F4suEkldLGpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
762301bac971aafb-SYD
content-length
5939
expires
Sun, 06 Nov 2022 09:08:31 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
eca37871db74e9bfe2f151b95a17fe2d97f240c7db8300c9e2ad200772d383cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Oct 2022 18:57:58 GMT
age
51032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
server
sffe
etag
"41b57bdb55ba6b86"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 Oct 2023 18:57:58 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1015b52f3adc6a317d7cb0d123b45eb32ef3cc33289e122d7b31fd04dcaa1398
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 09:04:42 GMT
age
173028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3838
x-xss-protection
0
server
sffe
etag
"b3bcb79edd33208c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 09:04:42 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a9b53e109c7232f3045fe2df204525df9a166743f8fc0b9285bca0c227168413
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 22:16:08 GMT
age
125542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23048
x-xss-protection
0
server
sffe
etag
"bccc869aadbc1eb4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 22:16:08 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
8e4c70d820fe0f08846c3a7f39a1406a0094ed48b7c3528889d0ddb9c4799337
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5073
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLm709JLEJuHkfCY7PG4E5SanNtudqgNy%2FLXaoTSYNqMrLyHyubR%2BDABIrL9wPE49NpMOsr%2BtX9ny9WBw7zbbLlFguHCp%2Bk2tkzEETcY4oQcHpIb9wsLyN6R98fx1aE8EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
762301b72e23a883-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
f37313be4c9b0aa8e82ddccb1e068330ad4cd20d66fd997551dbf845bfbc21fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 09:08:30 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
f37313be4c9b0aa8e82ddccb1e068330ad4cd20d66fd997551dbf845bfbc21fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 09:08:30 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8625694573548042&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 09:08:30 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.43110358940982185&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 09:08:30 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:30 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJ6a+ZoGEokBCiQ0MTQ1ZTJlOC00MTU2LTQ4MWYtYTdiNi04MWMxMmM5YTE2Y2QQ6JCNkN3O+gIaBgiO/viaBiIOMTczLjI0NS4yMDkuNzUo6OoCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ3N2ZjOGRjOS1jZDMyLTQ3NTktOGI1My05ZGYwM2Y1Y2Q3MjIYm/EB.RzcAysT0+WBUV/3Wb4aMx5m1qsvthSKoa+TYHWbdlhs=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1667120910.dop232.la3.t,1667120910.cds219.la3.hn,1667120910.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
cd247b5b6412f4a83d6be7f1addf05635b26635e6a6ffb3db69b95fe940c4917
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Oct 2022 22:32:38 GMT
age
38152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10256
x-xss-protection
0
server
sffe
etag
"23f464919529ac52"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 Oct 2023 22:32:38 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
dba93323689cff5411c64ff0756958c6ccb41d970f9b017a4bc76a38954d0e4b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 26 Oct 2022 23:03:31 GMT
age
295499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57887
x-xss-protection
0
server
sffe
etag
"2949ba982c8f3926"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Oct 2023 23:03:31 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1667120910629
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 30 Oct 2022 09:08:30 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Sun, 30 Oct 2022 10:08:30 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4E4E 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
10dbcc9899f52c4f2a795c011ece789a1f42fe6cff023fd6e99992d09503e68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40200
x-xss-protection
0
server
cafe
etag
2426940845354888218
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 09:08:31 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-length
94168
expires
Mon, 30 Oct 2023 09:08:31 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=9
accept-ranges
bytes
content-length
317
expires
Mon, 30 Oct 2023 09:08:31 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-length
17440
expires
Sun, 30 Oct 2022 10:08:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
eb8304092bddb1608d9d661895bc22294ed02b1c2ebf3836be696ecaaf5e84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
etag
"1378 / 689 of 1000 / last-modified: 1666994710"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Oct 2022 09:08:31 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:31 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame ED33 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ce3df553e2adedd420d3d416dc241aa6c5fc98fdf181e7d50bc35b07e509c7bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40206
x-xss-protection
0
server
cafe
etag
16912342925173540984
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 09:08:31 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-7042014433843010914.ampproject.net/2210172057000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-7042014433843010914.ampproject.net/2210172057000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjcxMjA5MTEwMjksInBhY2tldElkIjoiMDAwMEE3MDEtNWY5ZjA1MmItMzVmNi00NjVhLWE5MGEtMDBkNDgwYzA1OTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvdHN0dWZmLW91LXlhbmctemktbWVpLWh1YS10b25nLWt1YW5nLW5pLW5pLWJpLW51by1udW8tc2hpLW1hby1xaWFuZy1kYW8tc2FpbnQtbGF1cmVudHp1aS14aW4tYmFvLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=3755.9000000953674
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:31 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjcxMjA5MTEwMjksInBhY2tldElkIjoiMDAwMEE3MDEtNWY5ZjA1MmItMzVmNi00NjVhLWE5MGEtMDBkNDgwYzA1OTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvdHN0dWZmLW91LXlhbmctemktbWVpLWh1YS10b25nLWt1YW5nLW5pLW5pLWJpLW51by1udW8tc2hpLW1hby1xaWFuZy1kYW8tc2FpbnQtbGF1cmVudHp1aS14aW4tYmFvLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=3756.6000003814697
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:31 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjcxMjA5MTEwMjksInBhY2tldElkIjoiMDAwMEE3MDEtNWY5ZjA1MmItMzVmNi00NjVhLWE5MGEtMDBkNDgwYzA1OTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvdHN0dWZmLW91LXlhbmctemktbWVpLWh1YS10b25nLWt1YW5nLW5pLW5pLWJpLW51by1udW8tc2hpLW1hby1xaWFuZy1kYW8tc2FpbnQtbGF1cmVudHp1aS14aW4tYmFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D&c_b=3756.9000000953674
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:31 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjcxMjA5MTEwMzMsInBhY2tldElkIjoiMDAwMEE3MDEtNWY5ZjA1MmItMzVmNi00NjVhLWE5MGEtMDBkNDgwYzA1OTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvdHN0dWZmLW91LXlhbmctemktbWVpLWh1YS10b25nLWt1YW5nLW5pLW5pLWJpLW51by1udW8tc2hpLW1hby1xaWFuZy1kYW8tc2FpbnQtbGF1cmVudHp1aS14aW4tYmFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=3760.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:31 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjcxMjA5MTEwMzYsInBhY2tldElkIjoiMDAwMEE3MDEtNWY5ZjA1MmItMzVmNi00NjVhLWE5MGEtMDBkNDgwYzA1OTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvdHN0dWZmLW91LXlhbmctemktbWVpLWh1YS10b25nLWt1YW5nLW5pLW5pLWJpLW51by1udW8tc2hpLW1hby1xaWFuZy1kYW8tc2FpbnQtbGF1cmVudHp1aS14aW4tYmFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=3763.2000002861023
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:31 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 7278 		714 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1692
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
762301be5dd6a937-SYD
content-encoding
br
content-type
text/html
date
Sun, 30 Oct 2022 09:08:31 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH2P5wrKJqOa%2FgAxhjilACI6Y68MKAeTS9qzxHErfXTG%2FJfOJMvMVULinPQy0XNPlpsa7UHh%2BirKlWWODCr9Y90rGfcLWCQFZVtvbytCJ6l2byQitA2p7mChMozSftka7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 09:08:31 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gtag.json
cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 15:42:58 GMT
age
235533
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"0952bb84868037c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 27 Oct 2023 15:42:58 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame F020 		714 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1692
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
762301be6ddba937-SYD
content-encoding
br
content-type
text/html
date
Sun, 30 Oct 2022 09:08:31 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IH%2BfUUFx9TtvlOFAmLq2LK%2FlJ6%2FHCr%2FCkm08f05MG0%2F68pSLC87JB0VrLXboTobMoc%2BGpE4oP10sYgMssc4gCDUPaj0H7qFAYosh7HeEN63kM4SDRuILEu%2BzV%2BL2odSqwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7278 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
83afdfb46b46b56ab820dcde57ac11b2e9874d8ede9cad19b7f141ad981f29d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27396
x-xss-protection
0
server
sffe
etag
"1378 / 125 of 1000 / last-modified: 1666994777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Oct 2022 09:08:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F020 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
eb8304092bddb1608d9d661895bc22294ed02b1c2ebf3836be696ecaaf5e84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
etag
"1378 / 347 of 1000 / last-modified: 1666994710"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Oct 2022 09:08:31 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ Frame ED33 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9e493857ba8e0f8232ddf47ece4c91e723dec3411d6f9ae9d1b8a38a99ef811d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118883
x-xss-protection
0
server
cafe
etag
11354181022762907081
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 09:08:31 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ Frame 4E4E 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js?bust=31070591
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
11c6433ab25d057157166511f56031c32b06c839f8d513ea71a603d6c407b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119017
x-xss-protection
0
server
cafe
etag
13768669059418203704
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 09:08:31 GMT
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51320a20116f7c0177e7c3994e087c1c9f0a84eaa3562ef0cd6d2b5a566bd578

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
etag
"7pGeWjRhzCC16lj3m64eWg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 06 Nov 2022 09:08:32 GMT
pubads_impl_2022102501.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 23:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
380112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130606
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 08:35:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 23:33:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 30 Oct 2022 09:08:32 GMT
pubads_impl_2022102501.js
securepubads.g.doubleclick.net/gpt/ Frame F020 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 23:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
380112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130606
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 08:35:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 23:33:20 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=HOT%E3%83%BBStuff%EF%BC%8F%E6%AD%90%E9%99%BD%E5%A7%8A%E5%A6%B9%E8%8A%B1%E5%90%8C%E6%A1%86%EF%BC%81%E5%A6%AE%E5%A6%AE%E6%AF%94%E5%A8%9C%E5%A8%9C%E6%99%82%E9%AB%A6%E3%80%80%E6%90%B6%E5%88%B0SAINT%20LAURENT%E6%9C%80%E6%96%B0%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-xsJp22PgIWWqIlQkeD2sxw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.16535397338628277&gjid=0.3503370761632252&_r=1&a=2997&z=0.3650745407727811&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022102701.js
securepubads.g.doubleclick.net/gpt/ Frame 7278 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 16:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130801
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 08:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Oct 2023 16:13:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BC47 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210172057000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
77dcb0c5eb70decd65ce173b46dd4cde176193779d377856450d2699becd347d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11022
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:32 GMT
expires
Sun, 30 Oct 2022 09:08:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221030
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e2a2947239f4e8426282e3f7aedbb66ee5eebc059c6ea4baf395df9f20d8df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22045
x-jsd-version
1.0.1508
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4536-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-zWGVT1WKX5bWdFslOumFw0QLa7w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9A0DnCVD1uhXroQd2FUVuMLkfyAkibCRfei2i33Tw9zSjJINniSLrcKrAz5PcZmyWvOIBb8Vmcpuu5IbxsDu7Yko6LQHCMZiEFr9upx0RzfMNDwKLH6PP8aYiKdcQjBxHZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
762301c53d9fa968-SYD
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=84061258176
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8abf1f65-fa03-42a7-80bb-98c4ac1e9d26%2Cdbf0a976-8682-452c-a72a-31852d2853f8%2C8530296d-3a9f-47f7-a546-d463dea8ede0&nocache=1667120911965&pubcid=25250a8c-092a-426e-9630-e864ee115a5a&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
dd5f747fd5f3e8b95ee6d2d66576e30e5daef7c24007c93de23eeea544ee8d2f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cdc0b7cc-1277-499d-90c1-adc429c7084a&nocache=1667120911965&pubcid=25250a8c-092a-426e-9630-e864ee115a5a&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a0eaec9b-225e-40ed-883c-f791cbb680e7&nocache=1667120911966&pubcid=25250a8c-092a-426e-9630-e864ee115a5a&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=42b10373-4962-400d-b1de-9b830a9172ed&nocache=1667120911966&pubcid=25250a8c-092a-426e-9630-e864ee115a5a&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.168.236 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-168-236.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3d889c0fdbe7f03fabc30f2135428f2a7f73a95a36e69e48ce090cd99c2537d0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Oct 2022 09:08:32 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid-request
a.teads.tv/hb/ 		16 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 30 Oct 2022 09:08:33 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.60.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-60-42.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a76a6238b8cdb00c18530747e67fa0d09d32ecf9e57a081b7ab43679e2246216

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.60.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-60-42.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
2a739e68776bf599cd8b0377cb761f08570c968705c5628858c1a2a742d4d13b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.60.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-60-42.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
9ce1d538ed806f3be2df87a671a35692e58fec4c046f5553aaedd010e12e66ec

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=25250a8c-092a-426e-9630-e864ee115a5a%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=231ccdab-5ce7-490e-a75d-bbb65844591b%3Bbb8e20e3-b751-4ac7-acb0-6ae6e2e9deea%3B5aa4aae6-5b30-4cb5-8666-3ce039c0a65d&l_pb_bid_id=3719c030c4ff35d%3B38a3351a27da5c2%3B3997cc4c5a7277d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.3475024583782609
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6424a50d0985ef9a971939cb454016d912617332f035368042af6724ab6f97c6

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.47.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-47-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
8
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
836b73722f6a2d319944c45101f9d7e59f5199932e1c999e328ab4c1ce61b5f5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
124
alt-svc
clear
adreq
ads.servenobid.com/ 		608 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7810
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fee4affdb3a01482848e0bf5da6a12a2c8944473d7e0eab08663fd04a3621e2a

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		584 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
994612319222f44579eb573fc60ddbd75587d6555696574a0b6f920f9b2db0ab

