urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji....
Submission: On October 01 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 9 countries across 90 domains to perform 429 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 601985.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
20 172.217.194.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
27 104.26.3.91 13335 (CLOUDFLAR...)
1 48 142.251.12.155 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
13 74.125.24.157 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
9 142.251.12.156 15169 (GOOGLE)
1 142.251.10.94 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
3 142.251.12.113 15169 (GOOGLE)
1 104.16.89.20 13335 (CLOUDFLAR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 12 35.244.159.8 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
1 13.228.253.200 16509 (AMAZON-02)
3 51.79.234.101 16276 (OVH)
2 3.114.61.6 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 23.50.119.72 16625 (AKAMAI-AS)
2 104.18.19.126 13335 (CLOUDFLAR...)
3 145.40.88.5 54825 (PACKET)
1 52.41.101.164 16509 (AMAZON-02)
4 34.253.177.61 16509 (AMAZON-02)
1 35.213.57.6 15169 (GOOGLE)
3 7 104.254.151.68 29990 (ASN-APPNEX)
3 103.229.10.211 16509 (AMAZON-02)
4 142.251.10.154 15169 (GOOGLE)
2 142.250.4.156 15169 (GOOGLE)
1 13.227.254.126 16509 (AMAZON-02)
1 13.227.254.11 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
2 130.211.27.62 15169 (GOOGLE)
18 139.99.63.197 16276 (OVH)
10 34.120.110.45 396982 (GOOGLE-CL...)
32 74.125.24.132 15169 (GOOGLE)
4 142.250.4.155 15169 (GOOGLE)
1 13.227.254.91 16509 (AMAZON-02)
2 104.21.91.120 13335 (CLOUDFLAR...)
1 10 172.217.194.106 15169 (GOOGLE)
2 34.120.11.34 396982 (GOOGLE-CL...)
1 2 103.71.26.125 132134 (SPOTX-AS-...)
1 51.83.220.94 16276 (OVH)
8 34 74.125.200.154 15169 (GOOGLE)
3 6 69.173.158.64 26667 (RUBICONPR...)
2 104.19.172.108 13335 (CLOUDFLAR...)
3 4 35.213.12.39 15169 (GOOGLE)
1 34.95.81.88 396982 (GOOGLE-CL...)
2 182.161.73.129 55569 (CRITEO-AS...)
3 8 104.18.18.126 13335 (CLOUDFLAR...)
2 74.125.130.157 15169 (GOOGLE)
1 142.250.4.148 15169 (GOOGLE)
2 2 104.45.178.220 8075 (MICROSOFT...)
4 9 35.71.178.8 16509 (AMAZON-02)
6 6 52.74.13.196 16509 (AMAZON-02)
1 1 54.255.75.208 16509 (AMAZON-02)
1 182.22.24.252 23816 (YAHOO Yah...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 172.217.194.95 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
7 8 15.197.193.217 16509 (AMAZON-02)
1 1 13.115.99.16 16509 (AMAZON-02)
1 1 150.95.47.242 7506 (INTERQ GM...)
1 2 96.17.188.24 16625 (AKAMAI-AS)
1 1 18.179.72.109 16509 (AMAZON-02)
1 1 18.176.15.61 16509 (AMAZON-02)
3 3 124.146.215.52 2514 (INFOSPHER...)
1 202.241.208.3 4694 (IDCF IDC ...)
1 1 35.186.253.211 15169 (GOOGLE)
2 2 70.42.32.95 22075 (AS-OUTBRAIN)
1 1 54.178.150.250 16509 (AMAZON-02)
1 35.213.109.249 15169 (GOOGLE)
1 172.217.194.94 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
3 23.50.118.44 ()
2 23.75.85.227 ()
1 184.51.241.7 ()
1 52.84.45.81 ()
1 151.101.193.108 54113 (FASTLY)
2 2 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.101.194 ()
1 3 54.255.219.108 16509 (AMAZON-02)
1 3 209.54.182.161 ()
1 13.107.21.200 8068 (MICROSOFT...)
1 1 50.116.239.135 ()
2 2 13.227.254.74 ()
2 184.51.240.213 ()
1 182.161.73.146 ()
1 34.236.45.231 ()
1 54.199.33.212 ()
1 23.106.127.164 ()
1 104.18.12.76 ()
2 151.101.194.49 ()
429 84
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
20    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
cdn.ampproject.org
2f80241080ab424386abcb6f7a118447.safeframe.googlesyndication.com
d3351484448a30a57e9d9ce6d5718687.safeframe.googlesyndication.com
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
27    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
48    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
13    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
securepubads.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
9    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
adservice.google.com
adservice.google.com.au
1    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
d-24636870792853334319.ampproject.net
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
3    142.251.12.113 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f113.1e100.net
www.google-analytics.com
1    104.16.89.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
eu-u.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    13.228.253.200 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-253-200.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
2    3.114.61.6 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    23.50.119.72 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-119-72.deploy.static.akamaitechnologies.com
a.teads.tv
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
3    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.41.101.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-101-164.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
4    34.253.177.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    35.213.57.6 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 6.57.213.35.bc.googleusercontent.com
grid.bidswitch.net
7    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
3    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
adservice.google.com.au
2    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
partner.googleadservices.com
1    13.227.254.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-126.sin52.r.cloudfront.net
adx.holmesmind.com
1    13.227.254.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-11.sin52.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
2    130.211.27.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.27.211.130.bc.googleusercontent.com
win.eskimi.com
18    139.99.63.197 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ns5000585.ip-139-99-63.net
dsp-media.eskimi.com
10    34.120.110.45 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.110.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
32    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
4    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
www.googletagservices.com
1    13.227.254.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-91.sin52.r.cloudfront.net
pxl.qccerttest.com
2    104.21.91.120 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn-europe.eskimi.com
10    172.217.194.106 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f106.1e100.net
www.google.com
2    34.120.11.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.11.120.34.bc.googleusercontent.com
dsp-ap.eskimi.com
2    103.71.26.125 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
34    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
cm.g.doubleclick.net
6    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    104.19.172.108 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
4    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    34.95.81.88 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.81.95.34.bc.googleusercontent.com
s-cs.rmp.rakuten.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
8    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
googleads4.g.doubleclick.net
1    142.250.4.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f148.1e100.net
s0.2mdn.net
2    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
6    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.255.75.208 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    182.22.24.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
cksync.yahoo.co.jp
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
8    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    13.115.99.16 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-99-16.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
2    96.17.188.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-188-24.deploy.static.akamaitechnologies.com
cs.media.net
1    18.179.72.109 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-72-109.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
1    18.176.15.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-15-61.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
3    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    202.241.208.3 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
gdn.socdm.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    54.178.150.250 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-150-250.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
3    23.50.118.44 (None, )

ASN- ()
contextual.media.net
2    23.75.85.227 (None, )

ASN- ()
eus.rubiconproject.com
1    184.51.241.7 (None, )

ASN- ()
js-sec.indexww.com
1    52.84.45.81 (None, )

ASN- ()
public.servenobid.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.101.194 (None, )

ASN- ()
p.adsymptotic.com
3    54.255.219.108 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-219-108.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
2    13.227.254.74 (None, )

ASN- ()
cr-p3.ladsp.com
2    184.51.240.213 (None, )

ASN- ()
ads.pubmatic.com
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    34.236.45.231 (None, )

ASN- ()
cs.emxdgt.com
1    54.199.33.212 (None, )

ASN- ()
g2.gumgum.com
1    23.106.127.164 (None, )

ASN- ()
ssbsync.smartadserver.com
1    104.18.12.76 (None, )

ASN- ()
cdn.indexww.com
2    151.101.194.49 (None, )

ASN- ()
sync-tm.everesttech.net
Apex Domain
Subdomains		 Transfer
77 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
2f80241080ab424386abcb6f7a118447.safeframe.googlesyndication.com
d3351484448a30a57e9d9ce6d5718687.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
898 KB
57 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299
577 KB
34 eskimi.com
win.eskimi.com — Cisco Umbrella Rank: 68897
dsp-media.eskimi.com — Cisco Umbrella Rank: 44698
dsp-trk.eskimi.com — Cisco Umbrella Rank: 39000
cdn-europe.eskimi.com — Cisco Umbrella Rank: 53133
dsp-ap.eskimi.com — Cisco Umbrella Rank: 45758
401 KB
28 bg3.co
www.bg3.co — Cisco Umbrella Rank: 601985
static.bg3.co
653 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 2
5 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
327 KB
13 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13577
eu-u.openx.net — Cisco Umbrella Rank: 1805
rtb.openx.net — Cisco Umbrella Rank: 1470
u.openx.net — Cisco Umbrella Rank: 641
us-u.openx.net — Cisco Umbrella Rank: 394
jp-u.openx.net — Cisco Umbrella Rank: 10620
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 14921
e3.adpushup.com — Cisco Umbrella Rank: 16219
aplogger.adpushup.com — Cisco Umbrella Rank: 15729
217 KB
11 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 957
fastlane.rubiconproject.com — Cisco Umbrella Rank: 465
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
eus.rubiconproject.com
secure-assets.rubiconproject.com Failed
token.rubiconproject.com
24 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 481
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com
dsum.casalemedia.com Failed
8 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 376
4 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 282
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
4 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 344
4 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 593
secure.adnxs.com Failed
33 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 103730
1 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1147
cs.media.net — Cisco Umbrella Rank: 1341
contextual.media.net
15 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 32100
sync.aralego.com — Cisco Umbrella Rank: 2902
4 KB
5 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 930
x.bidswitch.net — Cisco Umbrella Rank: 288
3 KB
5 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1671
public.servenobid.com
6 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 728
gum.criteo.com — Cisco Umbrella Rank: 402
dis.criteo.com
1 KB
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1195
gdn.socdm.com — Cisco Umbrella Rank: 128499
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
175 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9124
45 KB
3 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
2 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 922
pixel.quantserve.com — Cisco Umbrella Rank: 417
cms.quantserve.com — Cisco Umbrella Rank: 979
11 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 925
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
519 B
2 everesttech.net
sync-tm.everesttech.net
237 B
2 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com Failed
12 KB
2 ladsp.com
cr-p3.ladsp.com
1 KB
2 adsymptotic.com
p.adsymptotic.com
476 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
1 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 532
1 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
42 KB
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3447
931 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 636
57 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
287 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 574
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
1000 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
75 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 663
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 15435
11 KB
1 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com Failed
1 KB
1 gumgum.com
g2.gumgum.com
2 KB
1 emxdgt.com
cs.emxdgt.com
67 B
1 turn.com
ad.turn.com
441 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
668 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2886
218 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 15539
514 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 136172
305 B
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 117608
569 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 112069
402 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 105339
362 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1661
454 B
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3249
621 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 538
356 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 268
69 KB
1 rakuten.com
s-cs.rmp.rakuten.com — Cisco Umbrella Rank: 36046
275 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 9298
458 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 993
551 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 861
679 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 359293
1 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4130
518 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1254
360 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 389
2 KB
1 ampproject.net
d-24636870792853334319.ampproject.net
0 creativecdn.com Failed
creativecdn.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 adform.net Failed
c1.adform.net Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 lijit.com Failed
ce.lijit.com Failed
ap.lijit.com Failed
0 yieldlift.com Failed
x.yieldlift.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 clientgear.com Failed
event.clientgear.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 agkn.com Failed
aa.agkn.com Failed
429 90
Domain Requested by
40 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
www.googletagservices.com
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
34 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
www.bg3.co
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
eb2.3lift.com
u.openx.net
g2.gumgum.com
32 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
pagead2.googlesyndication.com
27 static.bg3.co www.bg3.co
18 dsp-media.eskimi.com googleads.g.doubleclick.net
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
dsp-media.eskimi.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
13 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
10 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
10 dsp-trk.eskimi.com googleads.g.doubleclick.net
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
www.bg3.co
9 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
8 match.adsrvr.org 7 redirects cdn.adpushup.com
g2.gumgum.com
8 googleads.g.doubleclick.net 1 redirects cdn.ampproject.org
pagead2.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
7 ib.adnxs.com 3 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
7 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 ups.analytics.yahoo.com 6 redirects
6 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 adservice.google.com.au securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 e3.adpushup.com www.bg3.co
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 us-u.openx.net 1 redirects u.openx.net
g2.gumgum.com
4 x.bidswitch.net 3 redirects googleads.g.doubleclick.net
g2.gumgum.com
4 pixel.rubiconproject.com 1 redirects googleads.g.doubleclick.net
www.bg3.co
4 www.googletagservices.com googleads.g.doubleclick.net
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
4 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 s.amazon-adsystem.com 1 redirects eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
g2.gumgum.com
3 contextual.media.net cdn.adpushup.com
contextual.media.net
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 tg.socdm.com 3 redirects g2.gumgum.com
3 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid.a-mo.net cdn.adpushup.com
www.bg3.co
public.servenobid.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 sync-tm.everesttech.net ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
2 token.rubiconproject.com 2 redirects
2 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects www.bg3.co
2 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
2 b1sync.zemanta.com 2 redirects eb2.3lift.com
contextual.media.net
g2.gumgum.com
2 cs.media.net 1 redirects contextual.media.net
2 mweb.ck.inmobi.com 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 csync.loopme.me googleads.g.doubleclick.net
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
2 sync.search.spotxchange.com 1 redirects googleads.g.doubleclick.net
2 dsp-ap.eskimi.com dsp-media.eskimi.com
2 cdn-europe.eskimi.com googleads.g.doubleclick.net
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
2 win.eskimi.com www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
1 g2.gumgum.com public.servenobid.com
1 cs.emxdgt.com contextual.media.net
g2.gumgum.com
1 dis.criteo.com contextual.media.net
1 ad.turn.com 1 redirects
1 c.bing.com eb2.3lift.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 fonts.gstatic.com fonts.googleapis.com
1 y.one.impact-ad.jp 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
1 ds.uncn.jp 1 redirects
1 rtb.openx.net 1 redirects
1 gdn.socdm.com www.bg3.co
1 v9999.adv.admeme.net 1 redirects
1 google.dap.fw-ad.jp 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 dynalyst-sync.adtdp.com 1 redirects
1 cms.quantserve.com 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
1 www.gstatic.com 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
1 fonts.googleapis.com 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
1 trace.mediago.io 1 redirects
1 cksync.yahoo.co.jp googleads.g.doubleclick.net
1 match.sharethrough.com 1 redirects
1 s0.2mdn.net googleads.g.doubleclick.net
1 s-cs.rmp.rakuten.com googleads.g.doubleclick.net
1 a4p.adpartner.pro googleads.g.doubleclick.net
1 eu-u.openx.net googleads.g.doubleclick.net
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 d3351484448a30a57e9d9ce6d5718687.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adx.holmesmind.com pagead2.googlesyndication.com
1 2f80241080ab424386abcb6f7a118447.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-24636870792853334319.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 image6.pubmatic.com Failed ads.pubmatic.com
0 creativecdn.com Failed g2.gumgum.com
0 sync.mathtag.com Failed g2.gumgum.com
0 bh.contextweb.com Failed g2.gumgum.com
0 sync.1rx.io Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.srv.stackadapt.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 c1.adform.net Failed ssbsync.smartadserver.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 dpm.demdex.net Failed ssum-sec.casalemedia.com
0 dsum.casalemedia.com Failed ssum-sec.casalemedia.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 secure.adnxs.com Failed ssum-sec.casalemedia.com
g2.gumgum.com
0 ap.lijit.com Failed public.servenobid.com
0 ce.lijit.com Failed public.servenobid.com
0 x.yieldlift.com Failed public.servenobid.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 rtb.mfadsrvr.com Failed contextual.media.net
0 event.clientgear.com Failed contextual.media.net
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
0 p.rfihub.com Failed contextual.media.net
public.servenobid.com
0 secure-assets.rubiconproject.com Failed contextual.media.net
public.servenobid.com
g2.gumgum.com
0 sync.go.sonobi.com Failed www.bg3.co
public.servenobid.com
0 aa.agkn.com Failed www.bg3.co
429 138