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
190
content-length
300
prebid
ib.adnxs.com/ut/v3/ 		378 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5e47c752756b3a9e250b552647f7097af65a9bc54f1d399dc2423c2ad7fc1b8d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:32 GMT
AN-X-Request-Uuid
c137fd6d-36e7-4eb0-9eb7-17277cb42549
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.75; 173.245.209.75; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
378
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2262f5252e31a646a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2269e317fe25abe95%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2272d25d5699fa504%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%227368c6048157adc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2225250a8c-092a-426e-9630-e864ee115a5a%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dde9f99a8bb662b12bae6bff32f93e6a0100daab85e51e1cb174b747881b6f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX9MCW7KN75aRGmtpbNjn3ti3M%2Fai9rHV88lOgsky7oeQKj98ZkoW33RsSuMQFEljBF7qVx7aq1x36pHACZL7qKf36Hqn71IeYwCHKMJJnoT0HMvxPp6vt%2FgrNFucFu0Z0KOfn1q"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
762301c59c27556f-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2262f5252e31a646a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2272d25d5699fa504%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%227368c6048157adc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2225250a8c-092a-426e-9630-e864ee115a5a%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dde9f99a8bb662b12bae6bff32f93e6a0100daab85e51e1cb174b747881b6f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxs5kHb%2FNGsSBnS5thJnra83Bx3fwZQIM2c2pXt20Y2nylSKqqvky7%2FWoYKz5iAQW%2B8LXNdU2tRrRmQrb86u%2Fp4Up%2Ftt2YHthHpH6hAuFMy83D41nqEV2O4Lgjy1Fl3y%2FeDJaWxo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
762301c59c28556f-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame ED33 		379 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
02d0925c68229d0bd98f3af1e09778e698509326d301c8dfce35d764c4624cf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame ED33 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ED33 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame FDCC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.103.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-103-27.hkg60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1032
content-length
673
content-type
text/html
date
Sun, 30 Oct 2022 08:51:22 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f38a78a2a0484ca72b698f4e2dc320f2.cloudfront.net (CloudFront)
x-amz-cf-id
5w7563ekt3TBEcedLdEag7Rv0P6Mw2SXypAmeRRuAK9fAAC6Wzt08g==
x-amz-cf-pop
HKG60-C1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:32 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 4E4E 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js?bust=31070591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
e50585f1f8ba96a3e0141113d447927d79a13fb9fdec396a22d39234731ba4cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 4E4E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js?bust=31070591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4E4E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js?bust=31070591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1DEC 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911631&bpp=11&bdt=1738&idt=593&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=1&ga_vid=2011282796.1667120912&ga_sid=1667120912&ga_hid=2107020429&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=116132446&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775017%2C44776449&oid=2&pvsid=892672002309594&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uhcmtbqt0l9l&fsb=1&dtd=615
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js?bust=31070591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
216e74d3380039780456b15f952e178b66899439035f4dcd97af8dcbaeeb665f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10676
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:32 GMT
expires
Sun, 30 Oct 2022 09:08:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.103.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-103-38.hkg60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 08:16:48 GMT
via
1.1 2c3102a3dff8da527bfb867c7b7300ce.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG60-C1
age
3106
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
HUZjspbPYa27L1NWqUm0YHKeBL_kc2H4ux57PwcGqmLMZ3ghD1Hqdw==
adview
googleads.g.doubleclick.net/pagead/ Frame 5C3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzQn8ED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSLAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogovIuKAkxbXjzgk_KdgdrYH0XxTsR1SXzPj0j9b0Vc847K-o2bdl4AGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=Zc6MvjQu-qY&uach_m=[UACH]&cid=CAQSGwDq26N9JAP6BUtUmAk1RUfP0WmNeTLHqf68aRgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911631&bpp=11&bdt=1738&idt=593&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=1&ga_vid=2011282796.1667120912&ga_sid=1667120912&ga_hid=2107020429&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=116132446&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775017%2C44776449&oid=2&pvsid=892672002309594&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uhcmtbqt0l9l&fsb=1&dtd=615
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Oct 2022 09:08:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 30 Oct 2022 09:08:33 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 5C3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k6XEFNHxBqwC-gFi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQED9eYyk7ALUKwYCEGdJYABIAAA&wp=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
194315
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame D401 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911631&bpp=11&bdt=1738&idt=593&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=1&ga_vid=2011282796.1667120912&ga_sid=1667120912&ga_hid=2107020429&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=116132446&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775017%2C44776449&oid=2&pvsid=892672002309594&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uhcmtbqt0l9l&fsb=1&dtd=615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6f4bd941c07cb2c617bc15470f5acca9457b6962274c81639745d09eba68d6f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:32 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=O0yXankzEDP4Q5mLPwuh0NhCi6O8oOCFQrTZJniPV_8IydKuJVjXDf4ybyNtk6diAxV2ZzPqYfe1Wxm8RWCxA2FGYea-6hjPO02dyYrgQHSmFVN2Gw7S9LfEGsEJU-F6amT1s1rN3fUaNyRGLEVIj7VoiX-lECXkhBcgk957Ww0xNZKIAZF8wiIAQPcWTpoFQNYdENfvuQWj6qldvMtNAvsvDKt5FJfPZyYVu_fjU79mV6DFPtLOOeVdclt_PgFoLPoT7Q_WwFAufjlI"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
9770903
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 5C3D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911631&bpp=11&bdt=1738&idt=593&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=1&ga_vid=2011282796.1667120912&ga_sid=1667120912&ga_hid=2107020429&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=116132446&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775017%2C44776449&oid=2&pvsid=892672002309594&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uhcmtbqt0l9l&fsb=1&dtd=615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 18:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 18:26:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 5C3D 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911631&bpp=11&bdt=1738&idt=593&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=1&ga_vid=2011282796.1667120912&ga_sid=1667120912&ga_hid=2107020429&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=116132446&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775017%2C44776449&oid=2&pvsid=892672002309594&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uhcmtbqt0l9l&fsb=1&dtd=615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 18:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 18:26:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C3D 		153 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911631&bpp=11&bdt=1738&idt=593&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=1&ga_vid=2011282796.1667120912&ga_sid=1667120912&ga_hid=2107020429&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=116132446&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775017%2C44776449&oid=2&pvsid=892672002309594&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uhcmtbqt0l9l&fsb=1&dtd=615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:33 GMT
integrator.js
adservice.google.com.au/adsid/ Frame F020 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F020 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F020 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3844432172891495&correlator=3564630248168730&eid=31068498&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1667120912922&lmt=1644386353&dlt=1667120911166&idt=1738&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=x792a6nol6bt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=165704864.1667120913&ga_sid=1667120913&ga_hid=1225108070&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
8440cb7b89dd4722955bab6fc98b3056b0f6a64f51c577950f44d59c36d6c2cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
233dbc799b6c97eb435d7e4f0d893258.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 22E6 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://233dbc799b6c97eb435d7e4f0d893258.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:33 GMT
expires
Mon, 30 Oct 2023 09:08:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 7278 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7278 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7278 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1176044551974095&correlator=36609440628371&eid=31070619&output=ldjh&gdfp_req=1&vrg=2022102701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1667120912977&lmt=1644386353&dlt=1667120911159&idt=1795&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=kawx6jkxygdb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1981540126.1667120913&ga_sid=1667120913&ga_hid=838343508&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
849cb340b3f2d2e47c6cf051cfb9ebdff7f21dd1b6571f243b750c92d963a9aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3bbcfd225afbb2010c357ba4f90a0a1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF66 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3bbcfd225afbb2010c357ba4f90a0a1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:33 GMT
expires
Mon, 30 Oct 2023 09:08:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame BC47 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvM1XED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSRAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mFxLkFHnusUKJ2y2OWCfFBUkOZCv_pwSZbDxTnCUXj4n6Ichz-FF4AGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMyMTYyMzE5MzU3MTMwMzgYAA&sigh=geTa-op4FsQ&uach_m=[UACH]&cid=CAQSGwDq26N9vU6W3OBAI-o2S4Qxp8tqK0M22ZA8rhgBIBM&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Oct 2022 09:08:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 30 Oct 2022 09:08:33 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame BC47 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kc61FMr6RJAD-gFi-C0SAgAAAOoeEzCFSzSxX721iRAQP15jzTqOI_stpyLBbs4AEgAA&wp=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
184595
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 29DE 		152 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
18f0136590b2edd53cf0e84b02d9925dee208b74c5797d979be6dea7654cdfc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:32 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=x9oyvnkzEDP4Q5mL6gJ2chtZTpDbjRWdk4GqKykyKG2PeFK0t5TPKAeQRuXlSp51V29GLqksn5LQh6TXRSgXLH41zgxL-hfKeCAElgg_Bu4YinhX78BN2-cEZ75ZmRdET7goYfN98J84Pn2MDPQRrDvqsxCvpWqkB44CEGtJlEO8RrDQ1U9x_vED-ZaTibh1yZzoRxdSZxJRhdozT2Xs9rKBttC5q9d19TsILRddKOgLWepX4_GxZw5b74Aem3jRRn8Vc17EEHAFGU6f"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
132175545
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame BC47 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 18:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 18:26:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame BC47 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 18:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 18:26:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC47 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16765092863665075077&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3401&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=222002997&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&ga_hid=2997&dt=1667120911306&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&bdt=2561&dtd=309&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:33 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI1MTcxNTlfMTY2NzEyMDkxMzAwMCIsInVzZXJJZCI6IjUzOTU1M18xNjY3MTIwOTEzMDAwIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiOTA5NzYyXzE2NjcxMjA5MTMwMDEiLCJwYWdlUGF0aCI6IiUyRmElMkZob3RzdHVmZi1vdS15YW5nLXppLW1laS1odWEtdG9uZy1rdWFuZy1uaS1uaS1iaS1udW8tbnVvLXNoaS1tYW8tcWlhbmctZGFvLXNhaW50LWxhdXJlbnR6dWkteGluLWJhby5odG1sIiwiaG9zdG5hbWUiOiJ3d3cuYmczLmNvIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZ3d3cuYmczLmNvJTJGYSUyRmhvdHN0dWZmLW91LXlhbmctemktbWVpLWh1YS10b25nLWt1YW5nLW5pLW5pLWJpLW51by1udW8tc2hpLW1hby1xaWFuZy1kYW8tc2FpbnQtbGF1cmVudHp1aS14aW4tYmFvLmh0bWwiLCJwaGFzZSI6MCwidXNlclR5cGUiOiJORVciLCJwcmV2aWV3VmFyaWF0aW9uIjoibm9QcmV2aWV3UGFnZSIsImV4cGVyaW1lbnRQYWdlIjpmYWxzZSwidGltZXN0YW1wIjoxNjY3MTIwOTEzMDAxfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvaG90c3R1ZmYtb3UteWFuZy16aS1tZWktaHVhLXRvbmcta3VhbmctbmktbmktYmktbnVvLW51by1zaGktbWFvLXFpYW5nLWRhby1zYWludC1sYXVyZW50enVpLXhpbi1iYW8uaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvaG90c3R1ZmYtb3UteWFuZy16aS1tZWktaHVhLXRvbmcta3VhbmctbmktbmktYmktbnVvLW51by1zaGktbWFvLXFpYW5nLWRhby1zYWludC1sYXVyZW50enVpLXhpbi1iYW8uaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 30 Oct 2022 09:08:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=109, origin; dur=202
content-length
555
expires
Sun, 30 Oct 2022 10:08:33 GMT
pixel;r=1310766282;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html;uh=e51ed67dfb8d9...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1310766282;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-2054909376-1667120912320;pbc=25250a8c-092a-426e-9630-e864ee115a5a;ns=0;ce=1;qjs=1;qv=acb00a35-20221027125754;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1667120913185;tzo=0;ogl=;ses=a54bec78-67b4-492a-a005-c414ca169747
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
truncated
/ Frame 5C3D 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28879ea471ea3d67f6046e731997bb213278fc408859913da3fa73aafb14b8d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BC47 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b94a487fd57ffa8ae35f70c4c3dd9cba39b41a8ce508f186d89e5070b20dae5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
js
www.googletagmanager.com/gtag/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b20d90c8336a95de38d2fe3667c3204e793b1bb2356b220e56317281100df3b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77489
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 Oct 2022 09:08:33 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9ob3RzdHVmZi1vdS15YW5nLXppLW1laS1odWEtdG9uZy1rdWFuZy1uaS1uaS1iaS1udW8tbnVvLXNoaS1tYW8tcWlhbmctZGFvLXNhaW50LWxhdXJlbnR6dWkteGluLWJhby5odG1sIiwidGltZSI6MTY2NzEyMDkxMzUyNn0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
server
nginx/1.14.0 (Ubuntu)
sodar
pagead2.googlesyndication.com/getconfig/ Frame F020 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
26ba495159fa2fbbcf392078537007714892a5738e18be304a795ec1cc7d03e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11240
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7278 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
6df235f3e73733a2e11ec568689cbd8d7833e093fed8f325ab39382d333b5eea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11064
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame D401 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame D401 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D401 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 25 Oct 2023 09:08:34 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame D401 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 25 Oct 2023 09:08:34 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame D401 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=pFcmRVqMiUBAizzWJRFQtuweI7yWPzpF34Zr9ImFT0IRjXzshh9A3eyWbKiVyC4KHiFStJPqRNrK3mJ9Pm5ewV4FQioUfWa9MudHdXikxAb3-ks87JGUtvrjXINK_d0SJ_9tV1vzPWkg9ik3eZNHawIPTaWzE2YUba2rQJ-OWk601Q6awUngmWs9OPC1ZBnydWnAf0XHh9C85SeiYq8bTV3ypFq8acKfKKiICV8xwEghfbdmLiMneYfZFThFV7lSzpO7wfCGBKQPMJ5ldzj3P8uSTenGRQZJTH1TDBgsR3KjMpYmYeVqvjRlVqAu4Xa2sE1jYZIVgjJctxdg_uwEUL5R8gF7zHYbc0QVGfxKuG54h1MNTJzWia7a8RyzNrYTHuRose0FBN_I72RQuZM-NR-2H2MpYbamhMLsrvzDiRb4OE5cUUBXI6Bfu9xTSPqKwyDeLg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2746176
expires
Mon, 26 Jul 1997 05:00:00 GMT
visit.jpg
tps.doubleverify.com/ Frame D401 		0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=23716808&cmp=192271&sid=3129&plc=6795095&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&gdpr=0&
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.110 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:36 GMT
Cache-Control
max-age=0
Expires
10/29/2022 09:08:36
index.html
static.criteo.net/html5/95385/20220922_fy22q4_nonpro_savvycomms/yoga/300x250/ Frame 38B7 		63 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/95385/20220922_fy22q4_nonpro_savvycomms/yoga/300x250/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:34 GMT
etag
W/"632beb8e-fd81"
expires
Wed, 25 Oct 2023 09:08:34 GMT
last-modified
Thu, 22 Sep 2022 04:58:54 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
privacy_small.svg
static.criteo.net/flash/icon/ Frame 29DE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 29DE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 29DE 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 25 Oct 2023 09:08:34 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 29DE 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 25 Oct 2023 09:08:34 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 29DE 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=RjgzLqU0huJi0zbU0BjZueKU4Qfz9WrKXkfgVXIN-gziLaINIZclKumOjZgWSCdZEN-oV-5SM03Ni7DwqrBeSUWKm3GWuY235xGvT5Yog5cz8meAwfPU15G3fMmCWIuDmBUPLLDa4diYIonC59a_ddkwpjVMiLg-5z8g5kTKtuw43UISZSS2rFvB-hYg4iMbOfd-Sce1wmJW5AK-noNANL9Dbdr5hcziOcvyC0DonzzRzVcX-D9RaRuvRVvTe5a591KYhJaFcWtsP7LIrnbSYfa8QpG01Q8cRBZkZiaeubBUgI1VHnrPTsN6eMOiamqzUhFEg2u7IxXvb0fAwknW8XsMEvMgFnYtwAFXZpDutfwiN5nKBszNSqtwwTO2S6-_nOrfue6OWr0gl6FpELGLf7gssZ_0laBTalvHNIVk_VRvoSNE
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2900178
expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.as.criteo.net/ Frame D401 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=O0yXankzEDP4Q5mLPwuh0NhCi6O8oOCFQrTZJniPV_8IydKuJVjXDf4ybyNtk6diAxV2ZzPqYfe1Wxm8RWCxA2FGYea-6hjPO02dyYrgQHSmFVN2Gw7S9LfEGsEJU-F6amT1s1rN3fUaNyRGLEVIj7VoiX-lECXkhBcgk957Ww0xNZKIAZF8wiIAQPcWTpoFQNYdENfvuQWj6qldvMtNAvsvDKt5FJfPZyYVu_fjU79mV6DFPtLOOeVdclt_PgFoLPoT7Q_WwFAufjlI&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D401 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D401 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 29DE 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
927199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tooqkRGsfFIA%2BGiK8kbvIJ10ZRT8Id70NQRxf5IU8QxSkkdADXMv7PRLqGNeKUn8JtliwyPTUBJxFxIkV%2FfSB0PQs15uwfJwVr7LcZ2j%2BFAoiWxKDKCMjgW%2FfAvd9arkJ8AEXshg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
762301d03efca82b-SYD
expires
Fri, 20 Oct 2023 09:08:33 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FDCC 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c99db983f19714dd171b9f00a8cb46537142bc202716238733332f2212e94a30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40202
x-xss-protection
0
server
cafe
etag
7749610250261114995
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 09:08:33 GMT
animejs.js
static.criteo.net/animejs/ Frame 29DE 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
img
pix.as.criteo.net/img/ Frame 29DE 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=496&m=0&partner=98328&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F98328%2F220804%2F7ba2d22d6eed4b5d84faf95670d20a8d_bubba_bump_logo.png&v=3&w=196&s=Lo1OcvewRQlZDW4yDQm8Kdma
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
40b3d3fb7ba26b8d384cfe8f0749311d6ce7cd9c0e3dced7cca33966a963d126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28922450
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16309
expires
Sat, 30 Sep 2023 03:09:24 GMT
img
pix.as.criteo.net/img/ Frame 29DE 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2FPhoto_5-8-21_2_04_06_pm.jpg%3Fv%3D1644923407&v=3&w=400&s=8p9MFY9ii8F2LDUuU_tWjd1C&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c9cb17ca4fbfd88bfb56bf96fef42c80e02a43beba78908fa027bae6fa7f903b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28706819
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27034
expires
Wed, 27 Sep 2023 15:15:33 GMT
img
pix.as.criteo.net/img/ Frame 29DE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2F121A0792-2.jpg%3Fv%3D1655252469&v=3&w=400&s=C9gMB8q4Klo5Z1GLrk-0ugrk&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
17511bad9e9a09c95561ec288f9624777fd314e726d1957f45b2ea4870414d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30094119
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6342
expires
Fri, 13 Oct 2023 16:37:13 GMT
img
pix.as.criteo.net/img/ Frame 29DE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2F121A0833_websize.jpg%3Fv%3D1656414625&v=3&w=400&s=2FmEIIGqg5GXQH-VBjCdKCUV&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9fec289372e6d2ae1d0c0cea24a79ddbe14155c69d736ff01f0ac90419f6426f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29406995
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1888
expires
Thu, 05 Oct 2023 17:45:10 GMT
img
pix.as.criteo.net/img/ Frame 29DE 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2Fimagejpg_77b92e10-054c-4d6f-bfdc-351f95fda0b3.jpg%3Fv%3D1619510634&v=3&w=400&s=GuXozFsCSRzH4loDtT66jQ5H&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4c54a7167d8f46db25633861195e63418e352c2901317be7c962edb16325f67c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29448637
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17404
expires
Fri, 06 Oct 2023 05:19:12 GMT
all
csm.as.criteo.net/ Frame 29DE 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=x9oyvnkzEDP4Q5mL6gJ2chtZTpDbjRWdk4GqKykyKG2PeFK0t5TPKAeQRuXlSp51V29GLqksn5LQh6TXRSgXLH41zgxL-hfKeCAElgg_Bu4YinhX78BN2-cEZ75ZmRdET7goYfN98J84Pn2MDPQRrDvqsxCvpWqkB44CEGtJlEO8RrDQ1U9x_vED-ZaTibh1yZzoRxdSZxJRhdozT2Xs9rKBttC5q9d19TsILRddKOgLWepX4_GxZw5b74Aem3jRRn8Vc17EEHAFGU6f&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 29DE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 29DE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGZm4KfXqOAAYdkNmhXcGdSTqm7Bw-6g&u=%7C5UOhnxKBRGdhweOgKHmdAiA%2FUe8xtugw6wUZhKksJcA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5a7VCjwOOstd79x24phTIngNtDgIDiTkvPC31VYh-uLXG40BwiPTHFt1_3PhSLBkQ_vEsZ8dlbvr9bl4sVmbiD6pb7Z0b92dJhnU2mFI-WOvbPnjZqv75JWa_lVw2k1XWXIuCxu5B2VH46RMQeBwPGvXOJ5zfFNpIygHx1h7wph0Fx-aWRQ_A0n5LMnZCtcG5K3g-J7FqJ_eQ7wsda2PQduqnOwfTg6kupg45Eq4jhOI63s9xYDS9i25n3O0-qEzPKPkk30BIQgXdqYQswOTMPsmqkUrLRnTaZ753fQMbMGe8MKzyfyWCJPTT7_JpJnBCinyU7u4Set59nWy-q7QE5FuSXeHWhUiW-Lx5C8u3dComFbTpmOx2htbQpUQjkhB51zTTetR_ZfEO-3u6b_QzWSiDzI53tcfBafNOeu1kz-RcikJ3Jh1Vp_42A3G9zB47-OlFDHbuIVHJGXtWaTHNMLLOez1WIAyNKt9-Dt4fPQlbmwXgGlg0b-axmnToGhTpCqRHTRjAQo6Wt1qEgApQ77jmVivAVfpDwK0kyrItWOqyOBwZbon3UNFSVWAH8pMeCkZNM351uruttQ4Sq1q2afo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ32iED9eY-7MGY719QOQu5iwD5j80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnuZr9jlgqU-qAMBqgSUAk_Qw2QUuvZDX56CxtCZXUNSi7jL7JFg2_hNjD7o6-f2OpKYhXPzCi46q7j6Qhe3NjbsWuuQCmi9Pjlhk0sCD_CaT3Ml1_jrn-xQNTXtkoNKnwaz5Z9Q16I-TRNpa8mVMxY68rOCVjHa-OJcW0Amb0ssItSjLBcQZf8QQ9fgXdAbBnPwyNHi4CUXwWfzUpLOzGnZlS_GyyZThGEJO9ibv0w52-tBMw7CW-rjgKTp6zSu8Qf46oya_SbLadivpfd3vejdaJRPGwlz_sOXlYatJZ_hQ1QF_8m-7H9YJozdQIV4dWwNWxX3KXFU2mEzLGDVeyWdVmI7qXtpKsqXufJIKPBeUX5LNm9YmMbms7r7bK776CEhrIAGqP7myM36wYOJAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ggvtM2_MyR01XZ861iCubL1gSFQ%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:34 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/ Frame FDCC 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_fy2021.js?bust=31070607
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
7bc473215d8cce8f525c5753cf5bb139b449d01ce0c2d34f9dc5b72029cfe6bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119025
x-xss-protection
0
server
cafe
etag
15694111593346430408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 09:08:34 GMT
css
fonts.googleapis.com/ Frame 29DE 		1 KB
913 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
e58bb65e5ce1a00715d3571d44cf9040e3f2cc2bc2f6eae3e2caa25607fb0d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Oct 2022 09:08:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Oct 2022 09:08:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F020 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7278 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:34 GMT
integrator.js
adservice.google.com.au/adsid/ Frame FDCC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_fy2021.js?bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FDCC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_fy2021.js?bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C9C0 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_fy2021.js?bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
c56bf25f4a67f4343fa5f163ff65ad7121c606a05c13963f41aaf18e471cddb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
15952
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		103 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=408948118885278&correlator=3498124115858316&eid=31070233%2C21065724&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D5aebbfd76497f41e-220ea50a98d700ee%3AT%3D1667120912%3ART%3D1667120912%3AS%3DALNI_MZTySc18sr65JxuIQKed_1eyauw7w&gpic=UID%3D00000b7177050aff%3AT%3D1667120912%3ART%3D1667120912%3AS%3DALNI_MY_rQrqrHzB1m4WWX4bVH4vNPbluw&arp=1&abxe=1&dt=1667120914398&lmt=1667120914&dlt=1667120908745&idt=3679&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=109556288.1667120914&ga_sid=1667120914&ga_hid=2997&ga_fc=false&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
afca1da23761ca1a098b4e7aed2270c09825dc466e174bf9b048b21f9e1ecc6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21452
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C626 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:34 GMT
expires
Mon, 30 Oct 2023 09:08:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaq0&_p=2997&cid=109556288.1667120914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667120914&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&dt=HOT%E3%83%BBStuff%EF%BC%8F%E6%AD%90%E9%99%BD%E5%A7%8A%E5%A6%B9%E8%8A%B1%E5%90%8C%E6%A1%86%EF%BC%81%E5%A6%AE%E5%A6%AE%E6%AF%94%E5%A8%9C%E5%A8%9C%E6%99%82%E9%AB%A6%E3%80%80%E6%90%B6%E5%88%B0SAINT%20LAURENT%E6%9C%80%E6%96%B0%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 38B7 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/95385/20220922_fy22q4_nonpro_savvycomms/yoga/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Oct 2022 09:19:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B2AF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
186286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 05:23:48 GMT
expires
Sat, 28 Oct 2023 05:23:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 54F8 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
cb74fa4900354f69b279fe0c594ccedb4d8ec70568f7a59e04e0d5acc12b8df8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eiG81M8cg_ObQ1T3B9EM2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-eiG81M8cg_ObQ1T3B9EM2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:35 GMT
expires
Sun, 30 Oct 2022 09:08:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v23/ Frame 29DE 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 01:46:09 GMT
x-content-type-options
nosniff
age
199346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21248
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:38:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 01:46:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE29 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
186286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 05:23:48 GMT
expires
Sat, 28 Oct 2023 05:23:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 101C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
1035c75a5a67d1948d8f3522704f1d1c312495d4f8a23d83f27cea00630ecd7e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gsBahhcuLGffNo3w_zAWtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-gsBahhcuLGffNo3w_zAWtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:35 GMT
expires
Sun, 30 Oct 2022 09:08:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all
csm.as.criteo.net/ Frame D401 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=O0yXankzEDP4Q5mLPwuh0NhCi6O8oOCFQrTZJniPV_8IydKuJVjXDf4ybyNtk6diAxV2ZzPqYfe1Wxm8RWCxA2FGYea-6hjPO02dyYrgQHSmFVN2Gw7S9LfEGsEJU-F6amT1s1rN3fUaNyRGLEVIj7VoiX-lECXkhBcgk957Ww0xNZKIAZF8wiIAQPcWTpoFQNYdENfvuQWj6qldvMtNAvsvDKt5FJfPZyYVu_fjU79mV6DFPtLOOeVdclt_PgFoLPoT7Q_WwFAufjlI&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Oct 2022 09:08:33 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C3D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_ruM1y-90yZRGHgB1jwzIlX0aw-7R0BSOrRcoTdCV8iWNYbQvTq64W5ZBO5uzuGFtyekKuCZ9g9ikEk6QFAYFOZgu&sig=Cg0ArKJSzEfV-bnmNCauEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667120912824&rpt=919&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 Oct 2022 09:08:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A362 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C_5ylEj9eY62XGs2c1AbsnJ_wAazX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBK4BT9D_oqDqgHqYXUiVYTr31tiuUSakNjUn_4eHEHl-eu1zAxjvgIkku_KWQOIvJYwuqY8OWtImWy-i8YVKPOrYi3auo_8NoUzJDvXsrkLwrh4E0WJjVbPxivMk1fw8qgx2QH9CPShZTLyToV52tC67tjUp3rm_Lsf1xjXhXGNTyBLe3JllvF4Ms11ppvkGGLly8_vR5lmA82dswRVVaVacJIJuOmCPJGFVSANjilVPgAbDxd-byq3NmOkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=edoLrXraGlE&uach_m=[UACH]&cid=CAQSKQDq26N90xpYB98i6Ht3dujoTre3fvmQqHIcpHGH1SLUx4uOzakRqKa0GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Oct 2022 09:08:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame A362 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=2.3584982E-4&viewability=-1&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=63d3150376fa464eb0f690e7c6c341e8&dtc=apac_sg&ugd=4&size=250x250&pvid=4&csip=rtb-common-istio-6fbf967d5-7542p.SG&ogbdp=0.02&prvReqId=40673829933506_1433571963_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&commit_id=b090f8cc&scrid=1700080812610100250025000000500&mang=1&bidrestime=1667120914530&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:35 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 30 Oct 2022 09:08:35 GMT
log
qsearch-a.akamaihd.net/ Frame A362 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=0.0&adtyp=0&req_id=Y14_EgAHVasK1Qg73wQG9g&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&deal_id=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=-0.0100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1667120914530&cc=AU&strg=no_strategy&ss=&current_hour=8&time_stamp=2022-10-30+09%3A08%3A34&rvshhon=&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=63d3150376fa464eb0f690e7c6c341e8&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.15.0&totalTimeBucket=3&visibility=2&totalTime=3018951&dmm_m1=2022-10-30+09%3A08%3A34.532406728&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-6fbf967d5-7542p.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=4_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:35 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 30 Oct 2022 09:08:35 GMT
nmedianet.js
contextual.media.net/ Frame A362 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8743e9e734f4f887873a92582318c63b455686683b7e5a6715a0396b916d2550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
22-8wt1
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 30 Oct 2022 09:08:35 GMT
server
Apache
etag
"ac877b6422653e37446cbabd9d0d8906"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-20
timing-allow-origin
*
expires
Sun, 30 Oct 2022 09:13:35 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame A362 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sun, 30 Oct 2022 09:08:35 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=22266
access-control-allow-credentials
true
content-length
62892
expires
Sun, 30 Oct 2022 15:19:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A362 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 18:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 18:26:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A362 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 18:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 18:26:32 GMT
l
www.google.com/ads/measurement/ Frame A362 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSY83K4tSgYXmcd8zN7EvD4wVK7d9QlbgHuXNxzYwSFRp1RwUb9Us4mcKNkloxikIn1SLKaI_30SGKouE2lrhdhZZcAwA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A362 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:36 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame B2AF 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 01:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 01:30:19 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame EE29 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 01:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 01:30:19 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210071758000/ Frame 08C2 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 08:00:57 GMT
age
176858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61557
x-xss-protection
0
server
sffe
etag
"6f919b986f193e5c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 08:00:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08C2 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 02:41:27 GMT
age
282428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"79c6a9d24c248711"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 27 Oct 2023 02:41:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08C2 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 04:44:40 GMT
age
275035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28805
x-xss-protection
0
server
sffe
etag
"61ef65d2d2d03d2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 27 Oct 2023 04:44:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08C2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 02:41:18 GMT
age
282437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"cd31ad97eaf70e3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 27 Oct 2023 02:41:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08C2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 08:01:11 GMT
age
176844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
server
sffe
etag
"81bd7ae64421add4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 08:01:11 GMT
truncated
/ Frame 08C2 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ead8480cc07a7ab8bffc52dbfd3ea8c825d5b451d29f0eac8e4d2dd4a8b90ae6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4450058903144158205
tpc.googlesyndication.com/simgad/ Frame 08C2 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4450058903144158205?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnmdMjuwgi-perSW5SG35y0behlyg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
9840d62850a5552523b8bd69c104fc0c39f2a99b4de9a56f96a89c73120f6c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 06:30:13 GMT
x-content-type-options
nosniff
age
182302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26095
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 03:05:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 28 Oct 2023 06:30:13 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 08C2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 11:43:27 GMT
x-content-type-options
nosniff
server
cafe
age
77108
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sun, 30 Oct 2022 11:43:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 08C2 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 20:28:03 GMT
x-content-type-options
nosniff
server
cafe
age
45632
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 30 Oct 2022 20:28:03 GMT
l
www.google.com/ads/measurement/ Frame 08C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQg-a_DiVQIUV92lWzdlQ40XGLRIUIqVcst-vTS-Tneck6qhZwW89uFHJQrfNkWWs96piT9xDdsVI0dqe524XbcJ6yLBg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=7966.300000190735&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJzbG90SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTVmOWYwNTJiLTM1ZjYtNDY1YS1hOTBhLTAwZDQ4MGMwNTkzMiIsImNvdW50cnkiOiJBVSIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2NzEyMDkxNTIzOX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 30 Oct 2022 09:08:35 GMT
Server
nginx/1.18.0 (Ubuntu)
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210071758000/ Frame 71CA 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 08:00:57 GMT
age
176858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61557
x-xss-protection
0
server
sffe
etag
"6f919b986f193e5c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 08:00:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 71CA 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 02:41:27 GMT
age
282428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"79c6a9d24c248711"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 27 Oct 2023 02:41:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 71CA 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 04:44:40 GMT
age
275035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28805
x-xss-protection
0
server
sffe
etag
"61ef65d2d2d03d2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 27 Oct 2023 04:44:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 71CA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 02:41:18 GMT
age
282437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"cd31ad97eaf70e3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 27 Oct 2023 02:41:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 71CA 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 08:01:11 GMT
age
176844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
server
sffe
etag
"81bd7ae64421add4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 08:01:11 GMT
css
fonts.googleapis.com/ Frame 71CA 		7 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
d37b6441dc4049f8fe981972f64903aa46280708aa7f2c4465b447df78459f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Oct 2022 09:08:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Oct 2022 09:08:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Oct 2022 09:08:35 GMT
css
fonts.googleapis.com/ Frame 71CA 		4 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Oct 2022 09:08:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Oct 2022 08:32:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Oct 2022 09:08:35 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 71CA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 11:43:27 GMT
x-content-type-options
nosniff
server
cafe
age
77108
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sun, 30 Oct 2022 11:43:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 71CA 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 20:28:03 GMT
x-content-type-options
nosniff
server
cafe
age
45632
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 30 Oct 2022 20:28:03 GMT
container.html
22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8857 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:34 GMT
expires
Mon, 30 Oct 2023 09:08:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/12491477890756638244/ Frame 71CA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12491477890756638244/downsize_200k_v1?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYIXBAwGAEgAS0AAAA_MFw4MEUAAIA_&rs=AOga4qlWGOtp-rARgRyzLYCMLZu3AYqSnA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
d5c9206498167ae367183280cca00fded1c302326686b204c2abeada05d88e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 00:03:27 GMT
x-content-type-options
nosniff
age
32708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3745
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 17:00:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 30 Oct 2023 00:03:27 GMT
l
www.google.com/ads/measurement/ Frame 71CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXQ8Kf-rUMLOGXsrrFHyaWy4XT6f_y9nmpKfk4z_zZ5cnA0HfcSthAit9o0BqdLL2kMZDKJ9VjAwPqsQPyhnqTclCMww
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=8019&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTVmOWYwNTJiLTM1ZjYtNDY1YS1hOTBhLTAwZDQ4MGMwNTkzMiIsImNvdW50cnkiOiJBVSIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2NzEyMDkxNTI5Mn0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 30 Oct 2022 09:08:35 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=8019.60000038147&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwicGFja2V0SWQiOiIwMDAwQTcwMS01ZjlmMDUyYi0zNWY2LTQ2NWEtYTkwYS0wMGQ0ODBjMDU5MzIiLCJjb3VudHJ5IjoiQVUiLCJzaXRlSWQiOjQyNzUzLCJ0aW1lU3RhbXAiOjE2NjcxMjA5MTUyOTJ9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 30 Oct 2022 09:08:35 GMT
Server
nginx/1.18.0 (Ubuntu)
truncated
/ Frame 71CA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e75207a4e6024551c2a00928d405b67991b3b828f416b707f19f4d993b791fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 Oct 2022 09:08:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 101C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102701&jk=1176044551974095&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 54F8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102501&jk=3844432172891495&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B2AF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dtbcpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame EE29 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YojS4A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
p1.jpg
static.criteo.net/html5/95385/20220922_fy22q4_nonpro_savvycomms/yoga/300x250/ Frame 38B7 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/95385/20220922_fy22q4_nonpro_savvycomms/yoga/300x250/p1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EAAGhAkKj3USAAlUhNcRyosbXMgFEjbQPQ&u=%7C5UOhnxKBRGf6NDdgvb5CgAmOdKPAD2kh33CLmgrruVM%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUOXjlaDYi-4CawthpUXYjVPTXLvrDANR4lOtVq5zsFmWePlpEtZpg927pwVqgiCqcB5rONGgilsWQuLkiuuMAbYgJ8CIv7hhch0p4TWIUcEyVUUajvfivIGJeMHJcskFUJh_mZju3tDh238leR8iW8kKhnSM4AdAUqhYV-z7YmfvcjLCPFuo1uLa5uEHQ-RAmxjAkUZTyv61mzyTcImmGVyWItz4LbM5xClnkBf2hvrY4zCdaem3MUTBGOpJWsKMn96RRMwGNjVGVDmhcxZN_EDkW8hS971XzbhmmlNLTPjKk0Ms976vV4q3UDK4KZzag1m0EzY3dJ92W08RfqN3KJUsV9u5bHJZEkEHTDH_uFtAJqhDSnJ3CbH1YdFlGSWC_RjdZducmA6X9fi4o5UHsnAOBW17lQYPlfv39er9jcwVrFkCuQthurcQ6UYuLyppZh8BObU89ls9yOluZ6ekGbnRakeu8w1KRDyqSSHXQ2cQ9HNv7QXvV5YN5Nab3pe4pLb8fVl1aF4UN07q4lTLnTMYc0WGEh0x-j0V1n_YAkSGHrlCiol7PSSxbe191Nfrag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbv-TED9eY4mIGpLqvQSEqaWQB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnuZr9jlgqU-qAMBqgSOAk_QVekwMCu5sK7MEUC8TYpN23sUNlCmtVEv_VnwIoYYrZQSnRep8FMdcIpGdd4jLVEcWym7wRR5KB0TWja1jQbx53TQZbVA6-N2ooLbnHoYn9WoxJ8YWn30FMpF0sPZRPdXpaWQvn35VZ91kzE0J_Ro5Yl7FM_6J_EWBzFBAjIF2n-MXfOQfWc6szggp5YCBpPvq6ZG6wMqFZ_r1FdDPoK6NdzHOh3QSUmre2bitJjTsqGYH1VALODQu_77h4W6e27Z7N3LD4PCSlZaJU0atM1ilCjyViivcFWMIT9QYKV1nDrqogptIMMSdthe8cetjTmLICzE-GhZJhd8R9trIWnBGOkiz6pZSPejaLvC2YAGzoC16PSxwKfBAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3f1FuAGL5DnzmHM8eDSM_xKyT1Cw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2fdcc086c66d6d46161cc9e2566e3f5d9e33e2abb9c07126383d50931b4751fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/95385/20220922_fy22q4_nonpro_savvycomms/yoga/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 22 Sep 2022 04:58:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"632beb8e-14222"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
82466
expires
Wed, 25 Oct 2023 09:08:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 71CA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 09:46:43 GMT
x-content-type-options
nosniff
age
256913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Oct 2023 09:46:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 71CA 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 19:42:58 GMT
x-content-type-options
nosniff
age
48338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Oct 2023 19:42:58 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 08C2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Oct 2022 09:08:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
delayed_impression_vu_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/impression/ Frame 8857 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
418175d0a5ca6d9e5ec104c3fe3c47f7587cc23cc7bf0c99468c79f9d9881000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 08:01:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
4006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
14936804246218487703
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Nov 2022 08:01:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 8857 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 18:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 18:26:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 8857 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 18:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 18:26:32 GMT
l
www.google.com/ads/measurement/ Frame 8857 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuUeXuOSXb2qxwCcZE1NI7WBrHluzsl3QxcYVoAp9yU44qchH3jl1TYdu578k_RJ_zjSS8Dhlobuy8Q_RwI0YECHT7BA
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8857 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 09:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Oct 2023 09:36:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8857 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:36 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 08C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgbHNEj9eY97OIenBmsMPwM2qiA2-nurvbNeopKrCEKvhwtmlMhABILqEwDNgpYCAgJABoAHNhZPzAsgBAuACAKgDAcgDCKoEuQJP0OPapeYRjAHfohQ54ZTgE_IS4ptC90n81m-J2jqMzUCACcZeXHN3p7O6tFZyxt4-kisYY5vpBn9sQGswgLFCptMwXCCB5voDaXCBlnl88QuCx5mgilV-tj5Opki4zuUx49gN3GTP1XEn_S6g5R3r9OzPSFu0prsMXxtTHgk3LUPgUsHJrmTxgTBW-ZGDzyTPd8vy7YQL9MMqXit_kll1UbpscYGQZIfEQx25p7Y02nGx9AVTSrGzokKxOiPEfrzsBI787njcPE3rjlBbjiRsomgw9cAr4JWZ_aXWoMBDRfk9a4J2WjojlkSvwTq-nPJpMaHNQZOk9X3iU6Lus4GrwAM41UXo0Y6mU_7AUF9sdtdnTyDNA1GJDkcpGB_YSsxaWdwUgmmqdFAwqHPgYR04gEF8imXoe4SgwATPvPLmlQTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHxaKsmQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDv6gTSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=FpHYkHGV5zk&uach_m=[]&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 71CA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Oct 2022 09:08:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F020 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102501&jk=3844432172891495&bg=!Tk2lTQnNAAZPh4lnb4c7ACkAdvg8Wn71pS4fvFY9wQ-y0iA1eoeInRHwB4wHh4XYKWhUuHmLbpzaiAIAAAClUgAAAAJoAQcKABHw4q0yDgi4LyHKlFZsac3dUJkCr5TcPhENnJ3D5RYwYHfvawJgp6FUp3D0DljFnwKuR3Cb-PgYmCMyIBOQKiUyRow9yPHdcfDvjsbpsWitwyrMOTCBLrwqSont6BqqB3qDmorKG2td2FfejEpoviXSsdroQKG6d1UeI4ECRIeSFbHScjS2O_OZx8jqD94ff9C8RoQ_IbJqFO45wdAzk84p7GKeTwpBs7IYzHIY6C6wEyvR58qCnkAa_XJ3ZAmiER1igoHEXeRsftD4y3xsiBwKr7GmpsC4GmfTEhIIdBSOJEEEuIj8_6ZoUb6fmHcGtbqNLwNXJ91XdcQHdk3vSVNEzDDOnUtmglp84thlL9ugIPkcZyBb_IBSMJyIhxVDSUxpafsvaoXsw7cequqMl183kxpeILZpyv1pMPsMpWtMnu8BBYwfsBQN4lh_uufVlag9TLtdr438LZHdEpyu1OMqukxTydKaOuF_Jmqsg0flWaXAU8K5DOvUNhoP_6Qgshhz6BuS1ddeQWkE3WDKXOs5uPMa6OV3CluifGunUw9F8aIO7elDdBTxi3pIbuW3Og38O2O-jLd4eCHfezXMjoChedrZ8TYZ2ck8-y9xrEPkg055jae6MdCNFyQDpfH2vNAcixMGv7E2K0ZhRgzPbXuQ8ap3efi_CUJLbdrOEmzBnfuKNJelp1NfoKt1QQd1wenLVzObwoq8qvYuMDXZHDTuGaoWCWlVjfP2bptmR09BvHRlnuKRHRldiznXQZvy1jO4IlC0WClpMRgrhGSclDz4yU5_n07_Chq6aljk8_55mCauMJKecerSnu4BuCjbanxk9lHoC6Q0DCjFxSfDmHDcyl5dR4BuS40qp9TUG2HBH2UasUxbt6bGDD3d5T4wf8PtAsodSXdLtFHK2lODtGAmPLGS90oVjD1P5UtvNyaMFJY2fQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7278 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102701&jk=1176044551974095&bg=!Pj2lPXnNAAZPh4lnb4c7ACkAdvg8Wh0RtM9JqcaGVOrr4l93_07n0f1KM5AwjKHJZxUWzK-QCvBj2AIAAACfUgAAAAJoAQcKAEDz4K_cRwH85rPdqwB_YTimWOBE3lCKNgRJg4qaiIWr-m6hzWlNeK1rDTRpI_MS2YewCRePUlwL-UhqwaKX05FcmQKx6boKti7ktaxPnV82Uq6YwYlABR-9iSdo8xtXd09fatM06XvH11ssprBsiwI9frCIaXslVkrLLY8tQA8VvwfATBLj7Xtt-HpqA0sOqa4huHPzaXYsk-XdzRKxqf5Rc8AG48XUs1MhU9lBCDftjSGS_d4X_9fi-ud4HPcLxuYNDnHcKrsU6JWvcLoAx0-E-YNOsnd5TC0W4sDBKz7ERilJO0T8j7LElQD-GIJvNjn0GFpFuWoL2P_oKkgsRLE9CYmu3i1z1whiQg7Zg7NXe6PAZjOGzL3-P2i3ZNOAxcDWQRvoOOgkIUt4pKdC8vOSkM2ojYT8CWD80HE4XLXhjIXfA59DAN7jI5qCu1fEVifpL86NV51TTF1rFXjcPbluNvj_WOJg-w83PdkGSKgVaUt7w66epuxSg3ZjDUE1PfyddUJOoypT0ZYUSaIoL-5RRs2VXAzQPyBLi575Ym3pCfphilJZ66hoI99WWkDT9-7MylNl8v4gLMmQhnaff6Z-sA7XGQnGEuGxuPOfkQd5sSDXSW_Zq_S4ywP_xxieFYM1Y-uW2gwO8jhO7E4Wm8zUTkJ9wjxqlmpO8m3IRxZrU7KHOU7R9fCZCA08AJe4HS2m7Zqf6sf6yLpQj86yOcoXIdPekllkIIFh6tvvHLpBX-2t78ykxk9PWbYusW5DLSK0brz5aMNa_g5YZ1aTpQOp36tocVCQy_1OcoXYHm7JFBRyTpYXbRqbbQORZe2jkQYBJzPxT3A8erXXH1zvdJRo-TewuDqdAnR3jb_i4sOrT36L9D5tSbpSIgg8x1QPd5eOdVC72oVfviQbWyY0eAqQpQmP41O7ABT-vrUOHfJ6LYeGOhZ-yM5PlYrZuXg3ZKr5wtlUQyexu6C9DH-UD5Wb6jtHzpvKmVm7f0CCitzE7lLXMkw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 71CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCEBSEj9eY9_OIenBmsMPwM2qiA2WspSCbbPCqumqEIO2sp2SGxABILqEwDNgpYCAgJABoAG63Y32AsgBBuACAKgDAcgDCqoEuwJP0FAiITDPrrzdIUZfl9dT9dOi-U0MBuvbCQwomJePYCij2ryDLB1ecJssOfusHGdnuGdQFS1p3Fnqbe10uJ-jQ3d3I0SEwWWLOGH3BfcgHSg0Y8Xsmhn873pYxaTX1NsFwlHLwAjzHO0BAVDifMc02MCb8zKpe4U9nQ5LWFLZDaiSwcUsYQ1upnNw_cYO57hu_giAvEnPMe4WBsNZMLzdiO06EYxRwW0kJ8Ob1wrnd-0AJxlIZ5Z9L3KXreGFQcmxMRuM6JY5VyK8bI8ICDW8tgi_o2_-BtJzszYjMxIlneJ82Djd52IaOIft8VM8nCs3tFSAl_i81C_uN5QPNYBIOis15d2PQg0c9aHvYPmGIvj4Fu4Gdioc7RxomTmBnq6VoHB_IPds9dLagwpYxeOoM4pcNdsDKMiTVaHABOHbmIyLBOAEAaAGN4AHrqLyiQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCgkALSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=fMfBYm0hiGk&uach_m=[]&template_id=492&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
afr.php
ads.as.criteo.com/delivery/r/ Frame A7FB 		178 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3f6fac5cb13db69d864d73fadb48ef85f7fb626334d8810b1fc171ecf203610b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:35 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=uWtXPnkzEDP4Q5mL8lqKUsMDdGyECC_hcTEopZgMi7L9Ia0T29hxncswlhWw5lX_gn9BCom1MVOGiKCby9tFPpgL661DO2f1NUIYX8YbZpZpOGi-6I59rAp-BNHMJgb0hDyU958iSdAAmU5Np4pEyErtsmnRw2k2Yo7ibjycNkQuePWr0TPXmBCtBoLJHZKOpJm1cT6nOSH8URbybWfVkPM9tQP0aB_FR_besW3o1fi9UFbZRfHzRhp6vI514AMyBudXwu_KW1OzSlwN"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
114554532
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7DE6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
26482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 01:47:14 GMT
etag
48472445140208031
expires
Mon, 31 Oct 2022 01:47:14 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8857 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6225677bca4055836010f25827a7361b6aaf0cd443fac3032a6b67418e8b0b47