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-14 -
2023-05-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
adpartner.pro
R3		 2022-09-04 -
2022-12-03		 3 months crt.sh
*.rmp.rakuten.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-28 -
2023-02-17		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-08-05 -
2023-09-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh

This page contains 61 frames:

Primary Page: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Frame ID: 48DDC15B56CB3F4EC30DD7EC39E00CF3
Requests: 109 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7118EF87FA034DF62A98087E7D4B04C8
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 203AB055519904BC0F0727DDA222A17A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E086EBD2490845118013DFB12B3B9FF2
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 01E61D616DCBD75DC93DFAED39BD5E99
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-818600253368092350&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3086&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=733000222&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&ga_hid=222&dt=1664586830072&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&bdt=2539&dtd=279&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: F77C0CA3C83327EAD18C20BA4CF3E093
Requests: 1 HTTP requests in this frame

Frame: https://2f80241080ab424386abcb6f7a118447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DF8068AC8201F158BA0141E58F0374B1
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 37B578E2EAE42BF0FAFCE5B4547FA370
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Frame ID: 051EC4004893A9A4C8E917B3655FA399
Requests: 1 HTTP requests in this frame

Frame: https://d3351484448a30a57e9d9ce6d5718687.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 42A68F429D319B0E0A9DD92872E831DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=ClgprT5Q3Y8HMG9-BvcAPwoqzuASr9MPSaPCfuq7JDMCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGu6bzIA8gBCagDAaoElwJP0B0QhDPYugK_1UiO-BhzLXxUViV6koujbEWZzZqsYs0bmrHnpe02Qqg3RKu0lUEQ52HF65bX-KGaOPKfg_XFoPZSYD8_jS5htzsCDIwCcK7Q1QBEpxQ57NmR3rFOGKxBNJB3P9xpw7xwat4XqL2pCqvtoGesv1yZZZW3xWPi1_ZA_4mANQlN5LpkEgjM09GzuO6-TrQsmogZZND641cWhM_FAT3g6WBmoUTGMoG00DuEdlXleETR9PiMbEJf_l_uplG_nC0N2KREqWkRRQnISWUTgHM2W6TAFZBFoZzz8_VyH2lSmmq2QRk5ZGCTCMiGwmLc2BF2_25_mUHZcLptL13N4_WV9OO_fVSG_hHvTdSkifDX8mCABvzN69bPhdyLjgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=zbbu-_jEeNg&uach_m=[UACH]&cid=CAQSGwCsnQUxxCZOCMlcrNOaLoi_yGXpufUZqpbMzxgBIBM
Frame ID: ECC01742330BE0E20FAAFA4B43295CAD
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C269A9583DDB1AD3E51658E7F4D01A2A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B2106BF6BD2748EFC4AE876AF76375B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Frame ID: 06B0B93C5238DE3A1DC028451AE41A6B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 82A328724CF2EE1E7F9279AB21CD94B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66D292016CBF6CF5E0761D11E98FEEA3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOIkAEQ0_SyrAIYvt_g0wEwAQ&v=APEucNWaKnVFNcmFNi3hJf4bACFh491-VGnd29TXduykPyBq-NfiNlF4ogzUvFKAQSzBk95r0keUXtADvt8jC7kC-q_YQPiGwA
Frame ID: 83C2E212AB112C9CBF970E62BA1691D1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BA7Y81prYc0acB9vNg3jgCSBg0tZW-pTHceov2D69rM5F1erh2tVwSKD-88JWpQeomCN0EVOuRNFVEZB6_4Pi5qwpDspb2VVRghYym_kj27uA4agoh9hyUQRUMIrLVus33kd82XqoeP62RM39spqH-Vx80n0F01OxLf2fpKWGQq-8CJn0&cry=1&dbm_d=AKAmf-DSascJfQzjSWzq_RSoJs0gI6mqx_-alB2Qca6GWyyHhO9yURis2YzBkz5iQ9F7nVEcZcrCjCj83OjDcF5MB61DYWGAbCq6lZYy7nTobQHHGELCfbkostTurc0b4A-tXYMLI5a7LJOAnLPZkK60bUN3TAsUbXOcIQDLZNUCQtfatfJQNGhLNGm0K0Xu_QdH27y-B1VgUdy1AqzOvlMejNbvVTE7bLBL0wqGAefi9WS253ssnvfm8YJd4ZESY1xr9b8pPPDw7wrcapEQ5p2aLh8wgzJgzfZhoTz-HWhW5hKUvFFmAr0sfitc6GmW51PhjrYywOHKrtoOMv_WgX1FkQeBkd5qOBAM0D3NP4bZ_m_POrJuTTClE7Dh71zwuHnVy-YtVgAjc4oN5iGH-UCxDY6LBIY1FY0I9fI_flu4IEjEmIyjw5IVfA-w00a3Uc16uk7Xsh0b9WfkmREbeVD_sRucwxJVWOWTMfdl-E7PmSwiqPt7btnKFSYr46puR2oMGNBqVuHxZs7PyQVnsuJ0--Ab6-qakzd7cJlWFKxx4A_IuLOlmWgWbJV_a8lNS3DIfjmuDVdJgh4ZyR7BD7nYu6v7lyQRmPTAJMSLcyumZ05yKziZeFKsEO9tUzR-abIQQWTp2uSgcBsliLQUBxcL4vbUkWEJ2s-JRfCjUILKv2Iooxpv7oNQoCo-KxpTegMHDSA2mhTlx7zi1Xq5_DJzL8l8AY9YqQr2-sLFjKq0_WMBJZqEbcrsNlpVcqZFwpHfvHKD0tqOjR4aJCE8jyrW-l-viu53g_jHkrvRVnO28Xnkrf0SuDQQTFV5opzN8q6dpN2LsaYqlosB11PJPV21yaA7x4XynKcdBoy2s-aJwIm2qOgOSvkGuSgySWHckRtgvqGCwj7Q8JyH_BoE8v79dkzuBIKRah9zCA5Yk0pA90IE-cI8daNtB4LCxCizb07Cg8SmJzkl7Z4CysN-Jj4OMeFta2rWIAsqDXFWkZ2-uk31mi0haHkPgBSzJfwMbFAo4NNEHsU3g6CXhWPRNe7MkliGopQ-jcvylhz8bVMnscNLaHi6Yz_V-E6rYsQmthKvWuyKPdpfNGv9c5oVGdctMO6V6oW0DcSF0-xuACIBZAZ0XBuY2DYEN5YK67NC0gEephePCCJg1VeOASPSOTwNHRgMqXIpDJfmqPv_FYioBEaz63rjZXb8oI780EbLUwliRVIHmjyMpFsqRAvOA64xIhZ24eGZVUqW-Q-YgSbNsIB3DZGj-FX4t1UN6R-E4ToIB_4LUzOXMwYHp5jbqOWWyE4rwalZ-hxYooMcD0fdBcwkS_LnPHmAs7TgmJSQ4xL4oL7n10Ij0bmlZapWwqLV4sKRiiTIR3kbcGanPZ9nmdAwn8cAUUV_94P2fd3hdn05IEkGrvuFTVYFeocSIJ4ceUWUS2b62nBptF9ejZRfLBpaQu8doC1YrDUp7x9QGFmDaQrJ-ihl96bLHH-vtzpuLPiEbtOnSU2aMWyDvUW47FEigssuh6D2Sd008kffFdLq5KWHU6zMuxs_mQdgLBarLiVaBXx-lTqGA0rdWaib01z0I8hfNa57dcYl8T15QONNXborXfG6_JEPgubeSHvGFXU6nSbCBfePmf8g1EW08mRtFBatUU02VDWoDlElXry7oMop3IiODOSj3dJ0Vwn0wMdrVcmvwTbiowqrxkQHEPTbd_nuaANK05bFptNx-E7rgrtdTthKQMGSGffkLFcqByLF0irgMyA8zPeBx1qKZk8oaUjRUZufEjoFSuTZCEu2RE820_cbBxXWZxZ9K4tE7JcgJO0HkGgYBu3LplqPbbSKfigermE_Tq-i8pmuKOOamrnl_XHZigguh4Rj6i4Znu139JCon6lItsUd5zmQy2ztOtrHMwn0QkHFS3q14P8AHlVQyxb7TV40nqEfaEh1KYlskDmoTQQiMkr2NlLj2opViL4xZu0jCigQIvJfzeDAava2FWiy5Y3xblMoGRzo20uSTw2XtMMtHDY27PHqspT6rOFFUlPdoPuplWDc2mP7zPr7oGpEBwaeSIUNti8S4EgeRTfwLIf8M8NaTw5FSibuV0o_sXInvp9t6xLbESmADRtQZ5yjFb6Z4zk2qiJGoPdsx31rmW0FhkKpO_U-cZzlcau854dVJqH--1r5HiCygoEbS_jHyQZ8gQta_BI2iGboe1yyWKjbJnE-NoL66uhj1IXP8xwURskEDI4zD3zmy45uRLs_ks72pkAFE6Z_arO63qqaffP0VjZk_e3VGp6FlMJt_MYYyvJ0dEBnLBcXv2slGRujIyCGzdxj9XCyxj1ecsCMzr8AHb6aMeDAFWG_gAHhV2BdoHs-rYKO8svZl3rSQGTMCYBsXIef9gTXrQylhyDmC7ExAsveC4adhEMBlIWtpnSg9xALZoE4Jp2_Jd6Jcuhwee9Fr3X7q-i7EmYosihu_aWSIf0g-tYHdFU9j-R6Df28LPDygGOPXoWdSJlWji4PPNminrUVMzHJtEq4GJg5FCBI97HDour7YAWq1_bXLVC7x1TlbbUp267XTdsJonKgNczuUGb0UNnI0ZJRnykzJVpCvKNd5YMACtjSMWDuyeEJyayk0KZB6I1BYFmJiUY8CkpsCv2bFpYfSJYnmNaO3LIeot0FpB_JhQ9lGvMdgV97WAZisDfGjaP_s6uWSSw4yGljPyblurL-4_P99-Q1mA8qgSJVh8r3O4PAdzxOvy3HpS_7z6_VibdOKEFMLDw0I7kmf0gTsrFN4z3WTMb0HdrX_S_oHrwYJNLexQ2ygBNGJmY1Zu0Sg1ni6bhmhLFctz79Ufz8ExZtmFQLHWcIORzz9qXj-r5A09lOLMcGi3SJHRi7L0XmcKa_7BtM0jIcMz-iz1AtqmqOBIlthmBgB8nEqpNKdSU6TsJgUgmqWongIBiREssKJC2svsVi_k6oIKeEH5ZIQjxzuH6iEITJsJ9DfCJeYOm1QwoBJa8eOZNz3yGa8G5ayaQMBqJZyGh0tAHj8iME64KUl492p58jR9IscJM9P5Om09vlQsVYOSWuIf_ZgafsiJ7_fYQCl9xGP_Hl1NfLWOnWFMXn2oG6KwsfCAgJM_XA6uOXIf9YA-RyQcD1vak5xvTvzccX4oOExN8GyyM4xdU-b5-Do88MIURghg6gM2NVOU3KIc-WV84M5d9M6n94U9iFtBukPmnsJhjaWtxO_ntNGDwhjaAZMH5Ejy5_zzTACSST1m9pbmvn_ZllucRicG1D7cJi5vvI&cid=CAASEuRowtk_hVTXqWWAN8EsIHSwyw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Frame ID: 2C70F1926CA80602D9D338F0E0464203
Requests: 13 HTTP requests in this frame

Frame: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 883B6A87ACB40344D6FE3C8B71B52977
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EFA4A4C03204319FF9CDC13A6E10B91
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AE8408C78BC44606EF0410C03314D82A
Requests: 3 HTTP requests in this frame

Frame: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 62C9C90B88489173DF99E11653609725
Requests: 31 HTTP requests in this frame

Frame: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2DEFEF8A63D42698935545530DBAB61E
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 481ADEF30EFCCFB4F36BE76804DA0EB6
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 56FD6E39C8632A0938684B86E4B2C022
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C67BA6F980441AAB7DEE8644BE7B4060
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 10476FB5191DE47A72A51AD33325A23A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 69AF1440B9C2488FCB38831967E91E5C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB7FFA1A041764C9F8BCC7BA3834C27F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06D2646FB78507AC371F10C163537F54
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A68A06B58310F15A59BA9FF6D5586B58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B760017521EB3D7CC243116FA1FEA24
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664586831204
Frame ID: D14426B3BB0C1BCEBC306342440D1093
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: FFC0038D40795CBF3A97AEB409146A1E
Requests: 13 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 137D61ED72B08D43A05911BBD8B1CEBC
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EF0BA03C88AD751A6EC7C8A2A4456470
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8CADED2119E783303A86F8FC95A175F4
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AFB129F79D61A06D7CD478119D503C10
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 739CB3DC3F88BA51F8107519ADF4DE65
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 01FD4DB3A0BA77F2E5DBFEA90959C22F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Frame ID: 69C3478F018F1E3CC6C2A6A26F143932
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CC201F1C4724580C17913F1860C7D6BC
Requests: 10 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Frame ID: 9668999D597ECE589F460BCBC088B0C8
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Drkt%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D%7Buserid%7D
Frame ID: 883A91AFC659A56DA5EC550FC372914A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dpba%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3DPM_UID
Frame ID: EF8039132EBC7F0F38A68E45BF421A20
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 2F1A835E4E69E33188FBF6B251731651
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9EC182740D9ABF95A867B4D8B71A53AF
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 1D965EB72CC991A414A9BB462F806E34
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 01417CA29D2568842C9F9BF6BBE51F7C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 44F26F8E011CFA2FB7F3B612169E163A
Requests: 10 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
Frame ID: E4A75E65938043FFA2B14311B33954FE
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
Frame ID: A9E84A3548F2430E8D4F7450FA0734A2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 3EF3BF92D6C414E616DE5B6EE61479AA
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9iNDhmNjYzOC0wYWI1LTQ5NTYtYjNiOC04NjIwYjYzN2EzYjM=&gdpr=0&gdpr_consent=
Frame ID: 249DF8B63535EAE7565F7128EDD75B34
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: FD7E6078B4BBFB0B307FF0B2CC1103A2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 5B858BE42D397AAE407795896F19AEEF
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: BBE776F9B44FED0B870AC72D19D96A3D
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 95E145C8E5101D80D666E9514FC4B422
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 97F569FBEB2CF4F7101DF3AF8EB34D5F
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 0512E0A3FC4F8E4E647E3D1B81203F8B
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Frame ID: E592476946C6FAB5CFB61FF83B1CD716
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