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 7DE6
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEAx4srbSGhNM7sV3W_u8DW4&google_cver=1&google_push=AZmPxg891P95oKSgZlY5ChMxipZoXftSjyTmKAvqRXR8uBvdubVHDrwI-3UHGU6CgDD33cthDxTvpOkGxM...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg891P95oKSgZlY5ChMxipZoXftSjyTmKAvqRXR8uBvdubVHDrwI-3UHGU6CgDD33cthDxTvpOkGxM03B5hoDpOX8LH-Btckq5qQf4m_JyvxXqg9fcWwLk9A-mMuHH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg891P95oKSgZlY5ChMxipZoXftSjyTmKAvqRXR8uBvdubVHDrwI-3UHGU6CgDD33cthDxTvpOkGxM03B5hoDpOX8LH-Btckq5qQf4m_JyvxXqg9fcWwLk9A-mMuHHoCYTpJ9tMpaL7sqDUTd03oLnY&google_hm=NUtHeHJKWnNGMTNSTV9UNUxPMzF6NlZCWjg4&from_google=pc1
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:36 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg891P95oKSgZlY5ChMxipZoXftSjyTmKAvqRXR8uBvdubVHDrwI-3UHGU6CgDD33cthDxTvpOkGxM03B5hoDpOX8LH-Btckq5qQf4m_JyvxXqg9fcWwLk9A-mMuHHoCYTpJ9tMpaL7sqDUTd03oLnY&google_hm=NUtHeHJKWnNGMTNSTV9UNUxPMzF6NlZCWjg4&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 7DE6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKOn5Jx43gwAy91l9vnnSqY&google_cver=1&google_push=AZmPxg-lp9tqy6p20GynvSYvSe3VZwsPv1OxGGbaLO81fFAuEEumhjsK5sSKvM0KK2Vny01D2gfofH5dUT6DI5i8Ipln1ty...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-lp9tqy6p20GynvSYvSe3VZwsPv1OxGGbaLO81fFAuEEumhjsK5sSKvM0KK2Vny01D2gfofH5dUT6DI5i8Ipln1ty-NXgb9E-diWaVL719yNImfSmrvaicM36I6oFQD...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-lp9tqy6p20GynvSYvSe3VZwsPv1OxGGbaLO81fFAuEEumhjsK5sSKvM0KK2Vny01D2gfofH5dUT6DI5i8Ipln1ty-NXgb9E-diWaVL719yNImfSmrvaicM36I6oFQDnfrhGN0xOWu2Q43sFaH0cE&google_hm=NjIwNjI0NTU5OTE5MDc3Mzk3Mg%3D%3D
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-lp9tqy6p20GynvSYvSe3VZwsPv1OxGGbaLO81fFAuEEumhjsK5sSKvM0KK2Vny01D2gfofH5dUT6DI5i8Ipln1ty-NXgb9E-diWaVL719yNImfSmrvaicM36I6oFQDnfrhGN0xOWu2Q43sFaH0cE&google_hm=NjIwNjI0NTU5OTE5MDc3Mzk3Mg%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKb4X6MIWb9CjsmA9ZUkx_E&google_cver=1&google_push=AZmPxg_pML_-6muwl16fXg4kuE8T6MDftHUPxEtPxlIhnaRh--j-iV1ROmLMshUfHd6YmgcX5s4...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWNFFYNTEtMjgtN08zVQ==&google_push=AZmPxg_pML_-6muwl16fXg4kuE8T6MDftHUPxEtPxlIhnaRh--j-iV1ROmLMshUfHd6YmgcX5s4zASwRDa_KiuywmXBNwtSVWaVKD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWNFFYNTEtMjgtN08zVQ==&google_push=AZmPxg_pML_-6muwl16fXg4kuE8T6MDftHUPxEtPxlIhnaRh--j-iV1ROmLMshUfHd6YmgcX5s4zASwRDa_KiuywmXBNwtSVWaVKDfGneW3LtL_Eh3hvovG4_SLbeYTbbzpbRRv0qWr7u5a3cu5tqlKyB-E
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWNFFYNTEtMjgtN08zVQ==&google_push=AZmPxg_pML_-6muwl16fXg4kuE8T6MDftHUPxEtPxlIhnaRh--j-iV1ROmLMshUfHd6YmgcX5s4zASwRDa_KiuywmXBNwtSVWaVKDfGneW3LtL_Eh3hvovG4_SLbeYTbbzpbRRv0qWr7u5a3cu5tqlKyB-E
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7DE6
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMaK0IHdYsvvZLrE7AjYtkU&google_cver=1&google_push=AZmPxg9TB12o4ARyQNeYL_FFFvMCpx7mw3SniZu-TIJLusEoX_tw1WlFXd5QfXyYamq7u7zsn08YSR729cAhKYe9H1NU4IFcxK...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9TB12o4ARyQNeYL_FFFvMCpx7mw3SniZu-TIJLusEoX_tw1WlFXd5QfXyYamq7u7zsn08YSR729cAhKYe9H1NU4IFcxKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1ODY3NDAzMjY4Njc3NDk3ODM0Nw%3D%3D&google_push=AZmPxg9TB12o4ARyQNeYL_FFFvMCpx7mw3SniZu-TIJLusEoX_tw1WlF...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1ODY3NDAzMjY4Njc3NDk3ODM0Nw%3D%3D&google_push=AZmPxg9TB12o4ARyQNeYL_FFFvMCpx7mw3SniZu-TIJLusEoX_tw1WlFXd5QfXyYamq7u7zsn08YSR729cAhKYe9H1NU4IFcxKkBo0Slmr6VY3M0S7-1Q9M8UUU1LQY3odquqFLGIiXj_Is7b5J4DRUvoPs
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1ODY3NDAzMjY4Njc3NDk3ODM0Nw%3D%3D&google_push=AZmPxg9TB12o4ARyQNeYL_FFFvMCpx7mw3SniZu-TIJLusEoX_tw1WlFXd5QfXyYamq7u7zsn08YSR729cAhKYe9H1NU4IFcxKkBo0Slmr6VY3M0S7-1Q9M8UUU1LQY3odquqFLGIiXj_Is7b5J4DRUvoPs
date
Sun, 30 Oct 2022 09:08:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 7DE6
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESENt_Cu3i9_CWP5OUbvNVZBc&google_cver=1&google_push=AZmPxg-kvbScvBWkwdgVPe-eQAhZaNk_Eilcbz3Iy61LCZve5XYbFiBHBbkMgiY6Lo76f0FKp1WgiMNg1cCGZScLzJtuwR6Gz...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwMTIyNTE2NjgyNjc3MDAwMFYxMA%3d%3d&mn_hm=MzEwMTIyNTE2NjgyNjc3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-kvbScvBWkwdgVPe-eQAhZaNk...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwMTIyNTE2NjgyNjc3MDAwMFYxMA%3d%3d&mn_hm=MzEwMTIyNTE2NjgyNjc3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-kvbScvBWkwdgVPe-eQAhZaNk_Eilcbz3Iy61LCZve5XYbFiBHBbkMgiY6Lo76f0FKp1WgiMNg1cCGZScLzJtuwR6GztggBzNvTwMe0j4pDp4q04cM3uVMMwTbSM0WU4DgyGNzDwgPbln-dCrN-VE&gdpr=&gdpr_consent=
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:36 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwMTIyNTE2NjgyNjc3MDAwMFYxMA%3d%3d&mn_hm=MzEwMTIyNTE2NjgyNjc3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-kvbScvBWkwdgVPe-eQAhZaNk_Eilcbz3Iy61LCZve5XYbFiBHBbkMgiY6Lo76f0FKp1WgiMNg1cCGZScLzJtuwR6GztggBzNvTwMe0j4pDp4q04cM3uVMMwTbSM0WU4DgyGNzDwgPbln-dCrN-VE&gdpr=&gdpr_consent=
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 30 Oct 2022 09:08:36 GMT
pixel
cm.g.doubleclick.net/ Frame 7DE6
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEE429EU6ew6ccTNHeqx0tsk&google_cver=1&google_push=AZmPxg-PkS-ZJPE4M-VTK8CumijGnxEOVn0VjeB0Q7UJwlI1M-LpYpdhO-foa20G...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEE429EU6ew6ccTNHeqx0tsk&google_cver=1&google_push=AZmPxg-PkS-ZJPE4M-VTK8CumijGnxEOVn0VjeB0Q7UJwlI1M-LpYpdhO-foa20G...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg-PkS-ZJPE4M-VTK8CumijGnxEOVn0VjeB0Q7UJwlI1M-LpYpdhO-foa20GUtYVsJdf4QHbiD4lhmpgENNcJ7AsDL1vl7ZAv9ik4nAMwlm4HT9JcMcTsRa7Jq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg-PkS-ZJPE4M-VTK8CumijGnxEOVn0VjeB0Q7UJwlI1M-LpYpdhO-foa20GUtYVsJdf4QHbiD4lhmpgENNcJ7AsDL1vl7ZAv9ik4nAMwlm4HT9JcMcTsRa7JqxY33UnUNswiICYekzh3sFJFWuqhlRN&google_hm=MmhlSUZyT3hjR08=&suid-set=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:37 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg-PkS-ZJPE4M-VTK8CumijGnxEOVn0VjeB0Q7UJwlI1M-LpYpdhO-foa20GUtYVsJdf4QHbiD4lhmpgENNcJ7AsDL1vl7ZAv9ik4nAMwlm4HT9JcMcTsRa7JqxY33UnUNswiICYekzh3sFJFWuqhlRN&google_hm=MmhlSUZyT3hjR08=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
gob
sync.inmobi.com/ Frame 7DE6 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 7DE6 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGeMbgK48Urikf4p6o76ERi3HiTwOt1u4oFTBEvX7u8qJ6BtKth4KhUsWRX0GHpdUFP32q8Aw
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
smtr
contextual.media.net/ Frame A362 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1667120915372230180&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&itid=17&bae=B44xBgBzBN&bcpf=B448fOnRrolnfOur8xBgBzBN&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0770839569t202210300908&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1ea4a44797127031d35992339df3deab05fb26b6bb79113cdec4d514d41f5ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-sc-w
21-7jhp
pragma
no-cache
date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-jv4g
timing-allow-origin
*
content-length
33620
expires
Sun, 30 Oct 2022 09:08:36 GMT
bping.php
lg3.media.net/ Frame A362 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=518&&vgd_cdv=816&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1667120915372230180&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886781337&r=1667120916349&requrl=https%3A%2F%2Fwww.bg3.co&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1667120915100967088&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0770839569t202210300908&vgd_pgids=1&vgd_uspa=0&hvsid=00001667120916347029185682678286&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 30 Oct 2022 09:08:36 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=33624
content-length
15
checksync.php
contextual.media.net/ Frame 525F 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
28a0f1d1319f7483825253711f3e997562dbfd9b9a6c5708f5425f45b0c899f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=80651
content-encoding
gzip
content-length
9407
content-type
text/html; charset=UTF-8
date
Sun, 30 Oct 2022 09:08:36 GMT
expires
Mon, 31 Oct 2022 07:32:47 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame A362 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4373&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Y14_EgAHVasK1Qg73wQG9g&s_city=singapore&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=2.3584982E-4&mx_TAF=3&device_id=4&ae=false&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=b090f8cc&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=30.0&adj0=0.0&tmax=300&s_ip=74.125.190.8&adj2=0.0&adj1=0.0&feedback_id=Y14_EgAHVasK1Qg73wQG9g&adtypes=0&mx_aabpc=0&reqid=Y14_EgAHVasK1Qg73wQG9g&sc=AU-NSW&sd=1&mowxReqId=63d3150376fa464eb0f690e7c6c341e8_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1667120914530&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-45-16&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=63d3150376fa464eb0f690e7c6c341e8&actltime=41&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&suid=CAESEGo1gOAY8CPuWJDoI77EiW0&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1667121514784&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.02&pvdTmax=254&ltime=40.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=40673829933506_1433571963_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=45&apTags%3C%3E=75&mx_PC=0&wsip=mowx-istio-575b9d4948-8qqkr&currsrc_date=2022-10-28+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-30+09%3A08%3A34&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_PmqsKT1d9PUdmlT7goVWAeloF_FhAiHoO97uFA-hQIzWZyVciyFK2nPe40djT3-vuYq&dmm_ogerpm=false&csip=rtb-common-istio-6fbf967d5-7542p.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D724~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022103003~iurl_b%3D80645.16~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.11~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D71%2C71~et%3D9~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022103005~vis_b%3D105.28~url_b%3D0.01~url_tvi%3D1475~smm_wr%3D68.1664~url_l%3D50~gcat%3D500996~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022102921~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3D6IXyyZ1D8MyjD3GO~btd%3D51970521100500827578121484125946762168591452387280611347688257675335873087121399137763328~d2p_l%3D70~3pcf%3D0.93~uim%3D0~og_msh%3D0.01~dmm_strg%3Dno_strategy~d2p_b%3D0.91~ogd2p_b%3D0.91~vurl_b%3D0.1~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D23.58~vurl_l%3D50~CI%3D2765~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D9.85~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.97~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEGo1gOAY8CPuWJDoI77EiW0%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D2.3584982E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D254&utime=1819&sf=0&cpr=0.2237076418566304
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 30 Oct 2022 15:08:36 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame A7FB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:36 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A7FB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:36 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A7FB 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 25 Oct 2023 09:08:36 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A7FB 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 25 Oct 2023 09:08:36 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame A7FB 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=X0Orpkz6zhTEjTWZ3oRBbWrtD63EMf2WWZUnQmhiYttFh6PNU5R4dTh--XpBbBYkCCWwbivCbPk_DSqtLjL_O2Y71zERBI5CmJsFpykiWYsXy4KyRpI0SFZaLpAhKdqGzjsxGGxqowj-2sBGil0kujFeS3OKAd92TzbxYC-RIHffGBV-oB-Lp6eMlIUa_XI6_6kwQj83Qm4Db5aIk77WgvhIYVg1el0TYQJ6-2fpEu00WHsdluY4jQbmL_s_WIao_hBT12sTidTLFADZ1cxcO2MxnQDORLT6M379lj0KO__b5PsLelPKmqyFRNTCi_Zl3HuUy62Lxs0ijYt0thoGbFerBwMGtdWLT73oMSXGsQO-QnChiJppkBBhfmzYaKKJLMyKEeosOHwUIMaQMhCs3bzyFQltVVKMDnPbl_s2slbK55HK
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2668681
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A7FB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
113159
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l399crPZx9ojBG1RYG%2FXB%2Ff22iBYOwcOjsfVLYL6qkPV1vb3wA3lEPLuWfFQ%2FlJQIjtvFFGsRtKPRwZ8CJnksSA97zq42Ty4FiTjWAdj5pa6atboWLNmw2H8Cgg%2FGcHRUnCoxLNa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
762301e09867aae3-SYD
expires
Fri, 20 Oct 2023 09:08:36 GMT
animejs.js
static.criteo.net/animejs/ Frame A7FB 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:36 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F26298%2F200415%2F1cdb00843d7946d5b3fe885bd23060d5_logo-%282%29-black.png&v=3&w=236&s=UWcxyvK_ZFRR4tTTt5yMmnms
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b1b18fb07562ec8eabce6d1c45556ac337953958dcc0daf1a57e93177051c6cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28828617
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4406
expires
Fri, 29 Sep 2023 01:05:33 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2F20ASUX03_BLK_MODEL.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=0IKp9pe0UiDklSIAiyRaHpAK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
96803d18b02e0fe76c41fea0e114f438c3a1a6b41c5f85c13fc904567dfe311c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31509814
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
41171
expires
Mon, 30 Oct 2023 01:52:10 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2F19ASUX01_DBL_MODEL.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=dhieLGa2LKJqeFnTD5DFZbCV&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
00739a0fe69062031752c75b75b308311ea009b35c9450fb4ce5f7ea22bf1e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31509814
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43786
expires
Mon, 30 Oct 2023 01:52:10 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2FY223SJ08_SGE_CROP.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=m6l9wQ-P3Yrvzq4rz34nfql6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4bf904cc1ae9008d3198ad892ec4e7f1b0f322cb053a46dc2e901c12ed552814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31509805
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6842
expires
Mon, 30 Oct 2023 01:52:01 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2F21ASUX01_GRY_MODEL.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=VVYQ5jcVx5zsF68KnKk3todD&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9fc41cb89aab94e9f21845068f6b44a44b43ef11fcc7824f939bc326c7d4fbac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31509765
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
46246
expires
Mon, 30 Oct 2023 01:51:22 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2FY221SJ03_CHR_CROP.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=7euvzCmw3xU6UZtwjT1t7ygr&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a42644d9be6fcf6b7e2a14524b90fa936eeb6661c8d6a33a961bb65f17017791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31509804
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14620
expires
Mon, 30 Oct 2023 01:52:01 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2FY223SJ03_BLU_MODEL.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=aqBMskwwhbyVi-vxZeaZZbjm&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
843e99845494d24995f82240219d6b85e063cc6226cac48026062deb36cfa98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31509767
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39852
expires
Mon, 30 Oct 2023 01:51:23 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2FY223SJ01_BLU_MODEL.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=2GulZCQcYVGuRSFLLYdFak4y&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9efb0aa37b1e1762e239c4d08868749076463d005b10fcd3092ca516c4098354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31509765
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34288
expires
Mon, 30 Oct 2023 01:51:22 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2F20ABOD03ST_BLK_MODEL.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=sxcJ1r3A80Ni4EG4JPwz_Nv6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8d473f1089faa2ac8827cc21aafe3891998dd10af4ca2011ee05dbdd201e80e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31509814
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39469
expires
Mon, 30 Oct 2023 01:52:11 GMT
img
pix.as.criteo.net/img/ Frame A7FB 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2FY221SJ02_SND_MODEL.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20221031&v=3&w=400&s=dletNN2CTMYF_AiFx34S6D_x&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
be3156ab10a60b94de48e7cda3e9657b62d284ff8acb6716aeec6b4981e569be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31509774
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
41593
expires
Mon, 30 Oct 2023 01:51:31 GMT
all
csm.as.criteo.net/ Frame A7FB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=uWtXPnkzEDP4Q5mL8lqKUsMDdGyECC_hcTEopZgMi7L9Ia0T29hxncswlhWw5lX_gn9BCom1MVOGiKCby9tFPpgL661DO2f1NUIYX8YbZpZpOGi-6I59rAp-BNHMJgb0hDyU958iSdAAmU5Np4pEyErtsmnRw2k2Yo7ibjycNkQuePWr0TPXmBCtBoLJHZKOpJm1cT6nOSH8URbybWfVkPM9tQP0aB_FR_besW3o1fi9UFbZRfHzRhp6vI514AMyBudXwu_KW1OzSlwN&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Oct 2022 09:08:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A7FB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:36 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A7FB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 09:08:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6138 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
26482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 01:47:14 GMT
etag
48472445140208031
expires
Mon, 31 Oct 2022 01:47:14 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A362 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d717f9ac0044a9ce6129aad5d2d8ec583354286ac2ef7756bce192658e36d27

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4E4E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js?bust=31070591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
5efd77e8ae1c1ed394c1bb9ce7c0603647a14568b1bb3185f3a9134eac913d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11030
x-xss-protection
0
css
fonts.googleapis.com/ Frame A7FB 		3 KB
545 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
c639475111ae9c7a6c89e022ab7a77eb6e9d82145e845dfba037b53650297288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Oct 2022 09:08:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Oct 2022 09:08:36 GMT
cksync
cs.media.net/ Frame 525F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=cc04825d-dc54-49c1-9d91-dc6dbe5beadd
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=cc04825d-dc54-49c1-9d91-dc6dbe5beadd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 30 Oct 2022 09:08:37 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=cc04825d-dc54-49c1-9d91-dc6dbe5beadd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
pixel
cm.g.doubleclick.net/ Frame 6138
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB1DV4lJGyfUIFwqeFR7Jtk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB1DV4lJGyfUIFwqeFR7Jtk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QlRmOXhwYXoxT1A0ajM1&google_gid=CAESEB1DV4lJGyfUIFwqeFR7Jtk&google_cver=1&google_push=AZmPxg8RhWewXcPbylP59x3Uqp0MC1nkxKQE4rElb16fk83...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QlRmOXhwYXoxT1A0ajM1&google_gid=CAESEB1DV4lJGyfUIFwqeFR7Jtk&google_cver=1&google_push=AZmPxg8RhWewXcPbylP59x3Uqp0MC1nkxKQE4rElb16fk83stdYFLV1FeSWI6NdK5iOy8IuaujyYPlqfWqbVMPbUiUvTdka10CoPiBgew6iCPgZKt-UgWmhSNfYKjUeVoKWaTS7L9Hc975e4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:36 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0be4466892d3f37f0@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QlRmOXhwYXoxT1A0ajM1&google_gid=CAESEB1DV4lJGyfUIFwqeFR7Jtk&google_cver=1&google_push=AZmPxg8RhWewXcPbylP59x3Uqp0MC1nkxKQE4rElb16fk83stdYFLV1FeSWI6NdK5iOy8IuaujyYPlqfWqbVMPbUiUvTdka10CoPiBgew6iCPgZKt-UgWmhSNfYKjUeVoKWaTS7L9Hc975e4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6138
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELj-h6Rjn8kPStXeT3SS4_Y&google_cver=1&google_push=AZmPxg8JUKuU6OKEpjGtwIKr8OK6Hp8ETBpcunffBzfY5qyY4kpsUBvLa-HsjyfJ2Zj-hnVPj8kIt...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg8JUKuU6OKEpjGtwIKr8OK6Hp8ETBpcunffBzfY5qyY4kpsUBvLa-HsjyfJ2Zj-hnVPj8kItBa-sHZHuhpEb-ipQlDrGCzTYGOhfE4RoswEp746pzfXvaRYrcC3RX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg8JUKuU6OKEpjGtwIKr8OK6Hp8ETBpcunffBzfY5qyY4kpsUBvLa-HsjyfJ2Zj-hnVPj8kItBa-sHZHuhpEb-ipQlDrGCzTYGOhfE4RoswEp746pzfXvaRYrcC3RXMYyg4VB4y1tPQ6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Oct 2022 09:08:36 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 87867C674E314C15816BE352847E6275 Ref B: SYD03EDGE1505 Ref C: 2022-10-30T09:08:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg8JUKuU6OKEpjGtwIKr8OK6Hp8ETBpcunffBzfY5qyY4kpsUBvLa-HsjyfJ2Zj-hnVPj8kItBa-sHZHuhpEb-ipQlDrGCzTYGOhfE4RoswEp746pzfXvaRYrcC3RXMYyg4VB4y1tPQ6
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsPNYPt9VuOj1nIOdbCQ==
pixel
cm.g.doubleclick.net/ Frame 6138
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHTa3l83jo42ikMVoNN4tjA&google_cver=1&google_push=AZmPxg_mz50Uc_hSpS3x0mWdFQ0TZvcJfTSFvRf-Xy6a_GQMezrtZZXxpwYeYl9F6k2YOHnCoJzu4RqMUtBlqkPgZI-w...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHTa3l83jo42ikMVoNN4tjA&google_cver=1&google_push=AZmPxg_mz50Uc_hSpS3x0mWdFQ0TZvcJfTSFvRf-Xy6a_GQMezrtZZXxpwYeYl9F6k2YOHnCoJzu4RqMUtBlqk...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_mz50Uc_hSpS3x0mWdFQ0TZvcJfTSFvRf-Xy6a_GQMezrtZZXxpwYeYl9F6k2YOHnCoJzu4RqMUtBlqkPgZI-wpJh7a3iH54oaPdch4eZ3tUoDS00DkpfM56eXPG9Mdk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_mz50Uc_hSpS3x0mWdFQ0TZvcJfTSFvRf-Xy6a_GQMezrtZZXxpwYeYl9F6k2YOHnCoJzu4RqMUtBlqkPgZI-wpJh7a3iH54oaPdch4eZ3tUoDS00DkpfM56eXPG9MdkxxqsZhOJg7cw&google_hm=CCR5xDQdTkelYbq36zfnIg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_mz50Uc_hSpS3x0mWdFQ0TZvcJfTSFvRf-Xy6a_GQMezrtZZXxpwYeYl9F6k2YOHnCoJzu4RqMUtBlqkPgZI-wpJh7a3iH54oaPdch4eZ3tUoDS00DkpfM56eXPG9MdkxxqsZhOJg7cw&google_hm=CCR5xDQdTkelYbq36zfnIg==
Date
Sun, 30 Oct 2022 09:08:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6138
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_push=AZ...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_hm=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&google_nid=index&google_push=AZmPxg9cb5-aeT8C7p-vpIwMiS9O4AUuyA2VN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_hm=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&google_nid=index&google_push=AZmPxg9cb5-aeT8C7p-vpIwMiS9O4AUuyA2VNjqnVqfJcTzwcvyXSpPRd1U6AmU3Hv6aLZF3lkcSlFFf6xVjOFPBMAYM285Nab5xNfzDX_g96MFBfsnQYXOUJniLx8iWCLKaWBS7Y2QtZe_J
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG7WrhO%2BhF49DK0ULDnJBSHUzlYw%2BKxYSR4fx%2FCDAye0aTiIbMoE1tM6A2uRyCtfhM0bBtbzwK8FGUXJCb4rnWDYVmMSEGL67aZGq%2Fjpihq%2BYR1MWbhGJKWRsYqoQhZeaw6RbxF%2BVdnWig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_hm=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&google_nid=index&google_push=AZmPxg9cb5-aeT8C7p-vpIwMiS9O4AUuyA2VNjqnVqfJcTzwcvyXSpPRd1U6AmU3Hv6aLZF3lkcSlFFf6xVjOFPBMAYM285Nab5xNfzDX_g96MFBfsnQYXOUJniLx8iWCLKaWBS7Y2QtZe_J
cache-control
no-cache
cf-ray
762301e5294ca82c-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6138
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMaK0IHdYsvvZLrE7AjYtkU&google_cver=1&google_push=AZmPxg8Ph4akS27YMtr6xcV_2-5Ol6emoQhVk6wkYqQfUK0MKUiSyesYBqsKTJhGaV2Kzhl6NLNuHPfedKHN8UmkTLwc5rh9d8...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8Ph4akS27YMtr6xcV_2-5Ol6emoQhVk6wkYqQfUK0MKUiSyesYBqsKTJhGaV2Kzhl6NLNuHPfedKHN8UmkTLwc5rh9d8g...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D&google_push=AZmPxg8Ph4akS27YMtr6xcV_2-5Ol6emoQhVk6wkYqQfUK0MKUiSyesY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D&google_push=AZmPxg8Ph4akS27YMtr6xcV_2-5Ol6emoQhVk6wkYqQfUK0MKUiSyesYBqsKTJhGaV2Kzhl6NLNuHPfedKHN8UmkTLwc5rh9d8gWyCM2sJhLvscy0IJnNK44xFMqFS3NhEFVlpxMJ3crS6V1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D&google_push=AZmPxg8Ph4akS27YMtr6xcV_2-5Ol6emoQhVk6wkYqQfUK0MKUiSyesYBqsKTJhGaV2Kzhl6NLNuHPfedKHN8UmkTLwc5rh9d8gWyCM2sJhLvscy0IJnNK44xFMqFS3NhEFVlpxMJ3crS6V1
date
Sun, 30 Oct 2022 09:08:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 6138
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPgoRx96Doz1wyGEtPLoxT8&google_cver=1&google_push=AZmPxg9o56Cf24_AxFkIBY0oCFrR3nmlAf-wq_H9P0rZ0YKuTBsesqTsaVQ9M__I_Km4cbciEYMMF...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9o56Cf24_AxFkIBY0oCFrR3nmlAf-wq_H9P0rZ0YKuTBsesqTsaVQ9M__I_Km4cbciEYMMFByCDQ65HeR8b39pZMkClaRlB5kX6JmLNntCrPSw9omP_p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9o56Cf24_AxFkIBY0oCFrR3nmlAf-wq_H9P0rZ0YKuTBsesqTsaVQ9M__I_Km4cbciEYMMFByCDQ65HeR8b39pZMkClaRlB5kX6JmLNntCrPSw9omP_puKNt-xazChOHP-IIAx_yRxYQ&google_hm=WTE0LUZjQ284WDBBQUZ6RTBMd0FBQUFB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
3
Date
Sun, 30 Oct 2022 09:08:37 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEPgoRx96Doz1wyGEtPLoxT8&google_cver=1&google_push=AZmPxg9o56Cf24_AxFkIBY0oCFrR3nmlAf-wq_H9P0rZ0YKuTBsesqTsaVQ9M__I_Km4cbciEYMMFByCDQ65HeR8b39pZMkClaRlB5kX6JmLNntCrPSw9omP_puKNt-xazChOHP-IIAx_yRxYQ","cluster_id":3,"gdpr":false,"ipv4":"173.245.209.75","key":"Y14-FcCo8X0AAFzE0LwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad109"}
X-SO-Key
Y14-FcCo8X0AAFzE0LwAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad109
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9o56Cf24_AxFkIBY0oCFrR3nmlAf-wq_H9P0rZ0YKuTBsesqTsaVQ9M__I_Km4cbciEYMMFByCDQ65HeR8b39pZMkClaRlB5kX6JmLNntCrPSw9omP_puKNt-xazChOHP-IIAx_yRxYQ&google_hm=WTE0LUZjQ284WDBBQUZ6RTBMd0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad109.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
173.245.209.75
/
onetag-sys.com/match/ Frame 6138
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHJdydhJJ35gaVOqKM9XmbA&google_cver=1&google_push=AZmPxg8zSeZEsxJeNZ6X4u52pnCbhKrnwfWslR5HCpAXcM3DyeATEYpT7awaep2Q9GU7-rKPI2GNJC2_YND...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8zSeZEsxJeNZ6X4u52pnCbhKrnwfWslR5HCpAXcM3DyeATEYpT7awaep2Q9GU7-rKPI2GNJC2_YNDN-KDn30IZEoMyFFncrP9WPsTN6mRGErgQUCOQ...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6138 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ICOERMTNbjHM4h9QRWdOIIBmz4yEenXh6cVZxuDTic2LcXA5diC8Usa6HuNW0Irmuj0Eb_7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120913983&bpp=11&bdt=231&idt=317&shv=r20221026&mjsv=m202210270101&ptt=5&saldr=sa&correlator=3382276686122&frm=8&ife=1&pv=2&ga_vid=25262419.1667120914&ga_sid=1667120914&ga_hid=2134041985&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31069178%2C31070607%2C44775016&oid=2&pvsid=2622156699884033&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.b2n7kqnvrsvt&fsb=1&dtd=332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4E4E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js?bust=31070591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:36 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame A7FB 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 00:03:42 GMT
x-content-type-options
nosniff
age
291894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Oct 2023 00:03:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 08C2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpXUccB0gVtxTqXqj9pS5nBiSSrsmv0TQjhv-5hkDxLXYVk-alSoeOGwEDD6Bq-Qp8qfXwdXWBY3w4UjvLN3InVM3ZaXPJvA0bOLKh56XGanR47AXwquQJGmRbBsYalOO77gc&sai=AMfl-YTUkJSq2wfzDOohuRQ97WMxYh7lfhcAB93kXmVRgD6lAbFZ1krLayIFLHSLb53kMNTugy9D-yZhbdgQNpyaT511KJvRGY5tjrOxWbaqA5jDO8UN6xVhOIAepqnoNg&sig=Cg0ArKJSzODpZ4muA1J4EAE&cid=CAASFeRobik0LcKKua_gaw6Pm9dSs7JidA&id=ampim&o=450,60&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=686&tls=1686&g=100&h=100&tt=1686&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C7E4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
186289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 05:23:48 GMT
expires
Sat, 28 Oct 2023 05:23:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F4C3 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
0861bbf90cfc85cd0e3a2048daf0888529de37055055bfee84eebf16a40bff6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qWHMFdzl1uYILRHWxoQZ4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-qWHMFdzl1uYILRHWxoQZ4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:37 GMT
expires
Sun, 30 Oct 2022 09:08:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 71CA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNG2PP7Ifyu0i0CAGQJhyxTE_tv1LcpUhhv1rWQ7qk3ctwyB1WTIdAFs9q6oxjI49uoeUCCITDG7vMne3pbk2cRuKs3lDtEgE65xU0ilgG7WYK6YBpswdjsCpHCxl3lDTZo_IRmr4XdKnAoGTwweyqJlGsDhd_ehZySo2P8au8EgCChErYjPipw7tP_PygfXAeDkOySQmcyvmgAyEqC79m8zIokuibh_zrKV8G0buVxMNCBlxb8VUsLEYGb_jSIAZCu5sGrzLTfnrzjJeFBPpg7-SG-n7l9z0qhWoRGih6OtEXiPqXw1bdRVan_CaN8fwRlQ7C0PYR1kbGoM8sUJp0JZGYLZ_SLPMDsqikU07VxJscGFQb4fH7tmZSuKXSawtfq8LGrx0PUJ7ITk754Mm3s6qoZv0TzB49psRnlv-JdEe7NuRBCPTNU2RxhrhcGtqkVw6J3lGBYicX14ikSHNYfUPaMKunjV7TmZa1MvIBmdkRZbhn3OW8PDQ7xlTDQINnYpsnDoGQSo2HXE6XNTGQI8OpfVAOG6xdQSc4ojjEYZjm1mNmKOLTa7YaAFrkHLExSSlMLMP38YFbmGMzGIRs0l3K0BwEHur8XBgW-mggvHY-jPoThKAeBbTibug9nAfBKsb_9Iijf6QgXy1QiHgU1iqfkYxBUcKRsVouKWwHobjkw8BDb9NM-8yGbWeIpFKx2PkmtX7tDs9Jh2pNcLdWzCU0qSC7MUgsG6Fl_NNvwg5H9lIY42TKGOQHe8cRsZUCeQliaEgTntKqUi3-pBnv1hVfPxH3JMdBSKGt_-EgtcSvMv6nTiK7h0mJEmFuIC-YaWCBsbAVEPYgziUOJXV3K6Rhqmsz71aUjd1uPDEgAVLoJNQmJtl8V7G5DYmcKnLx0VhLarvYHJJzd4t3VI2PRfJ8Tnmn_V4A1JpGOrv4EZoaBwgVMeibIPiHdT50jgVp8OPW02bIzrEl6ND9HCYy2PblB5-z--pkk9N0b6OsDiQB0QLBckVePANWItEQDsmi5ubjydu_yHj5Bc5GXVCzpCE0k2wFkTX7vwJDyUakexJB6chwGZKemcZ9Zd7R-8zAVUixN9bTCYyBL2RUcNF0mF1Swv46j56fzV9cRbSk5Qdvae2PTjdkFBnrqo47JmauhB7NAhYcQZojix5CnFu337WtMbq3sVfoaDfmbCEOkeM&sai=AMfl-YR19bUnnz7j5jjFKbdgOyKNlxLgXV370giFc-X17Z-pY2k6p0GAoEnf2ABLhrRcuzY4cEcEb4LXD51VKeHdCjOKLtr-uo_9dPfyC08CNN6scABBWBX51rR3lixVCd0sem200L4o8fY7Ufc&sig=Cg0ArKJSzL5OnFGDJzhuEAE&cid=CAASFeRoDCJrFjPfkQKZhOcbNScAzJ8RtA&id=ampim&o=640,1110&d=320,50&ss=1600,1200&bs=1600,1200&mcvt=1017&mtos=0,0,1017,1017,1017&tos=0,0,1017,0,0&tfs=768&tls=1785&g=100&h=100&tt=1785&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 9B7B 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9B7B 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9B7B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 9B7B 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5289&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QgSyZmgvEDOp9witEB_eZW3LpVyui2OtOF_aXLGB-uP4xTsxYjj4d8_iNdrrrCZIePM8BCY6Ra_b2jJkaOLNbGrwPzmVQD0zA&cme=sSNN_jWs5obsT-CkuVOfj4eSfB7SFK_f1GAlj8IaRd_X-HLYwyf6gEzYAE2I75icjGd00hjTD8mE2fXiY4ny7pNC742bFfdYJH5zQTXbUu4fLpD_nvB5mXxitFyCTW-i0FgRs9JDfDFbLUxdY3L-bhxz6bXDJ5oIhWJ95z1_cPlMaHBpgzducKXX8qyp1jrLeGWObRfbS5LfVQReiN4W1w%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CStMjXKNNSP75ors-Ddylf-ays6BOwgQfIAjRrrhy3LSL-uUnpPPQTLuw4SmKODuRwUGrJVxzhrVxnR2EQ7QOOj3UXyEX3HVAyRs1ZZJKCb7RCa0UEIXHgjOtsmWv7OwOsWBGmG0sfmslI-ITFDJEv-7c9mL-yZd0LsA3pKKhPc0AGz0i1QunjTv3zT_RJpyZZqeO5i1-loLIb7KumNr5ucDNNB1TopXcnNcDBh0YfD4%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721296&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=30111142&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D0.00%7C63%3D0.19%7C66%3D0.67%7C60%3D0.49%7C62%3D0.94%7C12%3D0.28%7C1%3D0.38%7Cps%3D0.991%7C3%3D0.35%7C4%3D5.00&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+High+Return+Investments&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=326649050&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D0.00%7C63%3D0.19%7C66%3D0.65%7C60%3D0.13%7C62%3D2.21%7C12%3D1.53%7C1%3D0.13%7Cps%3D0.991%7C3%3D0.72%7C4%3D4.70&ktd[]=1126174801920256&ktrkt[]=Best+High+Return+Investments&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=48970281&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D0.00%7C63%3D0.19%7C66%3D0.65%7C60%3D0.22%7C62%3D1.53%7C12%3D0.49%7C1%3D0.36%7Cps%3D0.991%7C3%3D0.10%7C4%3D3.41&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=329544111&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D0.00%7C63%3D0.19%7C66%3D0.65%7C60%3D3.00%7C62%3D2.28%7C12%3D0.79%7C1%3D3.00%7Cps%3D0.991%7C3%3D1.16%7C4%3D4.79&ktd[]=1126174801920256&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=350575367&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D0.00%7C63%3D0.19%7C66%3D0.65%7C60%3D1.43%7C62%3D2.38%7C12%3D0.28%7C1%3D1.43%7Cps%3D0.371%7C3%3D1.29%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Best+Stocks+to+Invest+in+2022&cid=8CUABW64L&vi=1667120915372230180&tdAdd[]=ib%3D0&vsid=3101225166826757&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=816&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721296&vgd_nrrv=64005&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1667120915100967088&sttm=1667120916347&upk=1667120916.21933&hvsid=00001667120916347029185682678286&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3101225166826757&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvhfH~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ffu9A99A~8xLjMGvW9FHX.uF~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.uu~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vhu%2Chu~J7vi~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffu9A99X~e8QMGvu9X.fW~xLjMGv9.9u~xLjM7e8vuHhX~QYYMBLvFW.uFFH~xLjMjvX9~yN17vX99iiF~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ffu9fifu~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8OvFVt552urWc5drAZa~G7OvXuih9Xfuu99X99WfhXhWufuHWHufXiHFhFfuFWXiuHXfAWhfW9FuuAHhFWWfXhFhXAAXWhA9WhufuAiiuAhhFAAfW~OfEMjvh9~AENkv9.iA~x8Yv9~myMYQwv9.9u~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iu~myOfEMGv9.iu~exLjMGv9.u~QQvIK~x8Bvou~NJv9~LEQMGvfA.XW~exLjMjvX9~%3DVvfhFX~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvi.WX~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.ih~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4ZmuyaK3W%3D0xp6rmVhh48p9~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7Lvf.AXWHiWf4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXH&vgd_optout=0&vgd_cfud=220331&vgd_scsver=345&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001667120916347029185682678286&subBdr=186&bdrid=4&rc=0&rand=1667120917089&acid=63d3150376fa464eb0f690e7c6c341e8&matm=1667120917089&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2072&vgd_rtime=2068&vgd_etm=9&vgd_l1hcsd=S8wt1%7C7207&vgd_l1ch=1&vgd_lhl=2831&vgd_pgid=p0770839569t202210300908&vgd_adprefflag=11&vgd_csip=rtb-common-istio-6fbf967d5-7542p.SG&vgd_sbSup=1&vgd_nrrs=64005&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 30 Oct 2022 09:08:37 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=74601
content-length
15
sodar
pagead2.googlesyndication.com/pagead/ Frame F4C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=892672002309594&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame C7E4 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 01:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 01:30:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8857 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwxewEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEswJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-hdoukrRFuoXhVc-J1H1YthN_PpdQsPl_YlVaAAVXHrm4COFjMKg4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=ilquFVI7gkA&uach_m=[UACH]&cid=CAQSOwDq26N9Jw0j9UTcaSpdbOXiBMz6RgjRhnP56NcxlVNzF6YPMKFkVHHQ7X06jkMYf5E9wQjP6g1-cdpoGAEgEw&cbvp=2&vis=1
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 8857 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kKHgDs7xBnjYBGL4LRICAAAA-ONZtFtuTcMQEj9eY20QWZgNhTCcDxs7ABIAAA&wp=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&cbvp=2
Requested by
Host: 22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
URL: https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
174525
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 30 Oct 2022 09:08:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
217419
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		327 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
013e0e57d67748264684029e3a513686ac0f259be54313b37cfd9f2662acedbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
990902
expires
0
rid
match.adsrvr.org/track/ 		108 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
3d8cf384beb444a90d9fd2b95ecdd4e75b0ceba1f781f58f350a0e223c95870b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Oct 2022 09:08:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 29 Nov 2022 09:08:37 GMT
checksync.php
contextual.media.net/ Frame 7DA3 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66498b3e9157ed0d3313e418512b8f62b2241e16ff131d943b20b41881faecfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=80650
content-encoding
gzip
content-length
11835
content-type
text/html; charset=UTF-8
date
Sun, 30 Oct 2022 09:08:37 GMT
expires
Mon, 31 Oct 2022 07:32:47 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 6C81 		533 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
533575d8658361553513b2e0c9514b1b6de15968821f80bd32a6f1c56108a8f2