網友肉搜「條紋正妹」 竟泄密時尚界不能說的顯瘦秘技 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

429
Requests

72 %
HTTPS

0 %
IPv6

90
Domains

138
Subdomains

84
IPs

9
Countries

3745 kB
Transfer

8713 kB
Size

81
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 105
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830546&bpp=11&bdt=1761&idt=721&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=2&ga_vid=356789275.1664586831&ga_sid=1664586831&ga_hid=323566173&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4862&biw=1600&bih=1200&isw=336&ish=280&ifk=1557083246&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767668%2C42531706&oid=2&pvsid=817492877369404&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nh7mbh2p4qa9&btvi=1&fsb=1&dtd=737 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 152
  • https://sync.search.spotxchange.com/partner?adv_id=8855&uid=b0aef428-3672-4ab0-bfd5-646b539f6d4f HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8855&uid=b0aef428-3672-4ab0-bfd5-646b539f6d4f&__user_check__=1&sync_id=50c7c4f0-4126-11ed-8f56-1e0b86f70507
Request Chain 158
  • https://x.bidswitch.net/sync?dsp_id=364&user_id=b0aef428-3672-4ab0-bfd5-646b539f6d4f&expires=30&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=b0aef428-3672-4ab0-bfd5-646b539f6d4f&expires=30&gdpr=0&gdpr_consent=
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1&C=1
Request Chain 178
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzeUUWU-BsXtuw7mpk8XoQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJXJaWjw2sl13Sq-FqvgpyI&google_cver=1
Request Chain 180
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTQ1NTI4MTI3MDk4MjIyOA%3D%3D
Request Chain 193
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg-ehGM98GjA33bM_lrxstUYWj-yYIPopZzXEOl0-n0TvZCbF8IIBzRUyZBDHW_4ysY5gUHhxvoqshdMMUDR1vK-IINXH_DU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmI2NzlmODAtYzRkOC00YWQ5LThmMTQtNDNhYzM1NmQ4ZWI0&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg-ehGM98GjA33bM_lrxstUYWj-yYIPopZzXEOl0-n0TvZCbF8IIBzRUyZBDHW_4ysY5gUHhxvoqshdMMUDR1vK-IINXH_DU
Request Chain 194
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEAkE5I8i6BSdCdj2gXaQ9S8&google_cver=1&google_push=AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieSNRKimj21vW9Hpzx8tEg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEAkE5I8i6BSdCdj2gXaQ9S8&google_cver=1&google_push=AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieSNRKimj21vW9Hpzx8tEg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieSNRKimj21vW9Hpzx8tEg&google_hm=2--ZvM-0Sw6y60XNjM2ulg==
Request Chain 195
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBiy7eLspl-4Z9VILPuCpoo&google_cver=1&google_push=AZmPxg8ceWvzjuBZuTo78LbBHn2i6AUPcK2GBhavuuiTX-H7nEvuTQv4hiowduIv89TJcBYscLKyc7XQ1Z9EP6qW7QMc-l53e5Juug HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8ceWvzjuBZuTo78LbBHn2i6AUPcK2GBhavuuiTX-H7nEvuTQv4hiowduIv89TJcBYscLKyc7XQ1Z9EP6qW7QMc-l53e5Juug&google_gid=CAESEBiy7eLspl-4Z9VILPuCpoo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D&google_push=AZmPxg8ceWvzjuBZuTo78LbBHn2i6AUPcK2GBhavuuiTX-H7nEvuTQv4hiowduIv89TJcBYscLKyc7XQ1Z9EP6qW7QMc-l53e5Juug
Request Chain 196
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEArEBBAm28PPpojBBsxkbTs&google_cver=1&google_push=AZmPxg-xiVzr3Fb4xAi9I3Ue50VKfpsOOgDL_ulvmhpZRJvXRdHXy39eBTleWGPmMyfII8_Il975UM_041N-R3vSgSMKMkM6b1U98IQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEArEBBAm28PPpojBBsxkbTs&google_cver=1&google_push=AZmPxg-xiVzr3Fb4xAi9I3Ue50VKfpsOOgDL_ulvmhpZRJvXRdHXy39eBTleWGPmMyfII8_Il975UM_041N-R3vSgSMKMkM6b1U98IQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11UGhtdnVoRTJ1R0ZrWVBnZ2tSUUxjTmRrNjJXbU1zVX5B&google_push=AZmPxg-xiVzr3Fb4xAi9I3Ue50VKfpsOOgDL_ulvmhpZRJvXRdHXy39eBTleWGPmMyfII8_Il975UM_041N-R3vSgSMKMkM6b1U98IQ
Request Chain 197
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENffBLMQE4vErqCv47ValAk&google_cver=1&google_push=AZmPxg_0rttykSiK1CPmsjFkafTLnINK1jIFqEe994PugQEKyvSYKE7GeZ4kZKL_ZBVYfYmYbv6ybKsrUs-5tp8SGTgdPWQsmgELzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTRjYjEzOWUtNWM1NC00Yjc3LTkwZDAtMTFhMDljZTc5MTVj&google_push=AZmPxg_0rttykSiK1CPmsjFkafTLnINK1jIFqEe994PugQEKyvSYKE7GeZ4kZKL_ZBVYfYmYbv6ybKsrUs-5tp8SGTgdPWQsmgELzw
Request Chain 199
  • https://trace.mediago.io/cs/google?google_gid=CAESEJ54NswucUSoCLeoBhTEq28&google_cver=1&google_push=AZmPxg8maEwRWFe6i6-FSrnST6p6DV_4ZCrWpeyEI9i1zO_yJLV8CWJO4JiIiGWzJj2R_89dxR7QfNDH8YJ7lazILIt8I_ITO0vF5g8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg8maEwRWFe6i6-FSrnST6p6DV_4ZCrWpeyEI9i1zO_yJLV8CWJO4JiIiGWzJj2R_89dxR7QfNDH8YJ7lazILIt8I_ITO0vF5g8&google_hm=8314b548dc913210255be567e4187628
Request Chain 249
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 268
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEpGT2Slw6jPIQ9FJxx7muM&google_cver=1&google_push=AZmPxg8XKFqAifrEUI2ECzh3HIAd05-ROnLsNgg4BEs0ayu00SPpzK0VM8XUhRJBdZc_9t138Q5WN82_v12uyJnSn-2fjsZVorCYlOzzNfrtPEwVMttNAzph1B2rKhA8nFbsMmxhiUCx1lbIOsfqIxccSSY HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEEpGT2Slw6jPIQ9FJxx7muM&google_cver=1&google_push=AZmPxg8XKFqAifrEUI2ECzh3HIAd05-ROnLsNgg4BEs0ayu00SPpzK0VM8XUhRJBdZc_9t138Q5WN82_v12uyJnSn-2fjsZVorCYlOzzNfrtPEwVMttNAzph1B2rKhA8nFbsMmxhiUCx1lbIOsfqIxccSSY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzZhMTJlYTktMDgwMi00NDAxLWIzMjYtZGY0NTlmNTFkOGM2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c6a12ea9-0802-4401-b326-df459f51d8c6
Request Chain 269
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg_Ca5C6XeNvhqcAfUg8Wpp5JfVm54VsBExh59SBJHyN5ox-RH4fDVJVV9rx4cGsYXI_RooXz7FokVIcvXhht-WdoqSlAzQxKii2j3J_iNpxtn8731Yu4l22Wvb4M4nO5Ztq021EnQeJWus03GKyDZM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmI2NzlmODAtYzRkOC00YWQ5LThmMTQtNDNhYzM1NmQ4ZWI0&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg_Ca5C6XeNvhqcAfUg8Wpp5JfVm54VsBExh59SBJHyN5ox-RH4fDVJVV9rx4cGsYXI_RooXz7FokVIcvXhht-WdoqSlAzQxKii2j3J_iNpxtn8731Yu4l22Wvb4M4nO5Ztq021EnQeJWus03GKyDZM
Request Chain 270
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEGpdLdtGd7FJM2FcrVYdjRo&google_cver=1&google_push=AZmPxg92KubA4ASNfhlNxAM5VlwPque6x1uP-qQuGseSiOnynwm-oDUai7m-R5nnvuOvKT3eH38MYrv9jtiS2vmss1L8suj_l2x4GW42LJTx4LlPYu7I8_b_ZWNUYSj3jItXWg2vz00L6Zn7cw4Yl6AeftQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AZmPxg92KubA4ASNfhlNxAM5VlwPque6x1uP-qQuGseSiOnynwm-oDUai7m-R5nnvuOvKT3eH38MYrv9jtiS2vmss1L8suj_l2x4GW42LJTx4LlPYu7I8_b_ZWNUYSj3jItXWg2vz00L6Zn7cw4Yl6AeftQ
Request Chain 271
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEJEZ33SPkT8pqrnqt7obdi4&google_cver=1&google_push=AZmPxg-Y4RrlIdJGxBiVePIUZCaC4U6wobQpMkebOarz5mWEjdfu_VGItIssUvOetGEri9MnkZsMvJygvLvQ-WW5qx0sEfr3S5IDySGfcGfC-LYScJx_TcKvE1sQhxouTQFJKTcg0l3tkrUC7fRnj2Fami8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-Y4RrlIdJGxBiVePIUZCaC4U6wobQpMkebOarz5mWEjdfu_VGItIssUvOetGEri9MnkZsMvJygvLvQ-WW5qx0sEfr3S5IDySGfcGfC-LYScJx_TcKvE1sQhxouTQFJKTcg0l3tkrUC7fRnj2Fami8
Request Chain 272
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIyhIrW4scNHFNBct8AjFIw&google_cver=1&google_push=AZmPxg9ziCmkfv5ELxGKvnG7ZS75bvTHFppw2LQFJiNOk7WQ6E9QqcBfS15IXZQtS43w7pxO_1y8f5CTY72VEKvTP2SzSoGj1goSZYujqWZcZdtUmOU9WQo_PG3mA905-qXXwgqRc_NUcdyu_nyuzFMT_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3NTg4NDM2NjgyMTQ0NjAwMFYxMA%3d%3d&mn_hm=MzA3NTg4NDM2NjgyMTQ0NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9ziCmkfv5ELxGKvnG7ZS75bvTHFppw2LQFJiNOk7WQ6E9QqcBfS15IXZQtS43w7pxO_1y8f5CTY72VEKvTP2SzSoGj1goSZYujqWZcZdtUmOU9WQo_PG3mA905-qXXwgqRc_NUcdyu_nyuzFMT_A&gdpr=&gdpr_consent=
Request Chain 273
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEONtbqTA-6CSW83a2jPYqY0&google_cver=1&google_push=AZmPxg-5J_5vJ8167bI3X4VtbIwoNMZA4z4oBDIu2Zv4Tz7gkp7zibFEg7ZVAOFRujQFG6FmFecWkUljrnsbtzi7xSW2Qk9i8WgAejhJYrF_ZwyDdVUjfX48JlhFR2FuWrYEQdOQ5gwq1vDhvjE80rC4-i63 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg-5J_5vJ8167bI3X4VtbIwoNMZA4z4oBDIu2Zv4Tz7gkp7zibFEg7ZVAOFRujQFG6FmFecWkUljrnsbtzi7xSW2Qk9i8WgAejhJYrF_ZwyDdVUjfX48JlhFR2FuWrYEQdOQ5gwq1vDhvjE80rC4-i63&google_hm=Njk3YjVmNjctZDcyZC0zMjk4LTg1YTUtNTI3YzA3NzU1YTUy
Request Chain 276
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEC041LUVOpMU1zJPCQZaI9k&google_cver=1&google_push=AZmPxg9ptbT8UnIjZjvUNZYuAniYWt9WDTDk4EZlL0TeTbUzMrRxBEDGbfeqX_AOTT5_DPLKMIJIXonV9UkA31lMpe2oFZ2Jcsg_qg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg9ptbT8UnIjZjvUNZYuAniYWt9WDTDk4EZlL0TeTbUzMrRxBEDGbfeqX_AOTT5_DPLKMIJIXonV9UkA31lMpe2oFZ2Jcsg_qg
Request Chain 277
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEDaym_GvHiuo5KG5TMbn1ac&google_cver=1&google_push=AZmPxg9a0iS0zzxHjQ61QSJRQwUcB7kJJ_pLKPyy_immA3Rc26Ie9X3gRLfO8W-QMi07Aj2xr80r319MYbwMtKmhVvXwwtmNQvB33A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXplVVZNQ284WVFBQUxYc0Vxa0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDaym_GvHiuo5KG5TMbn1ac&google_cver=1
Request Chain 278
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDmH9KhP_0eUUqA3Yl8u6QE&google_cver=1&google_push=AZmPxg_niSAYpVxjcZ14OGf1y7lMHEeOnUgfLNOdYgciVVTBbdu4DRNuZt2JPsNhQYIs0LsLeUh1P2XcxsTomYCOo2mTQ5O7wM4qaw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_niSAYpVxjcZ14OGf1y7lMHEeOnUgfLNOdYgciVVTBbdu4DRNuZt2JPsNhQYIs0LsLeUh1P2XcxsTomYCOo2mTQ5O7wM4qaw&google_hm=jtyrwZIOz8QzuUSTrxPGjQ==
Request Chain 279
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEApL8yAQTaF_0U_NhqjMoVI&google_cver=1&google_push=AZmPxg8oMOSkyPWS1RV50k7Y4MinKf4X1Z7Lq_dztyWJxbwcr2EV1SNqb6ij88irlxgx-5fMQGMTQFc6M8kEfAZlhrO3OZCUE-NjlQ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEApL8yAQTaF_0U_NhqjMoVI&google_push=AZmPxg8oMOSkyPWS1RV50k7Y4MinKf4X1Z7Lq_dztyWJxbwcr2EV1SNqb6ij88irlxgx-5fMQGMTQFc6M8kEfAZlhrO3OZCUE-NjlQ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8oMOSkyPWS1RV50k7Y4MinKf4X1Z7Lq_dztyWJxbwcr2EV1SNqb6ij88irlxgx-5fMQGMTQFc6M8kEfAZlhrO3OZCUE-NjlQ&google_hm=Mko4V0M2cmNMNV9wbnNYbFIzQ20=
Request Chain 280
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEIyLThu6lbhdX6vy3OpcEDA&google_cver=1&google_push=AZmPxg_tNOsUgUcZzroe_rEHwYYe8FQGaMgxpjE1ZiKGs79IoFWgPd9CuWaOK-IUo-_UfCb8Zn-jde8KsRXBZySCQ7DEP7ekt_FVLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg_tNOsUgUcZzroe_rEHwYYe8FQGaMgxpjE1ZiKGs79IoFWgPd9CuWaOK-IUo-_UfCb8Zn-jde8KsRXBZySCQ7DEP7ekt_FVLw&google_hm=Af771BZG2kXKjAF0dtkWUys
Request Chain 281
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMoO1IAUg2TpdvLiL0Wjhw8&google_cver=1&google_push=AZmPxg9sS-n60vUHHYDYO4P-moNDHSXQ5IWPKwmQXUVZKMCmmixtFZ_0osuUfGBrKdg499efOCAN4An39_fWjZ1e4hUdjjCp5D0vBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9sS-n60vUHHYDYO4P-moNDHSXQ5IWPKwmQXUVZKMCmmixtFZ_0osuUfGBrKdg499efOCAN4An39_fWjZ1e4hUdjjCp5D0vBA&google_hm=WXplVVZNQ284WVVBQU1tNkxpTUFBQUFB
Request Chain 311
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=955dcabf-9295-4566-a613-1ea5d3830624&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523293851477180124&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523293851477180124&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=0e5ea6d9-f834-449d-9a31-b686758cbb25&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523293851477180124&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 312
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L8P80RCH-J-KIWN&gdpr=0&us_privacy=1---
Request Chain 313
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D955dcabf-9295-4566-a613-1ea5d3830624&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3365%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D955dcabf-9295-4566-a613-1ea5d3830624%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD05NTVkY2FiZi05Mjk1LTQ1NjYtYTYxMy0xZWE1ZDM4MzA2MjQ%253D%26uid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMTNmNTAzZC1iYTc5LTNmYzktOGY4Zi03OGU3YjIyOWNiNzcqpAJodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMS8zMzY1P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MS0tLSZBPTk1NWRjYWJmLTkyOTUtNDU2Ni1hNjEzLTFlYTVkMzgzMDYyNCZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTlwWWk1aFpHNTRjeTVqYjIwdmNISmxZbWxrTDNObGRIVnBaRDlpYVdSa1pYSTlZVzE0Sm5WcFpEMDVOVFZrWTJGaVppMDVNamsxTFRRMU5qWXRZVFl4TXkweFpXRTFaRE00TXpBMk1qUSUzRCZ1aWQ9dWEtMDEzZjUwM2QtYmE3OS0zZmM5LThmOGYtNzhlN2IyMjljYjc3MgESOAE=
Request Chain 314
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=955dcabf-9295-4566-a613-1ea5d3830624 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A&gdpr=0&gdpr_consent=
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c6a12ea9-0802-4401-b326-df459f51d8c6&dongle=0cfd
Request Chain 320
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGGuuez4JpB7fuhLNLXyurg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 322
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D
Request Chain 323
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3197731560771929952153&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3197731560771929952153&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2ecf762e-b0e3-409c-83fb-4e0e1e6c1faa&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2ecf762e-b0e3-409c-83fb-4e0e1e6c1faa&_noobservation=1&_expected_cookie=204451f66140539a4d080991bedcccdb
Request Chain 324
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3197731560771929952153&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3Ddbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=681c66064f314273a351bed7aee0feec&ssp=triplelift&bsw_param=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 325
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3197731560771929952153?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8drADilE2oRRSbtInTZBVCMggm4VXqdciKOeRW1F3g--~A&dongle=0883
Request Chain 326
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3197731560771929952153 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3197731560771929952153&dcc=t
Request Chain 328
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=2J8WC6rcL5_pnsXlR3Cm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GJFDQV2DGZZGGTBVL5YG442YNRJDGQ3N&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GJFDQV2DGZZGGTBVL5YG442YNRJDGQ3N
Request Chain 329
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3958530015422089641&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 330
  • https://match.adsrvr.org/track/cmf/openx?oxid=518a21fd-3b88-76ea-d5cd-08247c0afc37&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6a12ea9-0802-4401-b326-df459f51d8c6&ttd_puid=518a21fd-3b88-76ea-d5cd-08247c0afc37&gdpr=0&gdpr_consent=
Request Chain 331
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzeUVMCo8YUAAMm6LiMAAAAA
Request Chain 332
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Aa68nuPNZuBIks8ADsaW-xUuHM8AAAGDkRtvAQ
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGXwxKWBUZKXwY9G_P5alg8&google_cver=1
Request Chain 345
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dapx%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=apx&refUrl=&vid=45868378503075884366821446000V10&ovsid=5395455281270982228
Request Chain 346
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dopx%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3075884366821446000V10&type=opx&refUrl=&vid=45868378503075884366821446000V10&ovsid=99a64862-9088-4c0a-b682-764acee56eeb
Request Chain 347
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dmma%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=mma&refUrl=&vid=45868378503075884366821446000V10&ovsid=2d586337-9456-4200-87db-9d514c7b31d6
Request Chain 348
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dr1%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dr1%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D%5BRX_UUID%5D&cb=1664586838343 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3704468924 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c6a12ea9-0802-4401-b326-df459f51d8c6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004
Request Chain 349
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=dxu&refUrl=&vid=45868378503075884366821446000V10&ovsid=Re5EDc1x1OEr4O5
Request Chain 351
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96
Request Chain 352
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dzem%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=2J8WC6rcL5_pnsXlR3Cm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJSJI4FOQZWOJRUYNK7OBXHGWDMKIZUG3JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DKOBWHAZTOOBVGAZTANZVHA4DIMZWGY4DEMJUGQ3DAMBQKYYTAJTWONUWIPJTGA3TKOBYGQZTMNRYGIYTINBWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJSJI4FOQZWOJRUYNK7OBXHGWDMKIZUG3JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DKOBWHAZTOOBVGAZTANZVHA4DIMZWGY4DEMJUGQ3DAMBQKYYTAJTWONUWIPJTGA3TKOBYGQZTMNRYGIYTINBWGAYDAVRRGA
Request Chain 355
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6a12ea9-0802-4401-b326-df459f51d8c6
Request Chain 357
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/HR6Jgn4qsdcjCIkk0cistw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4219349577304337726
Request Chain 358
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HPk7ptGbRhq7wcXFykBiKQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HPk7ptGbRhq7wcXFykBiKQ
Request Chain 359
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8P80RCH-J-KIWN
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHn7SkjO2ICikmVmnxgUmuc&google_cver=1
Request Chain 361
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQODBSQ0gtSi1LSVdO
Request Chain 362
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6a12ea9-0802-4401-b326-df459f51d8c6&gdpr=0&gdpr_consent=&expires=30
Request Chain 364
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2M3YmRhYjkzNWJjOTNjMWE0MGViNGYwY2M3YTRkODg2ZGU5ZWQzNQ
Request Chain 373
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8P80RCH-J-KIWN&gdpr=0&us_privacy=1YN-
Request Chain 374
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5395455281270982228
Request Chain 375
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Request Chain 376
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
Request Chain 378
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1664586838343 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=696867815 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c6a12ea9-0802-4401-b326-df459f51d8c6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004
Request Chain 381
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F2997%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D955dcabf-9295-4566-a613-1ea5d3830624%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/2997?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=955dcabf-9295-4566-a613-1ea5d3830624&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=5395455281270982228
Request Chain 382
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A
Request Chain 383
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMTNmNTAzZC1iYTc5LTNmYzktOGY4Zi03OGU3YjIyOWNiNzcqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMDEzZjUwM2QtYmE3OS0zZmM5LThmOGYtNzhlN2IyMjljYjc3MgESOAE=
Request Chain 384
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A
Request Chain 385
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6a12ea9-0802-4401-b326-df459f51d8c6&expiration=1667178838&gdpr=0&gdpr_consent=
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE2uDi9piVLW6huH_z5VE24&google_cver=1
Request Chain 389
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3958530015422089641
Request Chain 390
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=e912d065-1c79-967a-9863c063
Request Chain 392
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc8e6337-9456-4200-9cde-6c4d6760c400
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE2uDi9piVLW6huH_z5VE24&google_cver=1
Request Chain 399
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5395455281270982228
Request Chain 400
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3958530015422089641
Request Chain 404
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=c6a12ea9-0802-4401-b326-df459f51d8c6&gdpr=0&gdpr_consent=

429 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
www.bg3.co/a/ 		58 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7d9e178f64b1fefcd3b22e04e951b374db2cdd9cabff6ffade1038c6f37fd25a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 01 Oct 2022 01:13:47 GMT
ETag
"e9cc-6mkpZ1S3KO40zqGvr5wEzLdAxzg"
Expires
Sat, 01 Oct 2022 02:13:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 01:13:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72501
x-xss-protection
0
server
sffe
etag
"b0a9bc3cc165f0cd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 01:13:48 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
1ece948d98c5e739c54ec068ea618b60e9649127a30091b85ad155b63ce934e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 01:13:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"b2cba6000b3c8a65"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 01:13:48 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 01:13:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7571
x-xss-protection
0
server
sffe
etag
"87d590c66fd5781f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 01:13:48 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 01:13:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31967
x-xss-protection
0
server
sffe
etag
"dfda97fe2a1b5ffc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 01:13:48 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:48 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QS%2BgdS6vmZBp%2FrLD0RzpgXt%2FvQvZ2vu%2BbndPMc4EQ2Sm2kETqNOitG0HZSGYUdvvgcZoGI9Lqc%2BwUFXEfKHtdSF9zzwmrKOrI%2F8Sg2UaotcoUgGzuixZTi7Yr4f2McWjzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7531567ecabfa898-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 01:13:48 GMT
content-encoding
br
last-modified
Fri, 30 Sep 2022 07:00:34 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-length
9571
expires
Sat, 01 Oct 2022 02:13:48 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
c0eef3f02520787922a61b1cf8b5144068461152c524d4f1a34531df210d3987

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 01:13:48 GMT
content-encoding
br
last-modified
Fri, 30 Sep 2022 18:03:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
x-cf-geodata
AU
content-length
105270
expires
Sat, 01 Oct 2022 02:13:48 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:48 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1664586828.dop037.la3.t,1664586828.cds201.la3.hn,1664586828.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
aa966408d166f1316889f2b230ee921f.jpg
static.bg3.co/imgs/202105/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/aa966408d166f1316889f2b230ee921f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2c46e3668e6cd22cd4abbf6ea68b87d62f199a6379ee28641dc55af620a643

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:38:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"AA966408D166F1316889F2B230EE921F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WD0KU%2FSF%2B3mKzIK3YmK06fWhj80rzlEc9kXgEgTL1MidIsG9n6qtkIEAPnmdcTwf%2FUaAJY6JP0qrSCbosX12gQwuq%2FFCj1975U74VzdHe%2FOpcdX5wQM6eze73W2Mek%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156803dbba894-SYD
content-length
87117
expires
Sat, 08 Oct 2022 01:13:49 GMT
991a05d005cc5b0e33cc4785ce51c28e.jpg
static.bg3.co/imgs/202105/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/991a05d005cc5b0e33cc4785ce51c28e.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed901d75311cc889034ef4ae95dd40c1cc35b5f11bfb8ca654ab70fb56f786ca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:38:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"991A05D005CC5B0E33CC4785CE51C28E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLYQF%2BNVlnNXalPaWFG1RN9o%2B0dmslZ3edc6yOsLtu9E5XO3GZ%2Bq8W5UQcpyQ2vMt9F%2FPEGXR7f%2B%2Bz%2FqBDY210y90jBmzBfR%2FTLmgjM2SEMLRGiorG6wq9tY4DPWans%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156803dbda894-SYD
content-length
89022
expires
Sat, 08 Oct 2022 01:13:49 GMT
57d6a63c8effcbb63833457ba7172d23.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/57d6a63c8effcbb63833457ba7172d23.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf91b096068036c98f1b7792e0aaccb98820c3f73c3fbb14443ce84a2f80c8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 11:30:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57D6A63C8EFFCBB63833457BA7172D23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FqaokNCOZ3JfasfE9JSPVJqCPdikBtVsMS6Uici4ilgjvsv16lbmXgeDlzfFV0iyiO127G25aLKtfUzJoFw0WRzXuLjJxUc3BpHJGoTBmQ3NAiNPf1yTY%2Fcp%2FRqj8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156803dc0a894-SYD
content-length
7442
expires
Sat, 08 Oct 2022 01:13:49 GMT
0d1062ed05bb7cb93deb8ebba3c16a47.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0d1062ed05bb7cb93deb8ebba3c16a47.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ac039b287b2cabdac124621645ffd2d2437c638881ed2c403f10cd40715fc5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 09:42:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0D1062ED05BB7CB93DEB8EBBA3C16A47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsdLf40Gtg%2FNfCC44paZlPTKeEEWcI3bVrCOj9qknhzQLUCFeFaJIa2P7S2DVXIH25DlpFfAaDBQDtbiCxq%2F0dUdEKrFCtzuDTWRpTIpbYtYjQE3SK%2Bku8DlV%2BhbTRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156803dbea894-SYD
content-length
7350
expires
Sat, 08 Oct 2022 01:13:49 GMT
b8d17c9d52dcfc694f876eb175698d39.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b8d17c9d52dcfc694f876eb175698d39.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e1fbf912c7b086e2fe8e3dd88eb1b7193f79b032a66d15825826b435dd80e7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 08:29:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B8D17C9D52DCFC694F876EB175698D39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFv7q5pVAxtvoChKjIB%2Bqp5PnVwtO0vUkp9te3pKNV4iOCydGQwJoGle5aqYWW1FiIy%2Fg1ifW7bHC%2BDYrsRrwY4oopy0pXh4scySjwnVBNt%2B60vfGBZoBQkvV%2BiVpC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce41a894-SYD
content-length
8271
expires
Sat, 08 Oct 2022 01:13:49 GMT
c8b1362fe38629d5010d4a054098b4fb.jpg
static.bg3.co/imgs/202106/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c8b1362fe38629d5010d4a054098b4fb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7773de834a0e52fac022fa6f4ea8de866e281c8ed8a49de41bd4c961d6c0b5d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 00:51:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"C8B1362FE38629D5010D4A054098B4FB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3RPZeH93H7kuD9%2BbIfv9d7qvv%2FWcrI20Xzo9xjcwfVUTGRbf5eHz0F7rZuTXxP6ufpfEtu6Tt6fPP%2Fsnb5l8haggAJLuHw1oHgKaaq%2BM6DWXvPe9SzYhiP1EiazOFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156803dbfa894-SYD
content-length
6434
expires
Sat, 08 Oct 2022 01:13:49 GMT
36a7a4ead3d2feb7e532eda8668ffa8f.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/36a7a4ead3d2feb7e532eda8668ffa8f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c399e642e5e066b2fdeacc5b919a3c6d9fa667abb34cc20cc4aec91593f4c20

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 17:02:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"36A7A4EAD3D2FEB7E532EDA8668FFA8F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nS%2Bbw42Ra%2BER%2BEtru%2FOPvH3bjLDivEHRphm%2FAZaEc5UH7qAuJCs2EoWmkdo%2BG3AxFgtMWukWPGy%2BU3K8D24joYiaNFjjdGNSvrElEPW0yNHw5qzNimikDpiCxRTWk48%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156803db9a894-SYD
content-length
5457
expires
Sat, 08 Oct 2022 01:13:49 GMT
560a0593fbe8f62b24b3d164244a7387.jpg
static.bg3.co/imgs/202105/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/560a0593fbe8f62b24b3d164244a7387.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeda47a7454e9e8fe55f17393756a654ba7f211b5266adf06cf3a0f5c577b2be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 12:08:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"560A0593FBE8F62B24B3D164244A7387"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djMrocqcb7A50QJBSZllLdiuPhyAlc7uU2bHwQmO34bz%2B6NChDE4zRQuIZFY4HP1Zkhv2NHTHCb%2FKLrNmqfQmtF3QTdQbcTBLjTMN3YkVHoLY3tVkqUyDdm2%2BMeJA3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156803db7a894-SYD
content-length
10181
expires
Sat, 08 Oct 2022 01:13:49 GMT
9f8074a4a9ad53563e2e19e3c702efb0.jpg
static.bg3.co/imgs/202203/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/9f8074a4a9ad53563e2e19e3c702efb0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6820594319b3750f83c18f1eefa78ad6421d6795f95a596ea53151abeeba1407

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 04:47:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9F8074A4A9AD53563E2E19E3C702EFB0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmYfguLoa5YyUwKfO2R9XXEZQFoyzuGbltxrL5pUn4mbO6QIeERDgqkVDleePwTWIyIa%2B2KvD6N2G5A%2BceB0kbDlMvxDkFEI8EDBIR2et8RO%2FXnsuyx2sp0vuxcmGSI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156803dbaa894-SYD
content-length
5882
expires
Sat, 08 Oct 2022 01:13:49 GMT
f1d3d521de80f86024887e4bfb6680e2.jpg
static.bg3.co/imgs/202105/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f1d3d521de80f86024887e4bfb6680e2.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdfc2ff54ed3cfa7a34be2c2fb1fb9b434bf52a0e9bfec46f3aeca36aaf7e4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F1D3D521DE80F86024887E4BFB6680E2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmXIvUlfyF%2FuX2D3wnuEsESNzaN5KkQ3MIO7Rd8TXH3lEjYv0locWc%2B6ChMzFwZFQR5rASHZvr5aOUESGj0bRiRCCpfZXOiGDH%2Bzz4nRC9Pyyfe%2Bhl8lY2esaAXyKIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce43a894-SYD
content-length
76961
expires
Sat, 08 Oct 2022 01:13:49 GMT
155c777887812e6b62446b21171a9a12.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/155c777887812e6b62446b21171a9a12.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb324446770132841bd9d5d4ea7739429e90f8a76309b8f151f68fb9954a365