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
322
content-type
text/html
date
Sun, 30 Oct 2022 09:08:37 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 3230 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1667120912566
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame FE40 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Oct 2022 09:08:38 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 3713 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
13178
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sun, 30 Oct 2022 08:10:04 GMT
etag
W/"73e6cbdab99355b35d71abf2ea225ccb"
last-modified
Fri, 14 Oct 2022 20:27:38 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id
K-zqLB0MTeuvok_Yf0RVZNzGegEN43AhYZtolcssX1OgnCAULyzQjA==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:3af1d685-3010-4d5a-b093-b3a07cfff8d4
x-amz-meta-codebuild-content-md5
7549bc6c6d823788ee0fb3e82c36711f
x-amz-meta-codebuild-content-sha256
a4bfb92c455b4ab78db908287ee14cc08cc0080652f1ca29578852e9526e8fda
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame D723 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
250c1b604fa7be74bbbe3e710ec2cc93a0ad73e5abcbc2285e614ed3dcc3fa24

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1083
content-type
text/html; charset=utf-8
date
Sun, 30 Oct 2022 09:08:37 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1184 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
11269
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 30 Oct 2022 09:08:37 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
52, 19293
X-Served-By
cache-lga13626-LGA, cache-syd10171-SYD
X-Timer
S1667120918.666859,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame A2B5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
59
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
762301e77f82a808-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 30 Oct 2022 09:08:37 GMT
expires
Sun, 30 Oct 2022 13:08:37 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dfbcdb459-a949-44fb-94a3-2d477a5ce373&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4680%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dfbcdb459-a949-44fb-94a3-2d477a5ce373%26bidder%3Dappnexus%26cbx%3...
  • https://prebid.a-mo.net/cchain/0/4680?gdpr=0&gdpr_consent=&us_privacy=1---&A=fbcdb459-a949-44fb-94a3-2d477a5ce373&bidder=appnexus&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnV...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4680%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dfbcdb459-a949-44fb-94a3-2d477...
0
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L9V4QX51-28-7O3U&gdpr=0&us_privacy=1---
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L9V4QX51-28-7O3U&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L9V4QX51-28-7O3U&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=fbcdb459-a949-44fb-94a3-2d477a5ce373
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A&gdpr=0&gdpr_consent=
date
Sun, 30 Oct 2022 09:08:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=fbcdb459-a949-44fb-94a3-2d477a5ce373&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=fbcdb459-a949-44fb-94a3-2d477a5ce373&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6c54b03f-41f0-4dab-b918-c8e102069481&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545650020718409&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FDCC 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_fy2021.js?bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
d1e164b2aad13c6720e4136f4bb289e957324e570d474f6bed98445d075d4523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11341
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame ED33 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ecfd41d571131ee6a3645928e532a429c7df85cb0dd8e78061ab4b5a1ca65f5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11300
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame C7E4 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?llzqOg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.as.criteo.net/ Frame A7FB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=uWtXPnkzEDP4Q5mL8lqKUsMDdGyECC_hcTEopZgMi7L9Ia0T29hxncswlhWw5lX_gn9BCom1MVOGiKCby9tFPpgL661DO2f1NUIYX8YbZpZpOGi-6I59rAp-BNHMJgb0hDyU958iSdAAmU5Np4pEyErtsmnRw2k2Yo7ibjycNkQuePWr0TPXmBCtBoLJHZKOpJm1cT6nOSH8URbybWfVkPM9tQP0aB_FR_besW3o1fi9UFbZRfHzRhp6vI514AMyBudXwu_KW1OzSlwN&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y14_EgAIZ2ACZqDpAAqmwAIwBVwcEhREKsaX1g&u=%7CTAXX2h2ay4QWUPqRxTDnf7MQQbqZM%2FLHSa1HpmlKxBM%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y5I1GpnuWCT6NJAx1hQVMSSh4nHm5Pu-yJ87N0P_R4mXgQh4P1EuO6BWP8LEd3ubpEtv9rw7NQu6LU8GjPkZuVlEYszfLtvfquLOl61slrOVZ3IuBFBtsS6sTZ7wYlfPMMB2zk2zQHb_J_0l8IjNewzWcWS5qxB3j0BO54yJdsqT2Id_IRo-9YcCxhAK6vwQQd3VtWYefWdEMkqbjPD66BqGuoRPJcxoQvlo8Pii-0qdhxHvykum9Lvb1jwDu_bY15Yf4wMZ0NvwFFt-xSXf4Ab_wDyzgClvMlIbJO0x029pFY5NjoHvwT-hrKqmlWbyjvobDBleQCv301hcPbsM2NNEnotH_NbJ-3z-y3rWfjsxLUVc3d1ZBOgQtRqCaNobcllqG8ixaNzOEAxDvbDLS3B0LctlyhPuzG7extwKmXp7C7Oa5uR7fPRZFgyhlOE91l15M_6bbL-bfF7M_45YssKFu604QN49flhnW0JAsJ0nncy8Th17YkjMyXSXJ6883v6mBcviVwmjsHrLfRGK-EOwQkVR0-u9q0b0msUT5UPuAn-gmUx7PiMqqo-nUHU_eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5TWEj9eY-DOIenBmsMPwM2qiA2Y_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJ7ma_Y5YKlPuACAKgDAaoEtgJP0AQgjyAQv5ZrW89LmS3diEOBwZlSloKxKz4Ym52uPTzuLKXIpBTzjbA2h9qksiwOn9TrlZQz47HdjvdPPNLVfBS09wUJPzh-JwFoZ39G6y6Ve2_xySBLW2uyrps9Vj-pOaKnTbD_IOS5MvyM7JgWmHQCopAnRZsHsJr-vcxLjJrZQNkyHcFw4Ti3cTLWzQnWzlTAmoa_uPlVkdE2DqG1Yq6jI0d9JOkyfgdRsx57jWfzpdK8Ug1RyqoUG32Fnhdw4DFEqHgX5ni4dfPbbQ2rnosgKJrcLRYl27_i_EsYwalL9gjh0dEpeXhcnTu7EJNv8jMO7UBis7qjzzmTT8Tf7jZ-KoMv9D0RutR3-lVqm9g02GNpet5Pubqj-Btk6PDKSO39FQGmPprc4mTK-MRuHbxfkMdW4AQBgAbX9v_3z7XGlUGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11sNrIVNi-4qsq2nPklU_U4sqBFA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Oct 2022 09:08:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4584328454131231750&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4584328454131231750&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4584328454131231750&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=f68935d5-a0ad-7d99-cce6-208c8a3669a7&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&ttd_puid=f68935d5-a0ad-7d99-cce6-208c8a3669a7&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&ttd_puid=f68935d5-a0ad-7d99-cce6-208c8a3669a7&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&ttd_puid=f68935d5-a0ad-7d99-cce6-208c8a3669a7&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y14-FcCo8XYAAEfS1n8AAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y14-FcCo8XYAAEfS1n8AAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
9
Date
Sun, 30 Oct 2022 09:08:37 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":9,"gdpr":false,"ipv4":"173.245.209.75","key":"Y14-FcCo8XYAAEfS1n8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40387"}
X-SO-Key
Y14-FcCo8XYAAEfS1n8AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40387
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y14-FcCo8XYAAEfS1n8AAAAA
Cache-Control
private
X-SO-HostName
a-ad40387.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-IP
173.245.209.75
sd
jp-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afj10kxIOHXDks8ADv76OIxij88AAAGEKCZwlw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afj10kxIOHXDks8ADv76OIxij88AAAGEKCZwlw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
via
1.1 a71eae2df8b63063accf5856ecb80af8.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
HKG60-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afj10kxIOHXDks8ADv76OIxij88AAAGEKCZwlw
cache-control
no-cache
content-length
0
x-amz-cf-id
KpUGY5aGq2H1MklyDrjKRQchF4oXXTFBojosFuo8Xwor1cxiANVJ_A==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6C81 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGFlNmU2MWYtNjlkYS0yMzNkLWQ5MDYtN2EzNTQwZDRhN2M3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9SWpJpFBm-X4xtR1mxloc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9SWpJpFBm-X4xtR1mxloc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9SWpJpFBm-X4xtR1mxloc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D723
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Oct 2022 09:08:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame D723
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D723
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAYd6X1lHNBGhjlOlDgBK9M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAYd6X1lHNBGhjlOlDgBK9M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Oct 2022 09:08:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAYd6X1lHNBGhjlOlDgBK9M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D723
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MzQwOTIzMjMxMjU3NDUyMjYzOA%3D%3D
date
Sun, 30 Oct 2022 09:08:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame D723
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1163409232312574522638&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1163409232312574522638&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a46fab57-45ea-4394-b569-f5269175b283&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a46fab57-45ea-4394-b569-f5269175b283&_noobservation=1&_expected_cookie=117ae4b...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a46fab57-45ea-4394-b569-f5269175b283&_noobservation=1&_expected_cookie=117ae4bcfd545b17375a0fbd756f379c
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.101.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sun, 30 Oct 2022 09:08:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
762301eef98caaff-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a46fab57-45ea-4394-b569-f5269175b283&_noobservation=1&_expected_cookie=117ae4bcfd545b17375a0fbd756f379c
date
Sun, 30 Oct 2022 09:08:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
762301eda814aaff-SYD
content-length
0
sync
x.bidswitch.net/ Frame D723 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1163409232312574522638&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 09:08:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame D723
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1163409232312574522638?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-2N5jveJE2oQzSV.nd4JdlB9hb7xgyzHxxMhWBMt2wA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-2N5jveJE2oQzSV.nd4JdlB9hb7xgyzHxxMhWBMt2wA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Oct 2022 09:08:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 30 Oct 2022 09:08:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-2N5jveJE2oQzSV.nd4JdlB9hb7xgyzHxxMhWBMt2wA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame D723
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1163409232312574522638
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1163409232312574522638&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1163409232312574522638&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HZCFXY2FCKE7VYQCQWJP
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1163409232312574522638&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame D723 		42 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1163409232312574522638&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E3C63C111C784818A6E6488BE39C63AB Ref B: SYD03EDGE1513 Ref C: 2022-10-30T09:08:37Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
23178
stags.bluekai.com/site/ Frame D723
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=3mbpXOguamg9hJgwocjj&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
0
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ED33 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FDCC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_fy2021.js?bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Oct 2022 09:08:38 GMT
sync
gum.criteo.com/ Frame 7DA3 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
265365
expires
60
usync.html
eus.rubiconproject.com/ Frame 049B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Oct 2022 09:08:39 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Oct 2022 09:08:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cm
p.rfihub.com/ Frame 4CB4 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 172A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dpba%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=124865
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 30 Oct 2022 09:08:38 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 31 Oct 2022 19:49:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 7DA3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dapx%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=apx&refUrl=&vid=71209177463101225166826757000V10&ovsid=800007378547266485
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=apx&refUrl=&vid=71209177463101225166826757000V10&ovsid=800007378547266485
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Oct 2022 09:08:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 30 Oct 2022 09:08:38 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:38 GMT
AN-X-Request-Uuid
2a37585e-8ab6-4f20-a22c-ca30fc2df977
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=apx&refUrl=&vid=71209177463101225166826757000V10&ovsid=800007378547266485
Connection
keep-alive
X-Proxy-Origin
173.245.209.75; 173.245.209.75; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 7DA3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3101225166826757...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3101225166826757000V10&type=opx&refUrl=&vid=71209177463101225166826757000V10&ovsid=3ea55c4a-0bad-4779-afa9-5ee238d9fb7b
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3101225166826757000V10&type=opx&refUrl=&vid=71209177463101225166826757000V10&ovsid=3ea55c4a-0bad-4779-afa9-5ee238d9fb7b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Oct 2022 09:08:38 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Sun, 30 Oct 2022 09:08:38 GMT

Redirect headers

date
Sun, 30 Oct 2022 09:08:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3101225166826757000V10&type=opx&refUrl=&vid=71209177463101225166826757000V10&ovsid=3ea55c4a-0bad-4779-afa9-5ee238d9fb7b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 7DA3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dmma%26refUrl%3D%26vid%3D712091774631012251668267...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=mma&refUrl=&vid=71209177463101225166826757000V10&ovsid=2a5f635e-3f16-4700-93b7-beb0c323963c
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=mma&refUrl=&vid=71209177463101225166826757000V10&ovsid=2a5f635e-3f16-4700-93b7-beb0c323963c
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Oct 2022 09:08:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 30 Oct 2022 09:08:38 GMT

Redirect headers

Date
Sun, 30 Oct 2022 09:08:38 GMT
Server
MT3 4539 98cc2da master hkg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=mma&refUrl=&vid=71209177463101225166826757000V10&ovsid=2a5f635e-3f16-4700-93b7-beb0c323963c
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Oct 2022 09:08:37 GMT
RX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004
sync.targeting.unrulymedia.com/csync/ Frame 7DA3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dr1%26refUrl%3D%26vid%3D71209177463101225166...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dr1%26refUrl%3D%26vid%3D71209177463101...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4392965428
  • https://sync.1rx.io/usersync/tradedesk/cc04825d-dc54-49c1-9d91-dc6dbe5beadd
  • https://sync.targeting.unrulymedia.com/csync/RX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dr1%2...
0
0
cksync.php
contextual.media.net/ Frame 7DA3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Ddxu%26refUrl%3D%26vid%3D71209177463101225166826...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=dxu&refUrl=&vid=71209177463101225166826757000V10&ovsid=BTf9xpaz1OP4j35
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=dxu&refUrl=&vid=71209177463101225166826757000V10&ovsid=BTf9xpaz1OP4j35
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Oct 2022 09:08:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 30 Oct 2022 09:08:38 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-00a1d164ccc6a2581@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3101225166826757000V10&type=dxu&refUrl=&vid=71209177463101225166826757000V10&ovsid=BTf9xpaz1OP4j35
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 7DA3 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:37 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
353028
expires
Sun, 30 Oct 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame 7DA3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D91e5393f-ee1f-4eb2-89a4-219cdb6991...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=2a5f635e-3f16-4700-93b7-beb0c323963c&expires=30&ssp=medianet&bsw_param=91e5393f-ee1f-4eb2-89a4-219cdb69918a&gdpr=0&gdpr_consent=
0
0
23178
stags.bluekai.com/site/ Frame 7DA3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dzem%26refUrl%3D%26vid%3D71209177463101225166826757...
  • https://stags.bluekai.com/site/23178?id=Ntmld4qQYtS2ren0PoQv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0
sync
rtb.mfadsrvr.com/ul_cb/ Frame 7DA3
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3101225166826757000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3101225166826757000V10
0
0
um
cs.emxdgt.com/ Frame 7DA3 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Demx%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.208.230 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:39 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
async_usersync
ib.adnxs.com/ Frame 1184 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:38 GMT
AN-X-Request-Uuid
3afdca03-4048-4dd7-8a73-3a9bbfa7be05
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.75; 173.245.209.75; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8349 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5d84919b7f45216b69062bdd79a9f4d1076485c4dc07eccb8ecfea2eb2dcc12