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 14:43:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"155C777887812E6B62446B21171A9A12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZANvDsmesiQafg0YHYqU3R%2Frs2Ou%2BOyXu0HOv842J1l5LMmuRuUquCgL0RIFTmNEQAd%2FN8iWb5oLuvWKXTR80%2FgaWR8kNk0HTxCOlDcVrnZsg5ZEXn59XKMSjsIqDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce44a894-SYD
content-length
7885
expires
Sat, 08 Oct 2022 01:13:49 GMT
e9aeadc7e8ee483dae750504c106322b.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e9aeadc7e8ee483dae750504c106322b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9beb8ed84797cade60b4466f6b1f0de9e9960009ac2bd69738b754b4611dd7b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 03:40:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E9AEADC7E8EE483DAE750504C106322B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h12TwX0RP6GHYJNS0pSYN0tkj44JiUJboT9nsC4F5M4D1W1%2FBRUVFxkjw6PZm4GMLfNq1%2Bq4I2K2wh3IckR2Kn2%2BAointDBce5rv7vdYas276bz05adYdYreB3lO%2FD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce45a894-SYD
content-length
5154
expires
Sat, 08 Oct 2022 01:13:49 GMT
03896d0fb1d6a9e201dd4421edaea3cb.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/03896d0fb1d6a9e201dd4421edaea3cb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
105dfec55f0198ea8326813e28e6508e516068dffc86b16286a048e11b9fc875

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 01:44:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"03896D0FB1D6A9E201DD4421EDAEA3CB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cOUbtZ%2BYzyLqkzOO63iSzLm35qANh3lWqArZHO3PpeSofAEBdp9q8QDE1Q7Mau7F1V16nN4X42QS0IPknrE6q%2FAgDY7S8daAkL9GMqekgGDri47KbtWQS5kE7FqWDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce47a894-SYD
content-length
5416
expires
Sat, 08 Oct 2022 01:13:49 GMT
db6da0683aa8c2b226017aad7406a135.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/db6da0683aa8c2b226017aad7406a135.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bffdbf4ab69b451ba0e7cec630a0ae243e96a8e2b8279adf51190828a03586dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 10:01:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"DB6DA0683AA8C2B226017AAD7406A135"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRc%2B2u6lsgSpyC%2BG2brHniILJKYAePB6lFGujk%2BlfSyLZgKZtlQKcAevoAarAKgmdEVj%2F3NtuHHSrtIplPRdY5H9m6hade6kkYV3xz1XwHcT7TTERS0lhwC%2BQMIjpRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce49a894-SYD
content-length
6300
expires
Sat, 08 Oct 2022 01:13:49 GMT
2357f840069635e3a169d7dde9c99640.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2357f840069635e3a169d7dde9c99640.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e07846e20c292118f40e47f22d753246fed7577a03734430e63e394e32b2d73

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 02:51:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2357F840069635E3A169D7DDE9C99640"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lG93uWTLRhAW%2BiHONOvUOpjmA5yfFDtF7NnYJPkbco%2F1673A7RigFI0b7%2BPycZlK%2Fm4HMlWy5OdKdv1ddqfFR36Vjt1nJjniT%2F0FII%2B2who8jWYrPBc6jIkJGrcvW0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce4ba894-SYD
content-length
8795
expires
Sat, 08 Oct 2022 01:13:49 GMT
8c418395191395147a50ad7e2fc48a41.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8c418395191395147a50ad7e2fc48a41.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c10c474ae58019d4fa3f3f656a3832dc7f5a76a23fa54e3db624f71397c967

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 04:46:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8C418395191395147A50AD7E2FC48A41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6h0Ki4BRX38PaTZnaPgcVpewkKX2gcwv1E7Fcrhf%2FIXqHXOoHgZkt%2FqG0LmGh7hiSIIK6w4p0fNXPmOsAr1U0QNARQwo4CwwJchuI7EGU1MyLpYARJK34Hm7OxEa6YA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce4ca894-SYD
content-length
8538
expires
Sat, 08 Oct 2022 01:13:49 GMT
ffd383e1999ea574903aee5e398a96ee.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ffd383e1999ea574903aee5e398a96ee.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73053445bfdbc1c2d26de543df0e97f6465e888413aa2649d506edfbfb6a7bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 00:49:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"FFD383E1999EA574903AEE5E398A96EE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjlSpwHTy8EvTOaAuu52aaJuxDef26CuhQKf%2B9ICqmYFyq4yKup0yNB%2BcIHi8jeVAH0y1KY7g8LHDtN4PAh8CgztKbPZnnsgfWHH0LV3ZZozO7e4P3Im%2B2IZa0qnE34%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce4da894-SYD
content-length
6423
expires
Sat, 08 Oct 2022 01:13:49 GMT
e6bb4f506b2c7275b09199d85dfa50b8.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e6bb4f506b2c7275b09199d85dfa50b8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad9dff0acf2b68fd47990c0df60b42a7d99c0a230d6934313c2fbf8c3d8eca2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 04:35:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E6BB4F506B2C7275B09199D85DFA50B8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLAc0%2BgdvbJQhBxN01nmXR3OA%2Bm1jdtatmE6ZzABxrb1B7okbh9%2FzAqFkNpINbdfOY8ruC%2BMh4Mot6WAM7yBX5V0Ll4%2FPJ14IO0oNjCrM71I0t2yQ7BK8ol3jqYcluY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce4ea894-SYD
content-length
9133
expires
Sat, 08 Oct 2022 01:13:49 GMT
bd14c88cb2511f61c5a887ed3b010194.jpg
static.bg3.co/imgs/202105/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/bd14c88cb2511f61c5a887ed3b010194.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d750371360f5fa8229bb73485b037be6e9932af014cfe2bcd21893d8b5aa176e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:38:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"BD14C88CB2511F61C5A887ED3B010194"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9spvx9mK0lK%2BwdQunNFfMfmBFNkz2kO80blSehjj3KCiC6xOWvYKAWMvnHQ43LtJCVXwXIBiUIFY%2B%2FgR7L6%2FV4RjjDHd3Ya1sXph%2BeY6xP25XkxCnz0JN5rCwfuYwlU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce4fa894-SYD
content-length
68476
expires
Sat, 08 Oct 2022 01:13:49 GMT
01e93eddcfefaa44ba74f6497d18d990.jpg
static.bg3.co/imgs/202105/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/01e93eddcfefaa44ba74f6497d18d990.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f54bd5d6e47d9a75c45b720553258f392a26162a23c8b7dcf0e5db94ce81f68a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:38:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"01E93EDDCFEFAA44BA74F6497D18D990"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuLgFGtbzrTkM10jEk1fUhyzzoH%2BFIk57aMSNCiomy3OeDMDp9FEKz1oD6ZYT%2BRWvq5nV5YWbakNxeGB1IoQ5e6HrakLewheuSx%2BxVMSpI%2Fxo9ocmsAsJ5hNga7Wolk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce50a894-SYD
content-length
26175
expires
Sat, 08 Oct 2022 01:13:49 GMT
00fb64a88b74904ec1b173eba25b3db4.jpg
static.bg3.co/imgs/202105/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/00fb64a88b74904ec1b173eba25b3db4.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9506584c0060db4aa48f821ebe5129c9b56e1e2dc05b84a4dbdbb8af9ca28506

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:38:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"00FB64A88B74904EC1B173EBA25B3DB4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVcipJ1r%2FAS1VDdwxhgc9dZ3XgDiOe6PB2UIEFh03ahOhQU94w58YtgDZM%2BPxX5%2B6nRqRmgSr6NzkQ49jDJwJxAleemm5RYJoOxGla9W%2Bq28lbcDsm%2FtD%2F5gb8lajTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce51a894-SYD
content-length
97129
expires
Sat, 08 Oct 2022 01:13:50 GMT
bdc5f090a762fbc3def10c8f17aa5228.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/bdc5f090a762fbc3def10c8f17aa5228.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b47834ed17c2f39e117d1e26eabf4a798d7e0d42ff65eb3b1a603c95d0e79d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 23:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"BDC5F090A762FBC3DEF10C8F17AA5228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PWDCJ835s24WFO7qdUinO0NyUX4AzqPmHwbf5VetJG2%2B08otaPgzrmz8VCP7k5nU1%2BCT1FJgbd0r9bR1AUercXpdT3PVX0frVTCmq8xs5GGfOdvpJ3JOvY5ffsCaTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce52a894-SYD
content-length
7999
expires
Sat, 08 Oct 2022 01:13:49 GMT
90bcc6372ff0a79ea693abc7fe64d758.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/90bcc6372ff0a79ea693abc7fe64d758.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75613ccb9158158babcdb6ba67a63ba0b8254dbe460492e95411aa11462d26e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 18:13:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"90BCC6372FF0A79EA693ABC7FE64D758"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWWdWv%2FoQCoOmfeN7ukcyQSkU9FEegi%2FhqnetrBPHtxIDgs73KyeF%2FFtYGYDPjU328NnBxfbRVA9p2FwU7EovSc1iri2mho86ctwL8UrroIOwE5APvwLCAG5pNJjXo4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce53a894-SYD
content-length
4036
expires
Sat, 08 Oct 2022 01:13:49 GMT
b2336a19ff257cc56794b36f1e2a3844.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b2336a19ff257cc56794b36f1e2a3844.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa2b98f3aa31cdd0ad7a6b838975c84d95ba3b414228a7ce7348c64d6f18e0c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 05:21:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B2336A19FF257CC56794B36F1E2A3844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7vrmhFY71yA2vvRfiQBPjm4mHBKJZndtcipH2cQN6ESA%2FnxL3Jsu%2FaZb3PbZOUL9mEs2LlcGOP8%2B1t7PkrPtzbvRJztoRJUqZF9M7P5dFi5d%2FFcuJKvxQkmt6vhrmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce54a894-SYD
content-length
7738
expires
Sat, 08 Oct 2022 01:13:49 GMT
64050f70c3aa81e0ea4349f182141212.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/64050f70c3aa81e0ea4349f182141212.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e67ce92482cbdfbdb9acdae82684b562ff30e11242b8dcc6d20b0d7bf3cf306

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 04:48:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64050F70C3AA81E0EA4349F182141212"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Fs3BaOXd8p0ZtaoK4tetmkoMv%2BO4cEfuv9IHBPkrl9iXKpBwv3C2YctmpDVXbFVRqRbk2W6%2BrTNRF8BTBUKqfUD2PPml5qwCDh6vesxXWG%2FthZUSPYAZvyMFilYtWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce55a894-SYD
content-length
8497
expires
Sat, 08 Oct 2022 01:13:49 GMT
5ee4ea6653903a4af1a96798a0680eb0.jpg
static.bg3.co/imgs/202106/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/5ee4ea6653903a4af1a96798a0680eb0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b12b30d12f8ae9c31940170e5c34aa19cc5b13bbe936bd0faeca60451da5af2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 18:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5EE4EA6653903A4AF1A96798A0680EB0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfUmRuowWUy6MhDHj5C1ntuQ%2BVGEW7MWct20APfc0hsqO8664YfcyIjjQ34zJ%2FS%2F8u8f6z%2F%2Fi000qab4BBO8yfWEtLsnbiFtVtn7FHYQFcE1nEOLUFLI6R8KHOsmutc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75315680ce56a894-SYD
content-length
9765
expires
Sat, 08 Oct 2022 01:13:49 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:41 GMT
age
7028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2980
x-xss-protection
0
server
sffe
etag
"ac16e77745c88a40"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:41 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:17:20 GMT
age
6989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3844
x-xss-protection
0
server
sffe
etag
"02cbbdb857ad171c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:17:20 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
6e64a4894f14fab865296b82dd97d4d3ea3bcec78b5378d9b9ef57f5515948d8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 02:18:12 GMT
age
82537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23032
x-xss-protection
0
server
sffe
etag
"17406dee48d4bcdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 02:18:12 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
976 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
bd268d75b1713c916d922c2b680c1abc348afeb111991f07817c635c3e48bda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
527
x-xss-protection
0
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:48 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1664586828.dop037.la3.t,1664586828.cds201.la3.hn,1664586828.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5367
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXtodt8p134D62%2FmDxjoOmGJl2hSJVjLaTyNXTyPQyaRQSnHC2v1woDP6hOlfistyOv%2BCHbmTPudQw94vScCWPdmnES7Zqb9r7JZwScvouH9YhGkVsLUDv886UIgNx4dwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
753156801bf0a898-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
4121e8b4569677503b4c4065a4441af103da3df76b21c0c56bf8d6fd002bf243

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:49 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
4121e8b4569677503b4c4065a4441af103da3df76b21c0c56bf8d6fd002bf243

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:49 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.09334955373510567&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:49 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.35944525044086495&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:49 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a96ad4768f32ec875b5e6d4ff9e5107eb19401974d337d1ff79e8da9f435f446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 02:18:12 GMT
age
82537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10253
x-xss-protection
0
server
sffe
etag
"76108468fe259c2d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 02:18:12 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1664586829335
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 01:13:49 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Sat, 01 Oct 2022 02:13:49 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
c4b064035d7575f4bec0fd5729fa76ed3aa06324415dffb767812d0b815e0b34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:22:44 GMT
age
6665
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57872
x-xss-protection
0
server
sffe
etag
"9dc55ff1bd63fdb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:22:44 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
94168
expires
Sun, 01 Oct 2023 01:13:50 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=9
accept-ranges
bytes
content-length
317
expires
Sun, 01 Oct 2023 01:13:50 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
17440
expires
Sat, 01 Oct 2022 02:13:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
88455c9e51c8fdd216db8cfa62f5179eaac2c25076b277ca98fc5a18f59493c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27689
x-xss-protection
0
server
sffe
etag
"1350 / 747 of 1000 / last-modified: 1664575501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Oct 2022 01:13:50 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7118 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
255a1f5cb4c7fd223e47b213c53235491c8aff972bb805b5fa3888b68d90217b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38080
x-xss-protection
0
server
cafe
etag
9964250415634024473
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 01:13:50 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 203A 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
aad7a80ebe40ec04b92a50243556bb837d304deedfafd250cda05e40dd966377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
server
cafe
etag
3200081708087367365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 01:13:50 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQ1ODY4Mjk2NzksInBhY2tldElkIjoiMDAwMEE3MDEtMWNlNzMxMTYtMjk2Yy00NWJiLTk5YjEtZTJiMDU4NGIwODVlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXJvdS1zb3UtdGlhby13ZW4temhlbmctbWVpLWppbmcteGllLW1pLXNoaS1zaGFuZy1qaWUtYnUtbmVuZy1zaHVvLWRlLXhpYW4tc2hvdS1taS1qaS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=3790
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQ1ODY4Mjk2ODAsInBhY2tldElkIjoiMDAwMEE3MDEtMWNlNzMxMTYtMjk2Yy00NWJiLTk5YjEtZTJiMDU4NGIwODVlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXJvdS1zb3UtdGlhby13ZW4temhlbmctbWVpLWppbmcteGllLW1pLXNoaS1zaGFuZy1qaWUtYnUtbmVuZy1zaHVvLWRlLXhpYW4tc2hvdS1taS1qaS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=3790.600000023842
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ1ODY4Mjk2ODAsInBhY2tldElkIjoiMDAwMEE3MDEtMWNlNzMxMTYtMjk2Yy00NWJiLTk5YjEtZTJiMDU4NGIwODVlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXJvdS1zb3UtdGlhby13ZW4temhlbmctbWVpLWppbmcteGllLW1pLXNoaS1zaGFuZy1qaWUtYnUtbmVuZy1zaHVvLWRlLXhpYW4tc2hvdS1taS1qaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=3790.899999976158
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ1ODY4Mjk2ODQsInBhY2tldElkIjoiMDAwMEE3MDEtMWNlNzMxMTYtMjk2Yy00NWJiLTk5YjEtZTJiMDU4NGIwODVlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXJvdS1zb3UtdGlhby13ZW4temhlbmctbWVpLWppbmcteGllLW1pLXNoaS1zaGFuZy1qaWUtYnUtbmVuZy1zaHVvLWRlLXhpYW4tc2hvdS1taS1qaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=3795.2999999523163
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ1ODY4Mjk2ODcsInBhY2tldElkIjoiMDAwMEE3MDEtMWNlNzMxMTYtMjk2Yy00NWJiLTk5YjEtZTJiMDU4NGIwODVlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXJvdS1zb3UtdGlhby13ZW4temhlbmctbWVpLWppbmcteGllLW1pLXNoaS1zaGFuZy1qaWUtYnUtbmVuZy1zaHVvLWRlLXhpYW4tc2hvdS1taS1qaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=3797.899999976158
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gtag.json
cdn.ampproject.org/rtv/012209142312000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:23 GMT
age
7046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"4d194710e2f2f90c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:23 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-24636870792853334319.ampproject.net/2209142312000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-24636870792853334319.ampproject.net/2209142312000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame E086 		714 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
753156868fe8aad8-SYD
content-encoding
br
content-type
text/html
date
Sat, 01 Oct 2022 01:13:49 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2jL9OC5qMZjeTqMUfg1hbPexXiFpcNldscu%2FKg7Tb%2BybrX3xOHwf7upWHWYFMqDTA0w0qO%2BTqFtIl2jqODdVOo6iyYCAuen9AYCLWkdpSywOIFJOekGdfs7HljjvSVcZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:49 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E086 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
88455c9e51c8fdd216db8cfa62f5179eaac2c25076b277ca98fc5a18f59493c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27689
x-xss-protection
0
server
sffe
etag
"1350 / 444 of 1000 / last-modified: 1664575501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Oct 2022 01:13:50 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 01E6 		714 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7531568748f4aad8-SYD
content-encoding
br
content-type
text/html
date
Sat, 01 Oct 2022 01:13:49 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WB%2Bntz%2FJOEocP%2FKavUDb%2FSSZHJlIzT%2FY9r0J5csoI1p2C8rYj7bOwraYQoreoLA0KEaTJtedH04rQ62TU8KerzAd3buL%2FL2rXYQb%2F80%2FuPtRtt5zgW2u9Nv1ZNlA2waEKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 01E6 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
88455c9e51c8fdd216db8cfa62f5179eaac2c25076b277ca98fc5a18f59493c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27689
x-xss-protection
0
server
sffe
etag
"1350 / 465 of 1000 / last-modified: 1664575501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Oct 2022 01:13:50 GMT
pubads_impl_2022092701.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131011
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:38:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Sep 2023 10:41:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 01 Oct 2022 01:13:50 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%B6%B2%E5%8F%8B%E8%82%89%E6%90%9C%E3%80%8C%E6%A2%9D%E7%B4%8B%E6%AD%A3%E5%A6%B9%E3%80%8D%E3%80%80%E7%AB%9F%E6%B3%84%E5%AF%86%E6%99%82%E5%B0%9A%E7%95%8C%E4%B8%8D%E8%83%BD%E8%AA%AA%E7%9A%84%E9%A1%AF%E7%98%A6%E7%A7%98%E6%8A%80%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-KMocftX73XaSzkGdL3TqTQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.8770584312256748&gjid=0.2057215760509541&_r=1&a=222&z=0.6755431261203952&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/ Frame 203A 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
6cd20faa6b79076a112723c1b80050c940ed0a9cfecc3e7211f859da4cde13ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125814
x-xss-protection
0
server
cafe
etag
5440943545557203148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 01:13:50 GMT
pubads_impl_2022092701.js
securepubads.g.doubleclick.net/gpt/ Frame E086 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131011
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:38:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Sep 2023 10:41:49 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ Frame 7118 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
b34ca125b103667aef16c2cee63d626f7447b963dfd0bf2ef2e14ecd397a4e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125660
x-xss-protection
0
server
cafe
etag
11533086463324847965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 01:13:50 GMT
pubads_impl_2022092701.js
securepubads.g.doubleclick.net/gpt/ Frame 01E6 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131011
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:38:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Sep 2023 10:41:49 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F77C 		603 B
626 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-818600253368092350&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3086&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=733000222&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&ga_hid=222&dt=1664586830072&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&bdt=2539&dtd=279&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:51 GMT
expires
Sat, 01 Oct 2022 01:13:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221001
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bca3139bc826b63a52c2f28b1650324d5ec1d09b38e90570c74f94ae87de9a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36765
x-jsd-version
1.0.1479
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4541-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-Do8HjAt3pxrrXCdwF7oD/629uEM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42i%2FXrsG3KnHd4uB5ZDFzvX8oDflo1EQ1pHF3nSp40ZBhY8o4zUTJXO6hiOMt7%2FEGQQfKd7bPgxSCICIKE16Y3lZol9w3oyelYiIuZWVf%2BgLxMN2LcZ9eqe0cJ1RSwTGUjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7531568cdc13a86b-SYD
prebid
prebid.media.net/rtb/ 		1 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b8d3f26bd33f85365bc9971e562b95eca5e66fdf72e50ddd3a8209c5e59a1dc4

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
115
alt-svc
clear
arj
adpushup-d.openx.net/w/1.0/ 		173 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1d122567-534f-4ca4-840c-71cf3b42ee3e%2C24b0c0eb-af7a-4d6d-8409-a4db1b6ea71b%2Cc2d4aebb-48f2-4706-9e97-1af2b9d358cf&nocache=1664586830627&pubcid=82261ea4-920f-491d-8f1b-c0cc182dcfca&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d105a42bdc4d4365aeee2ff0486a77329b5922039d4ffd4b9c893a0f0848ae2c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5366b692-3237-4d30-9b44-fbd34d5c2816&nocache=1664586830628&pubcid=82261ea4-920f-491d-8f1b-c0cc182dcfca&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7775e94e-f372-4785-b603-f0c5a3a092bc&nocache=1664586830628&pubcid=82261ea4-920f-491d-8f1b-c0cc182dcfca&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c0d4f559-72ef-4eea-8537-9e78b260ab4b&nocache=1664586830628&pubcid=82261ea4-920f-491d-8f1b-c0cc182dcfca&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:50 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=70171524896
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.253.200 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-253-200.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:51 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.61.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4992a548b2d961eda56b7a94690bd49f28c0909fd56b6af88439160f006d035b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.61.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
8d0b211d66fb806fa7eff17d03d6bc0ec896c8c19d1ab027adadd17b97e2c7e4

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=82261ea4-920f-491d-8f1b-c0cc182dcfca%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=a9a8cd09-c860-4306-b66f-9b5a95c689f5%3Ba6f15822-d4c7-450d-8667-3046c15ed944%3Bb488ba4c-4b7a-48a4-b6dc-5152d3920965&l_pb_bid_id=33ba1e196b180ce%3B34f8bb09bd18eff%3B35941bcfad7dfc2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.26804624663825116
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fbae8e5eb621267aaae37902746797edd6a1133e2cb534ff44aeb54effb94ce3

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:51 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bg3.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
7597
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.119.72 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-119-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 01 Oct 2022 01:13:52 GMT
cygnus
htlb.casalemedia.com/ 		37 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224025237268c145c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22475de53b5be536f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22508259d460b0769%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2251ec62956c71f7b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2282261ea4-920f-491d-8f1b-c0cc182dcfca%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed23bbc0a746c300db678d655979ba127e089dc6162b8083a6f8c594ba61ec14

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6MYiye%2Fu7sW%2B%2FOUppda3wDfI19eBk75%2FVzAezUyl3ITaQ32LksYO2eZ3sUbDgLuNHWIldHCBlIcWJ%2BQvskI2ey7d35t5HI4cbqPlf0wPOlf%2Fv3g5ZxlXxjH4xl5k7hK6c%2FlCNy8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7531568d2d07558d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%224025237268c145c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22508259d460b0769%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2251ec62956c71f7b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2282261ea4-920f-491d-8f1b-c0cc182dcfca%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed23bbc0a746c300db678d655979ba127e089dc6162b8083a6f8c594ba61ec14

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuJb%2BVUxT3OB9Z9ONDZuzWT5nlYhJVKbd3akVQaU8ZmRfJ7jXeB2IwIr3F8MHa7Kd1cXck0k6QrbBFLdz0hekBv7BQrrArQL%2F24D0LbnTEBS3LbUXS6swb3EPig2K8YNlRzuMTsq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7531568d2d09558d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		584 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
695c709cc50ce4a30f0114e518941b6ff081ef7b9a87bfc49d8c9cbe125478d7

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 01:13:50 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
148
content-length
301
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.101.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-101-164.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
107
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
adreq
ads.servenobid.com/ 		704 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=479
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
48a7d4e90449311d990c5d7ad6669211dd384f7d1884494702413e07efd494d8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.57.6 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
6.57.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a1b41d1a4299cb01fcbe4b52ea2548b7a84e09b48ec5de3313ff2f53f67fa15

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 Oct 2022 01:13:51 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
ib.adnxs.com/ut/v3/ 		33 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
af2bc5fe991e99dc833c79f4a643f6d8d07f74e2ca88fd19c1a7a3cbc00f8b9f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 Oct 2022 01:13:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.22; 173.245.209.22; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2679ad2f-f18b-4883-84b4-5c6bee4e59d3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
etag
"+b0B6ncQDCugPb96DWf2QA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 08 Oct 2022 01:13:51 GMT
integrator.js
adservice.google.com.au/adsid/ Frame E086 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E086 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E086 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2171895363441964&correlator=223395686996664&eid=31068501%2C31069634%2C31069837&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664586831243&lmt=1644386353&dlt=1664586829910&idt=1310&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=c05y9a905fje&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1098204648.1664586831&ga_sid=1664586831&ga_hid=1391846567&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1d3e8aa035ec1fe93a87d4a9144274d726425cee4f3c699953733959d27b70ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2f80241080ab424386abcb6f7a118447.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF80 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2f80241080ab424386abcb6f7a118447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:51 GMT
expires
Sun, 01 Oct 2023 01:13:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 7118 		379 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ad7fb620c3cfde544312d98aea1ce014a23a3e97b94b38d869d3909ec56e9f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 7118 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7118 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 37B5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-126.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1599
content-length
673
content-type
text/html
date
Sat, 01 Oct 2022 01:01:24 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
x-amz-cf-id
6vCQ3ZCghE3uDVx6s8tIs_Rjw5AgqJCyY8ZlD7Ca3ONQqH2e_58g6A==
x-amz-cf-pop
SIN52-C3
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:51 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 203A 		379 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
28dd6bf4db55dd6e97b1c99a5653917c591a3659d31efc84627428ee0d151fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 203A 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 203A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 051E 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
3d7d803f2497ad4acdf038d55905827dcd676cb2f100eb98180371048d63228a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11754
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:51 GMT
expires
Sat, 01 Oct 2022 01:13:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 01E6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 01E6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 01E6 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1953301433462118&correlator=2364445629613054&eid=31069836%2C31069563&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664586831372&lmt=1644386353&dlt=1664586830025&idt=1339&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=w0dhcdwv0nps&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1631147187.1664586831&ga_sid=1664586831&ga_hid=1316728178&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
f8ffa69bd7aa899e6ecf70df46b31414e23af1442bf1a9d04fc074f88b04f3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d3351484448a30a57e9d9ce6d5718687.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42A6 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d3351484448a30a57e9d9ce6d5718687.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:51 GMT
expires
Sun, 01 Oct 2023 01:13:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-11.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:00:10 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
822
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
srqMCqlQN6tBueQ4PcIuvVvPbzgCx-u7TTJIOJBksiqOu1r6CmGpaQ==
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI0NzA2NjhfMTY2NDU4NjgzMTY2NCIsInVzZXJJZCI6Ijg3MDA4N18xNjY0NTg2ODMxNjY1Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNTI2MTMxXzE2NjQ1ODY4MzE2NjUiLCJwYWdlUGF0aCI6IiUyRmElMkZ3YW5nLXlvdS1yb3Utc291LXRpYW8td2VuLXpoZW5nLW1laS1qaW5nLXhpZS1taS1zaGktc2hhbmctamllLWJ1LW5lbmctc2h1by1kZS14aWFuLXNob3UtbWktamkuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZ3YW5nLXlvdS1yb3Utc291LXRpYW8td2VuLXpoZW5nLW1laS1qaW5nLXhpZS1taS1zaGktc2hhbmctamllLWJ1LW5lbmctc2h1by1kZS14aWFuLXNob3UtbWktamkuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjQ1ODY4MzE2NjV9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
server
nginx/1.14.0 (Ubuntu)
L2Evd2FuZy15b3Utcm91LXNvdS10aWFvLXdlbi16aGVuZy1tZWktamluZy14aWUtbWktc2hpLXNoYW5nLWppZS1idS1uZW5nLXNodW8tZGUteGlhbi1zaG91LW1pLWppLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2Evd2FuZy15b3Utcm91LXNvdS10aWFvLXdlbi16aGVuZy1tZWktamluZy14aWUtbWktc2hpLXNoYW5nLWppZS1idS1uZW5nLXNodW8tZGUteGlhbi1zaG91LW1pLWppLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 01:13:52 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=227
content-length
555
expires
Sat, 01 Oct 2022 02:13:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E086 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
510c4808927486dbb35a2e0f9ad5b3439e55b0ce97bf8142a6b2795b9228a825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11251
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame ECC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClgprT5Q3Y8HMG9-BvcAPwoqzuASr9MPSaPCfuq7JDMCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGu6bzIA8gBCagDAaoElwJP0B0QhDPYugK_1UiO-BhzLXxUViV6koujbEWZzZqsYs0bmrHnpe02Qqg3RKu0lUEQ52HF65bX-KGaOPKfg_XFoPZSYD8_jS5htzsCDIwCcK7Q1QBEpxQ57NmR3rFOGKxBNJB3P9xpw7xwat4XqL2pCqvtoGesv1yZZZW3xWPi1_ZA_4mANQlN5LpkEgjM09GzuO6-TrQsmogZZND641cWhM_FAT3g6WBmoUTGMoG00DuEdlXleETR9PiMbEJf_l_uplG_nC0N2KREqWkRRQnISWUTgHM2W6TAFZBFoZzz8_VyH2lSmmq2QRk5ZGCTCMiGwmLc2BF2_25_mUHZcLptL13N4_WV9OO_fVSG_hHvTdSkifDX8mCABvzN69bPhdyLjgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=zbbu-_jEeNg&uach_m=[UACH]&cid=CAQSGwCsnQUxxCZOCMlcrNOaLoi_yGXpufUZqpbMzxgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 01 Oct 2022 01:13:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 01 Oct 2022 01:13:51 GMT
doubleWin
win.eskimi.com/ Frame ECC0 		43 B
161 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://win.eskimi.com/doubleWin?eid=2&w=EiEKFll6ZVVUd0FJRGVBQ0QwaGRuUVladVEQAhjAre2IuTAYBCCAotfvCiit6_gNMRKDwMqhRcY_QbgehetRuJ4_SKTWqdlAUOaVh-wGWPDZCGDBxDpoAnDYnwKAAQaiARY0Xy03NTc0NTY4MzMyNjU0NjA1ODY3qQEUrkfhehTWP7IBCCACQgJhdUgBwgEgCAIQrev4DRjmlYfsBiABKIszMAU4CFjBxDpoAXABeALKASBmMzRlOTY5OTVkZGYzZmY1ZWIxYmZkZTEzOGNmZTI5Y9gB2f7xna-4we4Z&esc=false&spent=YzeUTwAG5kECD0DfAAzFQkazaBdjTilSGAdF6Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.27.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
style.css
dsp-media.eskimi.com/upload/rich-media-templates/dancing_3d/300x250/ Frame ECC0 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/upload/rich-media-templates/dancing_3d/300x250/style.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
10fa65fcd22b75fb88ca1984bf969187a18a30d31a35f33d23e920019f88976f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Jan 2023 08:54:16 GMT
date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
01/25/2022 08:54:16
cdn-pullzone
692289
last-modified
Tue, 18 Aug 2020 12:41:29 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"5f3bcc79-12c2"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
d9a174f3e4b74bb0620ba19d49f3561b
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
cap
dsp-trk.eskimi.com/ Frame ECC0 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/cap?id=4_-7574568332654605867&dc=4&tz=%2B10:00&sgid=17367198500&pid=1837222630&cid=142576&crid=959041
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
ad-choice.min.js
dsp-media.eskimi.com/assets/js/e/ Frame ECC0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
cbf3c064cae2cf267d7cc01cd279cf1adadc1387c3e542b387ac60a8a07bee7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 12:24:48 GMT
date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
01/26/2022 12:24:48
cdn-pullzone
692289
last-modified
Thu, 02 Sep 2021 14:37:16 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6130e19c-bfe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
15f2878d4c5603330b900b46e1bcdddf
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame ECC0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 00:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 00:53:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame ECC0 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 01:08:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECC0 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 01E6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
dde6d8d1faa1d4ed891757e2eb8aadba0c9033b8dc1cb76504800fe8fd68ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11177
x-xss-protection
0
pixel
pxl.qccerttest.com/ 		35 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1042255303;fpan=1;fpa=P0-1171770421-1664586832014;pbc=82261ea4-920f-491d-8f1b-c0cc182dcfca;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1664586832013;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-91.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 10:38:02 GMT
via
1.1 423016d18a128e118b016383665b6de8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN52-C3
age
52551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
A2jeA_ObWNXy8yQ96yQHhR2a9ww9Q4pXHhkBVK1Wc5QJkcNuTSDNeQ==
pixel;r=351778270;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html;uh=e51ed67dfb8d91dc24b...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=351778270;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1171770421-1664586832014;pbc=82261ea4-920f-491d-8f1b-c0cc182dcfca;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1664586832016;tzo=0;ogl=;ses=9b5cd39b-1c4c-4f5e-9401-f43e6c6c6931
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e16475c61cc9a928cb3263207942beefd55f46374bd1535daefa19e04b523071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75370
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 01 Oct 2022 01:13:52 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS93YW5nLXlvdS1yb3Utc291LXRpYW8td2VuLXpoZW5nLW1laS1qaW5nLXhpZS1taS1zaGktc2hhbmctamllLWJ1LW5lbmctc2h1by1kZS14aWFuLXNob3UtbWktamkuaHRtbCIsInRpbWUiOjE2NjQ1ODY4MzIxMDZ9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
server
nginx/1.14.0 (Ubuntu)
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E086 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:52 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 37B5 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
424696f0ab78c22764689a040af711a4af38eb834db3a5eef2ef5855b4cc924c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38075
x-xss-protection
0
server
cafe
etag
6161683498014584304
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 01:13:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 01E6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:52 GMT
adchoice_logo_15x15.png
dsp-media.eskimi.com/upload/wl/eskimi/ Frame ECC0 		293 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15.png?_=2.1.0.5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
d7a8e13b65622c665aff7562e5e47af2ade5b08398a3fecfeedc4a84544d40ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sat, 01 Oct 2022 01:13:52 GMT
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
01/26/2022 12:24:48
cdn-pullzone
692289
content-length
293
last-modified
Thu, 14 Nov 2019 13:40:34 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"5dcd5952-125"
content-type
image/png
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
f7717dfe760d29ef38914704111fa0a7
accept-ranges
bytes
cdn-requestcountrycode
AU
cdn-status
200
expires
Thu, 26 Jan 2023 12:24:48 GMT
utr.min.js
cdn-europe.eskimi.com/ Frame ECC0 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-europe.eskimi.com/utr.min.js?cId=142576&dmid=36824&trv=0&locid=0&sId=17367198500&src=utr&spt=CAIQrev4DRjmlYfsBiABKIszMAU4CFjBxDpoAXABeAI&pId=1837222630&bId=1664586831552.2.YzeUTwAIDeACD0hdnQYZuQ&crId=959041&vv=0&prb=6&dtid=2&trve=0&audid=0&baId=ead-79eae0caac0cfe90fcbefbeefa2dfd90&mr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.91.120 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d54880119f0b820d2bcda604d93b516f4f9da8284d3215230b63ab6d1dd2528