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
762301e87c4ca82c-SYD
content-encoding
br
content-type
text/html
date
Sun, 30 Oct 2022 09:08:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZiKPE9mGQ74PPEixbj8bwhOFQMuw8Cl5ZmY9K5EIBeQ4oYCDFmosnVbB2MeWei8tvM2zBjKB%2B%2Bp6OBqmB%2F6axyICKElZVA5ONIjigt4L0eS4Ma5EYn0cAGq%2B5d8Jsk8uHMcjhRk8NpOQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 4E4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=892672002309594&bg=!ubqluv7NAAZPh4lnb4c7ACkAdvg8Wj3Ac7ntuHw_6gN3_nk_c1m2zloHm8dg1UxxWNrdGc09xvF-mwIAAABuUgAAAANoAQcKAF3DCIMetnEgNzNCGAqLPsMd9aZg7s65j6hVlyFK60sUBwoxLORyiO35rENHpTOYqmu9c-4lHFxesMDlFT9oJwpXyC9ZK1DVN55W4KBDCzL0rdtup36gjesN8WF_XbCZAsUgPr9dUtK_LetBz1pBDC89MnOrA01VffBkCwYPyeZ1tnAz9dK86VR1--sBn1UrCO3eKR56-cSoP_drHey5ynA4epLtjHdA0dclqb2tcWVxf2NeE_jDbkEN9i6r9fwCuneOCQWud5LDF5BweNa-IPLF6pA-Ewvaw7yozcgRKXyk9ASi0We0dzb88RS5rOIuTNaqeevqjEg7uKvYiIGbDHx2Oq37aLIolvxPOTr-N4LMrUcBgpWUSsLvI5RHeVpS_tCHmPW6HsYSU_noKEmmh6w1SmmJtOFCuHhsoDl5iUY4UDIuZPEURtYWno0kJXrRZrsV8h7DCoyJf6O0vP0b0jrClAV_FXVN1uYNRIw8MPgHSHg5z505_r7C8gUIlulLiierB_fpyi34GUvy1jK7XyuEs-kly75lB7Jdr5QasaqBCNLb7k_AkV7WP2jKm4YSK9VNUEFkTKbsi_WgpY2RYOWcbzs5fflb5UCk5-3cyuv6PQJf8h-1Y2VeUWzjeqbhaxlNY6adt5A8km1hgSxZ_wBlhIrWnMMvHwISw22qBp39Fo-ayjkV7SwWspkZrSZ-rjYvM8FxDTUxATNKW4-OK-TEJfoCvLz0oOhw-w3cbBVg0vITYRGaEePaMAhIXZZ4UN85VywfkVc9wyHgra7GprMeycnK1Z4AkAUiWfTE3bbfGUCdG_I2pxjRMyOKczRIq7USzb-L4mrkyuG0yll9wdpwJ-jS2q9kxB_HlhPvRyFGzeA93spc7HfYipDxoYJxfOm9DzXHWhsgO-T6PUx6Q6erO99mBl4T_q_3vozteF8IuFbZplJaeOLrw6bieaSNoMnKWbhSmynPApWVdA0ivvirqEoBIZOawWb1AV5UjQCMp2uE9FslU50DiM1nkEsUCuJ1wI0fjrQiUyssgiwKN8S--G-Na3fQtqLfNCxlGIUU5Om5GRCp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame 8349
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&dcc=t
0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 8349
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUWsHQBlQmm8hFAnkMqkaxzKzeZ4CFjBcWpahs%2FHjZirMkoXkf34R%2Fa1mSsdWSp2e4iWCu1K5zVjSHG4do%2B8ZYbNaN5LZ4zOfbEyMIeIstKqtzzlk0YYodNuAuZBZ3DBqlD9xJ6ruR%2F6XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
762301eb2f24a82c-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAQUBh0HJZLVtbQ4Z1cEcus&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8349
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&expiration=1669712918&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&expiration=1669712918&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&expiration=1669712918&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 8349
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y14-FUB6IBXdEDD.kK5MCwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMMKXezdCh9XyI_qCszaiBU&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMMKXezdCh9XyI_qCszaiBU&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMMKXezdCh9XyI_qCszaiBU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 8349
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=41492c74-6660-002a-c977d79b
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=41492c74-6660-002a-c977d79b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sun, 30 Oct 2022 09:08:38 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=41492c74-6660-002a-c977d79b
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 8349
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y14-FgAAAJltZAAW
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y14-FgAAAJltZAAW&_test=Y14-FgAAAJltZAAW
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y14-FgAAAJltZAAW&_test=Y14-FgAAAJltZAAW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10139-SYD
pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1667120919.590672,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y14-FgAAAJltZAAW&_test=Y14-FgAAAJltZAAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 8349
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BTf9xpaz1OP4j35
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BTf9xpaz1OP4j35
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-062a250e8c9e3d8af@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BTf9xpaz1OP4j35
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 8349
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y14-FUB6IBXdEDD.kK5MCwAA%264787?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y14-FUB6IBXdEDD.kK5MCwAA%264787
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y14-FUB6IBXdEDD.kK5MCwAA%264787
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
54.185.220.99 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0a2f189e4.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
MMbgcEdCQ98=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v041-06cc643d6.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
LHhkKvzXSIg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y14-FUB6IBXdEDD.kK5MCwAA%264787
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8349 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y14-FUB6IBXdEDD.kK5MCwAA%264787
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
38269
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
762301eb4cfaa8b9-SYD
content-length
43
expires
Mon, 31 Oct 2022 09:08:38 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8857 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTPKSZ9CjjcKCq9BZifcb3OD_iDGO8QQa36eH1Y-HN-1n2M9BPTdL-9TZGdLXWP5Owtz0rrMCNJRO5dZjmvDR6Jd67&sig=Cg0ArKJSzGqSTlU7ZVQwEAE&cid=CAASFeRoSZrA6HluymFDspD_pN_qpMgcMg&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667120915290&rpt=1746&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame FE40 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 09:08:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58812
Connection
keep-alive
Content-Length
9455
Expires
Mon, 31 Oct 2022 01:28:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E446 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
186290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 05:23:48 GMT
expires
Sat, 28 Oct 2023 05:23:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 430C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
b83788974bc80e54c0039e8e4528876c7180a4f1806ca06e063dad7ff599edd7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1vgJys5FOHAT1CBE_f3Znw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-1vgJys5FOHAT1CBE_f3Znw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:38 GMT
expires
Sun, 30 Oct 2022 09:08:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tap.php
pixel.rubiconproject.com/ Frame FE40
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cc04825d-dc54-49c1-9d91-dc6dbe5beadd&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
SynMzzO5JSxpGDgmr1YM_Mn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame FE40
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/SynMzzO5JSxpGDgmr1YM_Mn5EUdSAgOZEtemQ7w0kco?csrc=
0
0
pixel
cm.g.doubleclick.net/ Frame FE40
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWNFFYNTEtMjgtN08zVQ==
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame FE40 		0
0
dcm
s.amazon-adsystem.com/ Frame FE40
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
0
0
pixel
cm.g.doubleclick.net/ Frame FE40
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBkZDRhMGQ4N2QxMDMyNGMyZjU0YzhhMDZjZDgzNzExYzdjNWY0Mg
0
0
setuid
px.ads.linkedin.com/ Frame FE40
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9V4QX51-28-7O3U
0
0
tap.php
pixel.rubiconproject.com/ Frame FE40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOXCToGVfJjcRczbHGKNPRg&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOXCToGVfJjcRczbHGKNPRg&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOXCToGVfJjcRczbHGKNPRg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9820 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=124865
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 30 Oct 2022 09:08:38 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 31 Oct 2022 19:49:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 54D7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.151.12 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f4f6c9b6754e1219f95320b5a3fc2b6dd83495cdf02ee86d7b00316fdf0f60cc

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 30 Oct 2022 09:08:39 GMT
etag
W/"07982afca00cbeb6a50c9541e106da246"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame EAAE 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame E252 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame 7BC4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98dae9a635168059d49a039dba9cb29823cd119d858a1a420c902bcab44b64b0

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
762301edd96aa82c-SYD
content-encoding
br
content-type
text/html
date
Sun, 30 Oct 2022 09:08:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZlMWgrKMIb5wAWYr7r1uX19yoMDhqiPZKBV3kGTh8vT4w%2By0S6Jc%2BTomFOZlG3NWHmPEA6h%2Bkxsce0GNdhLlqcBRkW5fK7vZz7aJbqP1AfFmvpWbOaZWjK9izma02EN28YLCgU2OnLTCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4462
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Oct 2022 09:08:39 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Oct 2022 09:08:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 31CF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=124865
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 30 Oct 2022 09:08:38 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 31 Oct 2022 19:49:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
x.yieldlift.com/ Frame 3713
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9V4QX51-28-7O3U&gdpr=0&us_privacy=1YN-
0
0
sync
ads.servenobid.com/ Frame 3713
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=800007378547266485
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=800007378547266485
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:38 GMT
AN-X-Request-Uuid
e5fee8a9-14c1-48fa-b1d3-1f8c80c15a78
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=800007378547266485
Connection
keep-alive
X-Proxy-Origin
173.245.209.75; 173.245.209.75; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 3713
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
0
0
pixel
ap.lijit.com/ Frame 3713
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
0
0
getuid
x.yieldlift.com/ Frame 3713 		0
0
RX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004
sync.targeting.unrulymedia.com/csync/ Frame 3713
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1789973788
  • https://sync.1rx.io/usersync/tradedesk/cc04825d-dc54-49c1-9d91-dc6dbe5beadd
  • https://sync.targeting.unrulymedia.com/csync/RX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004
0
0
cm
p.rfihub.com/ Frame 3713 		0
0
usa
sync.go.sonobi.com/ Frame 3713 		0
0
usermatchredir
ssum.casalemedia.com/ Frame 3713
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1213%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3...
0
0
sync
ads.servenobid.com/ Frame 3713
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A
date
Sun, 30 Oct 2022 09:08:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame 3713 		0
0
sync
ads.servenobid.com/ Frame 3713
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-tJ.bj4dE2uEKYxFMZt7iKKWN_yyc7VYb945uIRg-~A
date
Sun, 30 Oct 2022 09:08:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8967 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
186290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 05:23:48 GMT
expires
Sat, 28 Oct 2023 05:23:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DDB8 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
1f862141d2336789cbacadb661c275a7b33a8023709266a1d9e7babe26223467
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kJdXJDwWDx5xRd1z6Mny-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-kJdXJDwWDx5xRd1z6Mny-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Oct 2022 09:08:38 GMT
expires
Sun, 30 Oct 2022 09:08:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
async_usersync
ib.adnxs.com/ Frame 1184 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:38 GMT
AN-X-Request-Uuid
1ef3954e-7588-4400-9be1-9ae2d1b1ffea
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.75; 173.245.209.75; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 430C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=2839313750244914&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame E446 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 01:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 01:30:19 GMT
getuid
secure.adnxs.com/ Frame 7BC4 		0
0
Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7BC4 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.183.128 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-183-128.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 7BC4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4584328454131231750
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4584328454131231750
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4584328454131231750
pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7BC4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
54.251.183.128 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-183-128.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
date
Sun, 30 Oct 2022 09:08:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
1
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pm_match
um.simpli.fi/ Frame 7BC4 		0
0
ie
match.prod.bidr.io/cookie-sync/ Frame 7BC4 		0
0
rum
dsum-sec.casalemedia.com/ Frame 7BC4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y14-FgAAAJltZAAW
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y14-FgAAAJltZAAW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10139-SYD
pragma
no-cache
date
Sun, 30 Oct 2022 09:08:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1667120919.950241,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y14-FgAAAJltZAAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dcm
s.amazon-adsystem.com/ Frame 7BC4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Oct 2022 09:08:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BHFZRXXHT3YYW44JVM0X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.servenobid.com/ Frame 7BC4 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DDB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=2622156699884033&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 172A 		0
0
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 8967 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 01:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 01:30:19 GMT
generate_204
tpc.googlesyndication.com/ Frame E446 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?718FCw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usync.js
eus.rubiconproject.com/ Frame 049B 		0
0
generate_204
tpc.googlesyndication.com/ Frame 8967 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gWQ6fA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 Oct 2022 09:08:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4462 		0
0
getuid
secure.adnxs.com/ Frame 54D7 		0
0
sync
x.bidswitch.net/ Frame 54D7 		0
0
sync
sync.srv.stackadapt.com/ Frame 54D7 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame 54D7 		0
0
floor6
sync.1rx.io/usersync2/ Frame 54D7 		0
0
rtset
bh.contextweb.com/bh/ Frame 54D7 		0
0
redirectObuid
sync.outbrain.com/ Frame 54D7 		0
0
cm
us-u.openx.net/w/1.0/ Frame 54D7 		0
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 54D7 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 54D7 		0
0
services
sync.technoratimedia.com/ Frame 54D7 		0
0
142
match.deepintent.com/usersync/ Frame 54D7 		0
0
server_match
ad.360yield.com/ Frame 54D7 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 54D7 		0
0
sync
ads.servenobid.com/ Frame 54D7 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01CB 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 4BDC 		0
0
img
sync.mathtag.com/sync/ Frame F9D0 		0
0
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame BA40 		0
0
pixel
cm.g.doubleclick.net/ Frame 6E14 		0
0
um
cs.emxdgt.com/ Frame 115C 		0
0
idsync
tg.socdm.com/aux/ Frame 5DD6 		0
0
gumgum
cs.admanmedia.com/sync/ Frame 9A48 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 3E74 		0
0
cm-notify
creativecdn.com/ Frame B02A 		0
0
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame E2F7 		0
0
collect
www.google-analytics.com/g/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gob?google_gid=CAESEMFv1Lx3BfuP0mSbGme0msg&google_cver=1&google_push=AZmPxg-vinMPlakjSwNpYK8o2YJ5YIXbd7Yy0OtCzhNiKnoTwejzPFGxscqzW9LYDRzUjVsYceOww6DNcb-aJLjKzUDcTnwOn9UryjM3SqQbtYgtR88S0rGV3aGp1W65YQxzA85fy7BjXl2oDLtYNmXYyu0
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4680%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dfbcdb459-a949-44fb-94a3-2d477a5ce373%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1mYmNkYjQ1OS1hOTQ5LTQ0ZmItOTRhMy0yZDQ3N2E1Y2UzNzM%253D%26uid%3D%24UID
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545650020718409&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=3mbpXOguamg9hJgwocjj&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GNWWE4CYJ5TXKYLNM44WQSTHO5XWG2TK&gdpr=0
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Drkt%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3D%7Buserid%7D
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3101225166826757000V10%26type%3Dr1%26refUrl%3D%26vid%3D71209177463101225166826757000V10%26ovsid%3DRX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=80&user_id=2a5f635e-3f16-4700-93b7-beb0c323963c&expires=30&ssp=medianet&bsw_param=91e5393f-ee1f-4eb2-89a4-219cdb69918a&gdpr=0&gdpr_consent=
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=Ntmld4qQYtS2ren0PoQv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKOORWWYZBUOFIVS5CTGJZGK3RQKBXVC5RGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3TCMRQHEYTONZUGYZTCMBRGIZDKMJWGY4DENRXGU3TAMBQKYYTAJTWONUWIPJTGEYDCMRSGUYTMNRYGI3DONJXGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3101225166826757000V10
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y14_FUB6IBXdEDD-kK5MCwAAErMAAAIB&dcc=t
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/SynMzzO5JSxpGDgmr1YM_Mn5EUdSAgOZEtemQ7w0kco?csrc=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlWNFFYNTEtMjgtN08zVQ==
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBkZDRhMGQ4N2QxMDMyNGMyZjU0YzhhMDZjZDgzNzExYzdjNWY0Mg
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9V4QX51-28-7O3U
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9V4QX51-28-7O3U&gdpr=0&us_privacy=1YN-
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-29a4563a-614b-4d03-8765-61a99d8f3d2f-004
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1213%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dfbcdb459-a949-44fb-94a3-2d477a5ce373%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27656803&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_c451a7a2-80ce-4bae-a474-d52ad1ad1a37&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=a_c451a7a2-80ce-4bae-a474-d52ad1ad1a37&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_c451a7a2-80ce-4bae-a474-d52ad1ad1a37
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9jNDUxYTdhMi04MGNlLTRiYWUtYTQ3NC1kNTJhZDFhZDFhMzc=&gdpr=0&gdpr_consent=
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaq0&_p=2997&cid=109556288.1667120914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667120914&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&dt=HOT%E3%83%BBStuff%EF%BC%8F%E6%AD%90%E9%99%BD%E5%A7%8A%E5%A6%B9%E8%8A%B1%E5%90%8C%E6%A1%86%EF%BC%81%E5%A6%AE%E5%A6%AE%E6%AF%94%E5%A8%9C%E5%A8%9C%E6%99%82%E9%AB%A6%E3%80%80%E6%90%B6%E5%88%B0SAINT%20LAURENT%E6%9C%80%E6%96%B0%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| _qevents object| ggeac object| google_tag_data object| google_js_reporting_queue object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| quantserve function| __qc object| ezt object| _qoptions undefined| google_measure_js_timing boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