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2056
x-guploader-uploadid
ADPycduG2oJNKfMuxn_yC4W2QwTuk36npgQSQN5zgK-Jcmscqd7MmHh3bs1mbTtv3zxoowxQIdS1SALtFoc0Wi8iiI26pQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 06:38:16 GMT
server
cloudflare
etag
W/"9504c6c8eaed2c9675a8ff01255e9826"
vary
Accept-Encoding
x-goog-generation
1636439896715049
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=0FsiuA==, md5=lQTGyOrtLJZ1qP8BJV6YJg==
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKym%2BB6IorXtdVlJtdKhVFTiGH85T7eFUo42yCK%2Bb4Z1cyvShuf0dHg6IzBNGxrW7qOPf2U%2Fj6qF6fH5CZ2DL7b9BRziozXo5qNptHewnU%2BVcoGA0s4r%2FftLmVqzIGM4LUT4O0znFHQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
11112
cf-ray
75315698a8acaabb-SYD
expires
Sat, 01 Oct 2022 01:39:36 GMT
gtr.min.js
dsp-media.eskimi.com/assets/js/e/ Frame ECC0 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
9815c5028421996acaf760f85539642ed35bfdb7e2ca0f4a5411530accfb4689
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 12:24:53 GMT
date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
01/26/2022 12:24:53
cdn-pullzone
692289
last-modified
Mon, 20 Sep 2021 07:46:35 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61483c5b-12fb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
3c1a5cdbfcfa705223484144943c4744
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
83444_362354226_bc63acfa4953327e7d6991438e9cdabb.jpg
dsp-media.eskimi.com/upload/ Frame ECC0 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/83444_362354226_bc63acfa4953327e7d6991438e9cdabb.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
6c0d44dcb5a595e54d0f351449fc8cb2418f665c493826ee641e51e2cf17ea3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sat, 01 Oct 2022 01:13:52 GMT
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
09/30/2022 11:27:18
cdn-pullzone
692289
content-length
46954
last-modified
Thu, 29 Sep 2022 07:54:39 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"63354f3f-b76a"
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
11ed4c90442c4bf264174600bb47772f
accept-ranges
bytes
cdn-requestcountrycode
AU
cdn-status
200
expires
Sat, 30 Sep 2023 11:27:18 GMT
truncated
/ Frame ECC0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a98115040d6b2b895deac8a369a3c9fa8a4aa7ef5bc4be7e998f16721d16d65