62 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ_9eZwcIwCgoIgQIQ_9eZwcIwCgoI4gEQ_9eZwcIwCgoI5gEQ_9eZwcIwCgoIhwIQ_9eZwcIwCgkICRD_15nBwjAKCQg6EP_XmcHCMAoJCAsQ_9eZwcIwCgoIjAIQ_9eZwcIwCgkIXxD_15nBwjA=
.aralego.com/ Name: sspid
Value: 513422bb-f3b5-3490-bb22-5c785e20d948
www.bg3.co/ Name: __AP_SESSION__
Value: ea03ff1d-54e2-4d82-bc6c-55e1a9984c99
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: 6cb6c5c0-5832-11ed-95d0-000d3ac77851
.adpushup.com/ Name: ap_usid
Value: 6cb6c5c1-5832-11ed-95d0-000d3ac77851
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 25250a8c-092a-426e-9630-e864ee115a5a
.openx.net/ Name: i
Value: 25250a8c-092a-426e-9630-e864ee115a5a|1667120912
.bg3.co/ Name: __gpi
Value: UID=00000b7177050aff:T=1667120912:RT=1667120912:S=ALNI_MY_rQrqrHzB1m4WWX4bVH4vNPbluw
.omnitagjs.com/ Name: ayl_visitor
Value: d39aa5bee636dd1a9efc2a518cbd9ebb
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwkP74mgY4AUABSAEQkP74mgYYAA..
.adnxs.com/ Name: uuid2
Value: 800007378547266485
.prebid.a-mo.net/ Name: __amc
Value: 1_1667120912_1667120912
.a-mo.net/ Name: amuid2
Value: fbcdb459-a949-44fb-94a3-2d477a5ce373
.prebid.a-mo.net/ Name: sd_amuid2
Value: fbcdb459-a949-44fb-94a3-2d477a5ce373
.teads.tv/ Name: tt_viewer
Value: 033b98ff-e3be-45b5-b7c0-bad0281109ce
.rubiconproject.com/ Name: khaos
Value: L9V4QX51-28-7O3U
.quantserve.com/ Name: mc
Value: 635e3f11-46eae-91343-cf08b
.bg3.co/ Name: __qca
Value: P0-2054909376-1667120912320
.doubleclick.net/ Name: IDE
Value: AHWqTUmL0bWkgqkCi6K94yk7nv3KLZfzFvZO6RA6_nKGjem4iF5nzgAJHPlTWE-vT-4
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1667120914.1.0.1667120914.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.109556288.1667120914
.bg3.co/ Name: __gads
Value: ID=5aebbfd76497f41e:T=1667120912:S=ALNI_MYkUOzi7Crwt_ElpAhcCXoIGiXRrw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.media.net/ Name: data-g
Value: CAESENt_Cu3i9_CWP5OUbvNVZBc~~3
.yahoo.com/ Name: A3
Value: d=AQABBBQ_XmMCEGWZngx_l2I23gdixaFYduoFEgEBAQGQX2NoYwAAAAAA_eMAAA&S=AQAAAlzev6sWKbjVRxstou7gZaI
.adsrvr.org/ Name: TDID
Value: cc04825d-dc54-49c1-9d91-dc6dbe5beadd
.media.net/ Name: visitor-id
Value: 3101225166826757000V10
.fout.jp/ Name: uid
Value: 5KGxrJZsF13RM_T5LO31z6VBZ88
.3lift.com/ Name: tluid
Value: 1163409232312574522638
.casalemedia.com/ Name: CMID
Value: Y14-FUB6IBXdEDD.kK5MCwAA
.casalemedia.com/ Name: CMPS
Value: 4787
.casalemedia.com/ Name: CMPRO
Value: 4787
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&627d7876-d756-4c9b-81d8-aea7b08139b1"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2720:u=1:x=1:i=1667120917:t=1667207317:v=2:sig=AQH1EsPjZqQbGvl0eLMKV5q2hj_HFb0Z"
.ad-m.asia/ Name: uid
Value: KxHmTvMx23
.media.net/ Name: data-ttd
Value: cc04825d-dc54-49c1-9d91-dc6dbe5beadd~~1
.casalemedia.com/ Name: CMTS
Value: 4763
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22cc04825d-dc54-49c1-9d91-dc6dbe5beadd%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-30T09%3A08%3A37%22%7D
.w55c.net/ Name: wfivefivec
Value: BTf9xpaz1OP4j35
.openx.net/ Name: pd
Value: v2|1667120917|jElYiuvOiahI
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIuGmpV2Tc/NbUyebV3a1st2okSIv+stq7jh5jfE/WxDStzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Em9dRdKCTFZDCax3pyYFnS0=
.socdm.com/ Name: SOC
Value: Y14-FcCo8X0AAFzE0LwAAAAA
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.bidswitch.net/ Name: c
Value: 1667120917
.bidswitch.net/ Name: tuuid_lu
Value: 1667120917
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY3MTIwOTE3fQ
.openx.net/ Name: univ_id
Value: 537072971|cc04825d-dc54-49c1-9d91-dc6dbe5beadd|1667120917823839
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.linkedin.com/ Name: li_sugr
Value: a46fab57-45ea-4394-b569-f5269175b283
.w55c.net/ Name: matchmedianet
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: 196y~2809
.bing.com/ Name: MUID
Value: 2369EFDB9F2B6EEC1128FD969E196F6C
.c.bing.com/ Name: MR
Value: 0
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCNrOlc-LmJ07EAUSFQoGY2FzYWxlEgsIuJ310ouYnTsQBRgBIAIoAjILCNrGmPyhmJ07EAU4AVoHc3Z4OXQ1MGAC
.bidswitch.net/ Name: tuuid
Value: 6c54b03f-41f0-4dab-b918-c8e102069481
.w55c.net/ Name: matchcasale
Value: 5
.prebid.a-mo.net/ Name: _sv3_8
Value: 1

4 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667120912&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhotstuff-ou-yang-zi-mei-hua-tong-kuang-ni-ni-bi-nuo-nuo-shi-mao-qiang-dao-saint-laurentzui-xin-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667120911631&bpp=11&bdt=1738&idt=593&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=1253511197404&frm=23&ife=1&pv=1&ga_vid=2011282796.1667120912&ga_sid=1667120912&ga_hid=2107020429&ga_fc=0&ga_cid=amp-xsJp22PgIWWqIlQkeD2sxw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=116132446&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775017%2C44776449&oid=2&pvsid=892672002309594&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uhcmtbqt0l9l&fsb=1&dtd=615
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvaG90c3R1ZmYtb3UteWFuZy16aS1tZWktaHVhLXRvbmcta3VhbmctbmktbmktYmktbnVvLW51by1zaGktbWFvLXFpYW5nLWRhby1zYWludC1sYXVyZW50enVpLXhpbi1iYW8uaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22d5bbeee138b90f8c816dc3bc47fbd3.safeframe.googlesyndication.com
233dbc799b6c97eb435d7e4f0d893258.safeframe.googlesyndication.com
3bbcfd225afbb2010c357ba4f90a0a1f.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bi.adpushup.com
bidder.criteo.com
c.bing.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
d-7042014433843010914.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
eus.rubiconproject.com
image6.pubmatic.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
p.rfihub.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
um.simpli.fi
us-u.openx.net
www.google-analytics.com
x.bidswitch.net
x.yieldlift.com
103.229.10.171
103.229.206.241
103.254.153.160
104.16.86.20
104.17.25.14
104.18.101.194
104.18.12.76
104.18.13.76
104.18.18.126
104.18.19.126
104.211.156.162
104.254.151.69
124.146.215.43
13.107.21.200
13.107.42.14
13.225.103.27
13.225.103.38
13.225.103.63
13.76.45.37
139.5.84.243
139.99.49.250
142.250.4.132
142.250.4.154
142.251.10.132
142.251.10.155
142.251.10.94
142.251.10.97
142.251.12.105
142.251.12.149
142.251.12.155
142.251.12.157
145.40.89.200
151.101.129.108
151.101.130.49
172.67.71.254
172.67.72.16
18.136.168.236
18.177.60.42
18.66.147.106
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.31.5.52
20.212.157.225
202.131.200.84
202.232.238.37
23.195.152.23
23.195.153.54
23.36.252.26
23.72.44.196
23.9.185.218
34.107.148.139
34.111.151.213
34.98.64.218
35.213.117.18
35.213.12.39
35.71.131.137
42.99.140.144
42.99.140.161
42.99.140.201
44.233.47.176
50.116.239.135
52.193.151.12
52.220.190.140
52.223.2.229
52.46.128.147
52.74.13.196
54.185.220.99
54.228.225.243
54.251.183.128
54.86.208.230
64.120.88.131
69.16.175.10
69.173.158.64
69.173.158.65
69.174.120.110
74.125.200.113
74.125.24.155
74.125.24.157
74.125.24.95
74.125.68.155
84.17.37.44
00739a0fe69062031752c75b75b308311ea009b35c9450fb4ce5f7ea22bf1e33
013e0e57d67748264684029e3a513686ac0f259be54313b37cfd9f2662acedbf
02b05f1317c1890e72e2fa3990704371ae45dff00c861b84ae8afd0b5915cde8
02ca71e42807ca4edcd88f4df36fb382ca31abaa167e961b5d8821b90df84753
02d0925c68229d0bd98f3af1e09778e698509326d301c8dfce35d764c4624cf3
02dcde77543120bc35b625b94c080f9be268af328c81fef34454a181caa8322d
046c4196ba90f3fdd62ac6a79afe297e49c52e6ca2affa036cc05734a5a9e57b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0861bbf90cfc85cd0e3a2048daf0888529de37055055bfee84eebf16a40bff6f
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b438028bfa67d4d8e510277da5d2ef09e44259275b785306daa0194ec33eaa8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
1015b52f3adc6a317d7cb0d123b45eb32ef3cc33289e122d7b31fd04dcaa1398
1035c75a5a67d1948d8f3522704f1d1c312495d4f8a23d83f27cea00630ecd7e
10dbcc9899f52c4f2a795c011ece789a1f42fe6cff023fd6e99992d09503e68f
11500ad29834b77c9418c6bf4675aebeaeb0134175d3efac013eb934775c15f9
11c6433ab25d057157166511f56031c32b06c839f8d513ea71a603d6c407b981
1235a29955a58c7ab1047cdc7b7a605ea49a58a0a0e96242f3fc4b209cd2b72d
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
17511bad9e9a09c95561ec288f9624777fd314e726d1957f45b2ea4870414d89
18f0136590b2edd53cf0e84b02d9925dee208b74c5797d979be6dea7654cdfc3
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1f862141d2336789cbacadb661c275a7b33a8023709266a1d9e7babe26223467
216e74d3380039780456b15f952e178b66899439035f4dcd97af8dcbaeeb665f
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
250c1b604fa7be74bbbe3e710ec2cc93a0ad73e5abcbc2285e614ed3dcc3fa24
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26ba495159fa2fbbcf392078537007714892a5738e18be304a795ec1cc7d03e4
28879ea471ea3d67f6046e731997bb213278fc408859913da3fa73aafb14b8d3
28a0f1d1319f7483825253711f3e997562dbfd9b9a6c5708f5425f45b0c899f1
28e2a2947239f4e8426282e3f7aedbb66ee5eebc059c6ea4baf395df9f20d8df
29c1bacc0c1dce5279effe946670ac84a9a2a143302b7b92af00016b080e50b5
2a739e68776bf599cd8b0377cb761f08570c968705c5628858c1a2a742d4d13b
2d87329328583cde577a8bd57fa210f86a6e48e79311f7c421b1d29594383703
2fdcc086c66d6d46161cc9e2566e3f5d9e33e2abb9c07126383d50931b4751fc
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c
3b8510ac1dd6b0e066b605d40a9f8c8922eb42dbc7d7c3d4c5b343f3d7c1f786
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d717f9ac0044a9ce6129aad5d2d8ec583354286ac2ef7756bce192658e36d27
3d889c0fdbe7f03fabc30f2135428f2a7f73a95a36e69e48ce090cd99c2537d0
3d8cf384beb444a90d9fd2b95ecdd4e75b0ceba1f781f58f350a0e223c95870b
3deb24ca4332d5c92047aaf3c11f43bc620b423c98b65c51f262c1cdf90dd343
3f6fac5cb13db69d864d73fadb48ef85f7fb626334d8810b1fc171ecf203610b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40b3d3fb7ba26b8d384cfe8f0749311d6ce7cd9c0e3dced7cca33966a963d126
418175d0a5ca6d9e5ec104c3fe3c47f7587cc23cc7bf0c99468c79f9d9881000
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
476e63a6d29df70d70d6feac80a366865900053a593ee6c2c17f4f2ca426cfbc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bf904cc1ae9008d3198ad892ec4e7f1b0f322cb053a46dc2e901c12ed552814
4c54a7167d8f46db25633861195e63418e352c2901317be7c962edb16325f67c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51320a20116f7c0177e7c3994e087c1c9f0a84eaa3562ef0cd6d2b5a566bd578
533575d8658361553513b2e0c9514b1b6de15968821f80bd32a6f1c56108a8f2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
5b94a487fd57ffa8ae35f70c4c3dd9cba39b41a8ce508f186d89e5070b20dae5
5e47c752756b3a9e250b552647f7097af65a9bc54f1d399dc2423c2ad7fc1b8d
5efd77e8ae1c1ed394c1bb9ce7c0603647a14568b1bb3185f3a9134eac913d05
5fd3b761e0e5ec9cac677e0ac84730bf2129382f084f215b8a4a9eb48cca8184
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6139013c9b03e4e9ca86a7ba3e35d5065f34b91d544d0f0592810f0176debc6f
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6225677bca4055836010f25827a7361b6aaf0cd443fac3032a6b67418e8b0b47
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
6424a50d0985ef9a971939cb454016d912617332f035368042af6724ab6f97c6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66498b3e9157ed0d3313e418512b8f62b2241e16ff131d943b20b41881faecfb
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6df235f3e73733a2e11ec568689cbd8d7833e093fed8f325ab39382d333b5eea
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
6e75207a4e6024551c2a00928d405b67991b3b828f416b707f19f4d993b791fe
6f4bd941c07cb2c617bc15470f5acca9457b6962274c81639745d09eba68d6f5
71a96f7c720bb3051a55f893575c800365cbc2132bb0037a189449705863ab2b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7486f391bc8fe950f051973ae6b6bcda5587c0f2ad5d06b317859f2f18a62683
77dcb0c5eb70decd65ce173b46dd4cde176193779d377856450d2699becd347d
7bc473215d8cce8f525c5753cf5bb139b449d01ce0c2d34f9dc5b72029cfe6bf
7c4b9ea70a95afad778c5588333e1fe46b8eccca216765b88ae329bb224120ca
7d29930e301c98943706a232f813e6b0496357d023d66ce24539ddce2e68d63b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836b73722f6a2d319944c45101f9d7e59f5199932e1c999e328ab4c1ce61b5f5
83afdfb46b46b56ab820dcde57ac11b2e9874d8ede9cad19b7f141ad981f29d7
843e99845494d24995f82240219d6b85e063cc6226cac48026062deb36cfa98b
8440cb7b89dd4722955bab6fc98b3056b0f6a64f51c577950f44d59c36d6c2cb
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
849cb340b3f2d2e47c6cf051cfb9ebdff7f21dd1b6571f243b750c92d963a9aa
8743e9e734f4f887873a92582318c63b455686683b7e5a6715a0396b916d2550
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aa3dd5a11a39ee7b20c24fe0f43a2b2a2e86f7aec5329ee74545f3efb1e0119
8c6a5c04df0e2d77fbdfd9f5eee27037d67e82f26e9a233379b7964e5401146b
8d473f1089faa2ac8827cc21aafe3891998dd10af4ca2011ee05dbdd201e80e6
8e4c70d820fe0f08846c3a7f39a1406a0094ed48b7c3528889d0ddb9c4799337
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910457e169a1a6b06040465dbd7bf591a14560245bf96368d13a1b2665cef4fb
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96803d18b02e0fe76c41fea0e114f438c3a1a6b41c5f85c13fc904567dfe311c
9840d62850a5552523b8bd69c104fc0c39f2a99b4de9a56f96a89c73120f6c68
98dae9a635168059d49a039dba9cb29823cd119d858a1a420c902bcab44b64b0
991e44c88b92c8794f08e6a4e069c6e19c762f7c63ee281a2c2b033add20f3fb
994612319222f44579eb573fc60ddbd75587d6555696574a0b6f920f9b2db0ab
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8f41bcf72d52660a42d61167db039b5d785675c74d57b13ff318143350973f
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9ce1d538ed806f3be2df87a671a35692e58fec4c046f5553aaedd010e12e66ec
9deaec616ab9e72871362b693bbf5c55f738d13bad029f7fc801db46cf4cf98e
9e493857ba8e0f8232ddf47ece4c91e723dec3411d6f9ae9d1b8a38a99ef811d
9efb0aa37b1e1762e239c4d08868749076463d005b10fcd3092ca516c4098354
9fc41cb89aab94e9f21845068f6b44a44b43ef11fcc7824f939bc326c7d4fbac
9fec289372e6d2ae1d0c0cea24a79ddbe14155c69d736ff01f0ac90419f6426f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1ea4a44797127031d35992339df3deab05fb26b6bb79113cdec4d514d41f5ea
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3c47bcf82a73a53d2f1514c01c144e59298d29f5ebc75c0bb5499fead4e91d1
a42644d9be6fcf6b7e2a14524b90fa936eeb6661c8d6a33a961bb65f17017791
a4309265903052524638da5af6d5447080aa47a72e9591a63f02c407f2b6c0be
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d84919b7f45216b69062bdd79a9f4d1076485c4dc07eccb8ecfea2eb2dcc12
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76a6238b8cdb00c18530747e67fa0d09d32ecf9e57a081b7ab43679e2246216
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a9b53e109c7232f3045fe2df204525df9a166743f8fc0b9285bca0c227168413
ad2d94bc9242f8bc340a18b57e4515ba7726222cccff509b140254060744915e
afca1da23761ca1a098b4e7aed2270c09825dc466e174bf9b048b21f9e1ecc6d
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b18fb07562ec8eabce6d1c45556ac337953958dcc0daf1a57e93177051c6cb
b20d90c8336a95de38d2fe3667c3204e793b1bb2356b220e56317281100df3b5
b83788974bc80e54c0039e8e4528876c7180a4f1806ca06e063dad7ff599edd7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc839e2b8061fd18ce70846df02ab475717bec1b85317223b8675ce068c9e238
be3156ab10a60b94de48e7cda3e9657b62d284ff8acb6716aeec6b4981e569be
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c492670963a6d8685b9338a44c896e9d37a5291d2211eb901e153683fecfc851
c4dde9f99a8bb662b12bae6bff32f93e6a0100daab85e51e1cb174b747881b6f
c56bf25f4a67f4343fa5f163ff65ad7121c606a05c13963f41aaf18e471cddb1
c639475111ae9c7a6c89e022ab7a77eb6e9d82145e845dfba037b53650297288
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c99db983f19714dd171b9f00a8cb46537142bc202716238733332f2212e94a30
c9cb17ca4fbfd88bfb56bf96fef42c80e02a43beba78908fa027bae6fa7f903b
cb74fa4900354f69b279fe0c594ccedb4d8ec70568f7a59e04e0d5acc12b8df8
cbff71b9cab298de1d2b36ee8c6bc30d986323950c564d6399408fa838ecfacf
cd247b5b6412f4a83d6be7f1addf05635b26635e6a6ffb3db69b95fe940c4917
ce3df553e2adedd420d3d416dc241aa6c5fc98fdf181e7d50bc35b07e509c7bf
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1e164b2aad13c6720e4136f4bb289e957324e570d474f6bed98445d075d4523
d37b6441dc4049f8fe981972f64903aa46280708aa7f2c4465b447df78459f5f
d3a64559251d22e177481e823ab195125df6201e95b60354faf5fad87afea386
d5c9206498167ae367183280cca00fded1c302326686b204c2abeada05d88e27
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dba93323689cff5411c64ff0756958c6ccb41d970f9b017a4bc76a38954d0e4b
dd5f747fd5f3e8b95ee6d2d66576e30e5daef7c24007c93de23eeea544ee8d2f
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14d7a3f81c1b07c43bb868b6a6f5c0b6400ce7f56c919f7ebdb65e5ed7104a1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50585f1f8ba96a3e0141113d447927d79a13fb9fdec396a22d39234731ba4cd
e5350173a6a42d5440f01475cdd5450346873e913280d9a429079c96df993eb3
e58bb65e5ce1a00715d3571d44cf9040e3f2cc2bc2f6eae3e2caa25607fb0d50
e733a5425d1408ee7574730bd0d7f2d7ad1b8aab65c7caf090480bab275f22a1
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
ead8480cc07a7ab8bffc52dbfd3ea8c825d5b451d29f0eac8e4d2dd4a8b90ae6
eb8304092bddb1608d9d661895bc22294ed02b1c2ebf3836be696ecaaf5e84dc
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eca37871db74e9bfe2f151b95a17fe2d97f240c7db8300c9e2ad200772d383cf
ecfd41d571131ee6a3645928e532a429c7df85cb0dd8e78061ab4b5a1ca65f5b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2164a3211cc8cb0f494c8925129fdc89f1acdc7fd35419de169c3415801c499
f37313be4c9b0aa8e82ddccb1e068330ad4cd20d66fd997551dbf845bfbc21fb
f4f6c9b6754e1219f95320b5a3fc2b6dd83495cdf02ee86d7b00316fdf0f60cc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
fd3214f17ddc3e26627a49a114528ef4964325dce904a739a7d15b8668c98c7a
fd6718dfbc1923fc97d8e7b451aba19807cd323c1d4cc60d01ed92a2dfbb528b
fee4affdb3a01482848e0bf5da6a12a2c8944473d7e0eab08663fd04a3621e2a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1