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C269 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
139543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 10:28:09 GMT
expires
Fri, 29 Sep 2023 10:28:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0B21 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
GSE /
Resource Hash
93049f73e7f7cdaa21e85dad2d9417e23e196b1bb15dd6d434c1ad6bd4e6cbbb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3JtLoaH2SPCFII7Fv2Dy0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-3JtLoaH2SPCFII7Fv2Dy0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:53 GMT
expires
Sat, 01 Oct 2022 01:13:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ Frame 37B5 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js?bust=31069992
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
c8ea2216a60915c1a37a159a59223d0239efb8a09ea222483a2148a14f8cf1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125655
x-xss-protection
0
server
cafe
etag
14894652956825512879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 01:13:52 GMT
gtr
dsp-ap.eskimi.com/v2/ Frame ECC0 		807 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-ap.eskimi.com/v2/gtr?&t=1664586832698
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.11.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.11.120.34.bc.googleusercontent.com
Software
/
Resource Hash
fedd1601db33a9a7c15141d20a9328b0f6d35592cc1119d72ec9ee6afe8605a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://googleads.g.doubleclick.net
date
Sat, 01 Oct 2022 01:13:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
trv
dsp-trk.eskimi.com/ Frame ECC0 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?coId=&bId=1664586831552.2.YzeUTwAIDeACD0hdnQYZuQ&cId=142576&crId=959041&sId=17367198500&pId=1837222630&trve=0&trv=0&trvv=v2&dvt=&dvm=&locid=0&audid=0&prb=6&src=utr&spt=CAIQrev4DRjmlYfsBiABKIszMAU4CFjBxDpoAXABeAI&_=1664586832802
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
trv
dsp-trk.eskimi.com/ Frame ECC0 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?coId=&bId=1664586831552.2.YzeUTwAIDeACD0hdnQYZuQ&cId=142576&crId=959041&sId=17367198500&pId=1837222630&trve=1&trv=0&trvv=v2&dvt=&dvm=&locid=0&audid=0&prb=6&src=utr&spt=CAIQrev4DRjmlYfsBiABKIszMAU4CFjBxDpoAXABeAI&_=1664586832802
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
integrator.js
adservice.google.com.au/adsid/ Frame 37B5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js?bust=31069992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 37B5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js?bust=31069992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 06B0 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js?bust=31069992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58e5aebc942df4c15e649a1958379e4b8b2a12c35c064170edb1896e3fcba8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9948
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9s0&_p=222&cid=2133585900.1664586833&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664586832&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&dt=%E7%B6%B2%E5%8F%8B%E8%82%89%E6%90%9C%E3%80%8C%E6%A2%9D%E7%B4%8B%E6%AD%A3%E5%A6%B9%E3%80%8D%E3%80%80%E7%AB%9F%E6%B3%84%E5%AF%86%E6%99%82%E5%B0%9A%E7%95%8C%E4%B8%8D%E8%83%BD%E8%AA%AA%E7%9A%84%E9%A1%AF%E7%98%A6%E7%A7%98%E6%8A%80%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 82A3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
139544
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 10:28:09 GMT
expires
Fri, 29 Sep 2023 10:28:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 66D2 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
GSE /
Resource Hash
9494d0f1effb05a313aca309d797eb060a5a1c9fcf9ae7dc9abeafea20451732
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bfv2wYTKoyizP4ql4d2A6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-bfv2wYTKoyizP4ql4d2A6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:53 GMT
expires
Sat, 01 Oct 2022 01:13:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame C269 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:49:26 GMT
partner
sync.search.spotxchange.com/ Frame ECC0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8855&uid=b0aef428-3672-4ab0-bfd5-646b539f6d4f
  • https://sync.search.spotxchange.com/partner?adv_id=8855&uid=b0aef428-3672-4ab0-bfd5-646b539f6d4f&__user_check__=1&sync_id=50c7c4f0-4126-11ed-8f56-1e0b86f70507
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=8855&uid=b0aef428-3672-4ab0-bfd5-646b539f6d4f&__user_check__=1&sync_id=50c7c4f0-4126-11ed-8f56-1e0b86f70507
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
HTTP/1.1
Server
103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
44
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sat, 01 Oct 2022 01:13:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=8855&uid=b0aef428-3672-4ab0-bfd5-646b539f6d4f&__user_check__=1&sync_id=50c7c4f0-4126-11ed-8f56-1e0b86f70507
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
38
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame ECC0 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539901412&val=b0aef428-3672-4ab0-bfd5-646b539f6d4f&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
a4p.adpartner.pro/ssp/ Frame ECC0 		43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=27&user_id=b0aef428-3672-4ab0-bfd5-646b539f6d4f
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
last-modified
Sat, 01 Oct 2022 01:13:54 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
pixel
cm.g.doubleclick.net/ Frame ECC0 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=b0aef428-3672-4ab0-bfd5-646b539f6d4f
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame ECC0 		42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=b0aef428-3672-4ab0-bfd5-646b539f6d4f&expires=30
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
csync.loopme.me/ Frame ECC0 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=235&vt=b0aef428-3672-4ab0-bfd5-646b539f6d4f
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7531569ca91da94f-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync
x.bidswitch.net/ul_cb/ Frame ECC0
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=364&user_id=b0aef428-3672-4ab0-bfd5-646b539f6d4f&expires=30&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=b0aef428-3672-4ab0-bfd5-646b539f6d4f&expires=30&gdpr=0&gdpr_consent=
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=b0aef428-3672-4ab0-bfd5-646b539f6d4f&expires=30&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=b0aef428-3672-4ab0-bfd5-646b539f6d4f&expires=30&gdpr=0&gdpr_consent=
Date
Sat, 01 Oct 2022 01:13:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
s-cs.rmp.rakuten.com/ Frame ECC0 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-cs.rmp.rakuten.com/?d=23&uid=b0aef428-3672-4ab0-bfd5-646b539f6d4f
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.81.95.34.bc.googleusercontent.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 66D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=1953301433462118&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0B21 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=2171895363441964&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 82A3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:49:26 GMT
generate_204
tpc.googlesyndication.com/ Frame C269 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qgIl7g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 83C2 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOIkAEQ0_SyrAIYvt_g0wEwAQ&v=APEucNWaKnVFNcmFNi3hJf4bACFh491-VGnd29TXduykPyBq-NfiNlF4ogzUvFKAQSzBk95r0keUXtADvt8jC7kC-q_YQPiGwA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2C70 		69 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BA7Y81prYc0acB9vNg3jgCSBg0tZW-pTHceov2D69rM5F1erh2tVwSKD-88JWpQeomCN0EVOuRNFVEZB6_4Pi5qwpDspb2VVRghYym_kj27uA4agoh9hyUQRUMIrLVus33kd82XqoeP62RM39spqH-Vx80n0F01OxLf2fpKWGQq-8CJn0&cry=1&dbm_d=AKAmf-DSascJfQzjSWzq_RSoJs0gI6mqx_-alB2Qca6GWyyHhO9yURis2YzBkz5iQ9F7nVEcZcrCjCj83OjDcF5MB61DYWGAbCq6lZYy7nTobQHHGELCfbkostTurc0b4A-tXYMLI5a7LJOAnLPZkK60bUN3TAsUbXOcIQDLZNUCQtfatfJQNGhLNGm0K0Xu_QdH27y-B1VgUdy1AqzOvlMejNbvVTE7bLBL0wqGAefi9WS253ssnvfm8YJd4ZESY1xr9b8pPPDw7wrcapEQ5p2aLh8wgzJgzfZhoTz-HWhW5hKUvFFmAr0sfitc6GmW51PhjrYywOHKrtoOMv_WgX1FkQeBkd5qOBAM0D3NP4bZ_m_POrJuTTClE7Dh71zwuHnVy-YtVgAjc4oN5iGH-UCxDY6LBIY1FY0I9fI_flu4IEjEmIyjw5IVfA-w00a3Uc16uk7Xsh0b9WfkmREbeVD_sRucwxJVWOWTMfdl-E7PmSwiqPt7btnKFSYr46puR2oMGNBqVuHxZs7PyQVnsuJ0--Ab6-qakzd7cJlWFKxx4A_IuLOlmWgWbJV_a8lNS3DIfjmuDVdJgh4ZyR7BD7nYu6v7lyQRmPTAJMSLcyumZ05yKziZeFKsEO9tUzR-abIQQWTp2uSgcBsliLQUBxcL4vbUkWEJ2s-JRfCjUILKv2Iooxpv7oNQoCo-KxpTegMHDSA2mhTlx7zi1Xq5_DJzL8l8AY9YqQr2-sLFjKq0_WMBJZqEbcrsNlpVcqZFwpHfvHKD0tqOjR4aJCE8jyrW-l-viu53g_jHkrvRVnO28Xnkrf0SuDQQTFV5opzN8q6dpN2LsaYqlosB11PJPV21yaA7x4XynKcdBoy2s-aJwIm2qOgOSvkGuSgySWHckRtgvqGCwj7Q8JyH_BoE8v79dkzuBIKRah9zCA5Yk0pA90IE-cI8daNtB4LCxCizb07Cg8SmJzkl7Z4CysN-Jj4OMeFta2rWIAsqDXFWkZ2-uk31mi0haHkPgBSzJfwMbFAo4NNEHsU3g6CXhWPRNe7MkliGopQ-jcvylhz8bVMnscNLaHi6Yz_V-E6rYsQmthKvWuyKPdpfNGv9c5oVGdctMO6V6oW0DcSF0-xuACIBZAZ0XBuY2DYEN5YK67NC0gEephePCCJg1VeOASPSOTwNHRgMqXIpDJfmqPv_FYioBEaz63rjZXb8oI780EbLUwliRVIHmjyMpFsqRAvOA64xIhZ24eGZVUqW-Q-YgSbNsIB3DZGj-FX4t1UN6R-E4ToIB_4LUzOXMwYHp5jbqOWWyE4rwalZ-hxYooMcD0fdBcwkS_LnPHmAs7TgmJSQ4xL4oL7n10Ij0bmlZapWwqLV4sKRiiTIR3kbcGanPZ9nmdAwn8cAUUV_94P2fd3hdn05IEkGrvuFTVYFeocSIJ4ceUWUS2b62nBptF9ejZRfLBpaQu8doC1YrDUp7x9QGFmDaQrJ-ihl96bLHH-vtzpuLPiEbtOnSU2aMWyDvUW47FEigssuh6D2Sd008kffFdLq5KWHU6zMuxs_mQdgLBarLiVaBXx-lTqGA0rdWaib01z0I8hfNa57dcYl8T15QONNXborXfG6_JEPgubeSHvGFXU6nSbCBfePmf8g1EW08mRtFBatUU02VDWoDlElXry7oMop3IiODOSj3dJ0Vwn0wMdrVcmvwTbiowqrxkQHEPTbd_nuaANK05bFptNx-E7rgrtdTthKQMGSGffkLFcqByLF0irgMyA8zPeBx1qKZk8oaUjRUZufEjoFSuTZCEu2RE820_cbBxXWZxZ9K4tE7JcgJO0HkGgYBu3LplqPbbSKfigermE_Tq-i8pmuKOOamrnl_XHZigguh4Rj6i4Znu139JCon6lItsUd5zmQy2ztOtrHMwn0QkHFS3q14P8AHlVQyxb7TV40nqEfaEh1KYlskDmoTQQiMkr2NlLj2opViL4xZu0jCigQIvJfzeDAava2FWiy5Y3xblMoGRzo20uSTw2XtMMtHDY27PHqspT6rOFFUlPdoPuplWDc2mP7zPr7oGpEBwaeSIUNti8S4EgeRTfwLIf8M8NaTw5FSibuV0o_sXInvp9t6xLbESmADRtQZ5yjFb6Z4zk2qiJGoPdsx31rmW0FhkKpO_U-cZzlcau854dVJqH--1r5HiCygoEbS_jHyQZ8gQta_BI2iGboe1yyWKjbJnE-NoL66uhj1IXP8xwURskEDI4zD3zmy45uRLs_ks72pkAFE6Z_arO63qqaffP0VjZk_e3VGp6FlMJt_MYYyvJ0dEBnLBcXv2slGRujIyCGzdxj9XCyxj1ecsCMzr8AHb6aMeDAFWG_gAHhV2BdoHs-rYKO8svZl3rSQGTMCYBsXIef9gTXrQylhyDmC7ExAsveC4adhEMBlIWtpnSg9xALZoE4Jp2_Jd6Jcuhwee9Fr3X7q-i7EmYosihu_aWSIf0g-tYHdFU9j-R6Df28LPDygGOPXoWdSJlWji4PPNminrUVMzHJtEq4GJg5FCBI97HDour7YAWq1_bXLVC7x1TlbbUp267XTdsJonKgNczuUGb0UNnI0ZJRnykzJVpCvKNd5YMACtjSMWDuyeEJyayk0KZB6I1BYFmJiUY8CkpsCv2bFpYfSJYnmNaO3LIeot0FpB_JhQ9lGvMdgV97WAZisDfGjaP_s6uWSSw4yGljPyblurL-4_P99-Q1mA8qgSJVh8r3O4PAdzxOvy3HpS_7z6_VibdOKEFMLDw0I7kmf0gTsrFN4z3WTMb0HdrX_S_oHrwYJNLexQ2ygBNGJmY1Zu0Sg1ni6bhmhLFctz79Ufz8ExZtmFQLHWcIORzz9qXj-r5A09lOLMcGi3SJHRi7L0XmcKa_7BtM0jIcMz-iz1AtqmqOBIlthmBgB8nEqpNKdSU6TsJgUgmqWongIBiREssKJC2svsVi_k6oIKeEH5ZIQjxzuH6iEITJsJ9DfCJeYOm1QwoBJa8eOZNz3yGa8G5ayaQMBqJZyGh0tAHj8iME64KUl492p58jR9IscJM9P5Om09vlQsVYOSWuIf_ZgafsiJ7_fYQCl9xGP_Hl1NfLWOnWFMXn2oG6KwsfCAgJM_XA6uOXIf9YA-RyQcD1vak5xvTvzccX4oOExN8GyyM4xdU-b5-Do88MIURghg6gM2NVOU3KIc-WV84M5d9M6n94U9iFtBukPmnsJhjaWtxO_ntNGDwhjaAZMH5Ejy5_zzTACSST1m9pbmvn_ZllucRicG1D7cJi5vvI&cid=CAASEuRowtk_hVTXqWWAN8EsIHSwyw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
c47de8e691269e7231ee8e14edc3193ab82e69618bfdb17641edf251a7ab0f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32872
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2C70 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 00:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 00:53:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2C70 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 01:08:59 GMT
l
www.google.com/ads/measurement/ Frame 2C70 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdTas9J_9R_TDrZK0Mv4jgucbHJxLIupzH6RtdDjVCXkPa688DIIoJWVwiUUF42aqG5wBIU3EBLNAt_fuGMDBDwkHdXw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C70 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C70 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlaXT2BervxA0j_rx9U7ksm-bahGVhwfhKfsV1I-o9qd1kbuh2ljpXq2opMwdPhPm_0WeVlCWkQ1Cy_973EHm10nP_9rhtVuIK0LZjOUITYRm2hX8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 82A3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RTBgkg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		183 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3589327251002877&correlator=4417149745487576&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D7645679c8be0eeb%26hb_ap_bidder%3Drubicon%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D757bc0c4a758cd3%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Da67b129afc15d647-2207e6aeccd600fd%3AT%3D1664586831%3ART%3D1664586831%3AS%3DALNI_MZHsnArK1kRRq0C07Kd24MhZ6p_UA&gpic=UID%3D00000a14fe983117%3AT%3D1664586831%3ART%3D1664586831%3AS%3DALNI_MZUIdC-nSMO06d8HSKmosqEr5FxcQ&arp=1&abxe=1&dt=1664586833641&lmt=1664586833&dlt=1664586827533&idt=3915&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=2133585900.1664586833&ga_sid=1664586834&ga_hid=222&ga_fc=true&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
10b3844767b6e0533732ef4d0a35e1917ab4ebe147ad1d5d050cc499130da32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50560
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 883B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:53 GMT
expires
Sun, 01 Oct 2023 01:13:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 Oct 2022 01:13:54 GMT
rum
dsum-sec.casalemedia.com/ Frame 83C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1&C=1
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOIkAEQ0_SyrAIYvt_g0wEwAQ&v=APEucNWaKnVFNcmFNi3hJf4bACFh491-VGnd29TXduykPyBq-NfiNlF4ogzUvFKAQSzBk95r0keUXtADvt8jC7kC-q_YQPiGwA
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwmug%2ByrtSM6UQgVqJJ67joiHCsF9AFgcUQ3%2BVFYP13nA6D%2BQSOSONNaylXLscwCZAoyhCyL30iX5z0Tlph3GVwdd1GHV0%2FQRsML8s%2Bu%2BzDp0PttIc%2BtXO1fk4I3cQHQtd66DuV0yDniQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
753156a21b07a829-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9DiXK%2BAsN2xLjzeVb86Ri0FKsvMrZWPvijXzxWJu3AFWt075lzh7XesYEQbWOF5kA%2FJah83epUEfZOljxuYbhIMwlREic3HrFRYEdz9qb7o1V5ntSrb1Oq%2FPO4ZYkeWsb20IeSwAgWQDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1&C=1
cache-control
no-cache
cf-ray
753156a02ce7a932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 83C2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzeUUWU-BsXtuw7mpk8XoQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOIkAEQ0_SyrAIYvt_g0wEwAQ&v=APEucNWaKnVFNcmFNi3hJf4bACFh491-VGnd29TXduykPyBq-NfiNlF4ogzUvFKAQSzBk95r0keUXtADvt8jC7kC-q_YQPiGwA
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fdv0XezB0xeUXxrKSRZRFXUo4fdFtJIhIIiA0cvNQBl4tQozc9l1cv3%2BzFpWlIkNRUVFFZAYM7GSox2iVCBTrHMZxMrY1EPtkdDEc8VlOpGg7kqhkiktNbAyW0SmFtR58akJyANT8ZFjbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
753156a54e37a829-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGd1MUZU-YaLRPyE_LQwrMk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 83C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJXJaWjw2sl13Sq-FqvgpyI&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJXJaWjw2sl13Sq-FqvgpyI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOIkAEQ0_SyrAIYvt_g0wEwAQ&v=APEucNWaKnVFNcmFNi3hJf4bACFh491-VGnd29TXduykPyBq-NfiNlF4ogzUvFKAQSzBk95r0keUXtADvt8jC7kC-q_YQPiGwA
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:54 GMT
AN-X-Request-Uuid
78f240f1-f3a9-41b9-a91e-8a8f6e68ef20
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.22; 173.245.209.22; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJXJaWjw2sl13Sq-FqvgpyI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 83C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTQ1NTI4MTI3MDk4MjIyOA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTQ1NTI4MTI3MDk4MjIyOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOIkAEQ0_SyrAIYvt_g0wEwAQ&v=APEucNWaKnVFNcmFNi3hJf4bACFh491-VGnd29TXduykPyBq-NfiNlF4ogzUvFKAQSzBk95r0keUXtADvt8jC7kC-q_YQPiGwA
Protocol
H2
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:53 GMT
AN-X-Request-Uuid
8020c99d-b2cc-4216-a126-0e847b0c0e2d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTQ1NTI4MTI3MDk4MjIyOA%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.22; 173.245.209.22; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 2C70 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BA7Y81prYc0acB9vNg3jgCSBg0tZW-pTHceov2D69rM5F1erh2tVwSKD-88JWpQeomCN0EVOuRNFVEZB6_4Pi5qwpDspb2VVRghYym_kj27uA4agoh9hyUQRUMIrLVus33kd82XqoeP62RM39spqH-Vx80n0F01OxLf2fpKWGQq-8CJn0&cry=1&dbm_d=AKAmf-DSascJfQzjSWzq_RSoJs0gI6mqx_-alB2Qca6GWyyHhO9yURis2YzBkz5iQ9F7nVEcZcrCjCj83OjDcF5MB61DYWGAbCq6lZYy7nTobQHHGELCfbkostTurc0b4A-tXYMLI5a7LJOAnLPZkK60bUN3TAsUbXOcIQDLZNUCQtfatfJQNGhLNGm0K0Xu_QdH27y-B1VgUdy1AqzOvlMejNbvVTE7bLBL0wqGAefi9WS253ssnvfm8YJd4ZESY1xr9b8pPPDw7wrcapEQ5p2aLh8wgzJgzfZhoTz-HWhW5hKUvFFmAr0sfitc6GmW51PhjrYywOHKrtoOMv_WgX1FkQeBkd5qOBAM0D3NP4bZ_m_POrJuTTClE7Dh71zwuHnVy-YtVgAjc4oN5iGH-UCxDY6LBIY1FY0I9fI_flu4IEjEmIyjw5IVfA-w00a3Uc16uk7Xsh0b9WfkmREbeVD_sRucwxJVWOWTMfdl-E7PmSwiqPt7btnKFSYr46puR2oMGNBqVuHxZs7PyQVnsuJ0--Ab6-qakzd7cJlWFKxx4A_IuLOlmWgWbJV_a8lNS3DIfjmuDVdJgh4ZyR7BD7nYu6v7lyQRmPTAJMSLcyumZ05yKziZeFKsEO9tUzR-abIQQWTp2uSgcBsliLQUBxcL4vbUkWEJ2s-JRfCjUILKv2Iooxpv7oNQoCo-KxpTegMHDSA2mhTlx7zi1Xq5_DJzL8l8AY9YqQr2-sLFjKq0_WMBJZqEbcrsNlpVcqZFwpHfvHKD0tqOjR4aJCE8jyrW-l-viu53g_jHkrvRVnO28Xnkrf0SuDQQTFV5opzN8q6dpN2LsaYqlosB11PJPV21yaA7x4XynKcdBoy2s-aJwIm2qOgOSvkGuSgySWHckRtgvqGCwj7Q8JyH_BoE8v79dkzuBIKRah9zCA5Yk0pA90IE-cI8daNtB4LCxCizb07Cg8SmJzkl7Z4CysN-Jj4OMeFta2rWIAsqDXFWkZ2-uk31mi0haHkPgBSzJfwMbFAo4NNEHsU3g6CXhWPRNe7MkliGopQ-jcvylhz8bVMnscNLaHi6Yz_V-E6rYsQmthKvWuyKPdpfNGv9c5oVGdctMO6V6oW0DcSF0-xuACIBZAZ0XBuY2DYEN5YK67NC0gEephePCCJg1VeOASPSOTwNHRgMqXIpDJfmqPv_FYioBEaz63rjZXb8oI780EbLUwliRVIHmjyMpFsqRAvOA64xIhZ24eGZVUqW-Q-YgSbNsIB3DZGj-FX4t1UN6R-E4ToIB_4LUzOXMwYHp5jbqOWWyE4rwalZ-hxYooMcD0fdBcwkS_LnPHmAs7TgmJSQ4xL4oL7n10Ij0bmlZapWwqLV4sKRiiTIR3kbcGanPZ9nmdAwn8cAUUV_94P2fd3hdn05IEkGrvuFTVYFeocSIJ4ceUWUS2b62nBptF9ejZRfLBpaQu8doC1YrDUp7x9QGFmDaQrJ-ihl96bLHH-vtzpuLPiEbtOnSU2aMWyDvUW47FEigssuh6D2Sd008kffFdLq5KWHU6zMuxs_mQdgLBarLiVaBXx-lTqGA0rdWaib01z0I8hfNa57dcYl8T15QONNXborXfG6_JEPgubeSHvGFXU6nSbCBfePmf8g1EW08mRtFBatUU02VDWoDlElXry7oMop3IiODOSj3dJ0Vwn0wMdrVcmvwTbiowqrxkQHEPTbd_nuaANK05bFptNx-E7rgrtdTthKQMGSGffkLFcqByLF0irgMyA8zPeBx1qKZk8oaUjRUZufEjoFSuTZCEu2RE820_cbBxXWZxZ9K4tE7JcgJO0HkGgYBu3LplqPbbSKfigermE_Tq-i8pmuKOOamrnl_XHZigguh4Rj6i4Znu139JCon6lItsUd5zmQy2ztOtrHMwn0QkHFS3q14P8AHlVQyxb7TV40nqEfaEh1KYlskDmoTQQiMkr2NlLj2opViL4xZu0jCigQIvJfzeDAava2FWiy5Y3xblMoGRzo20uSTw2XtMMtHDY27PHqspT6rOFFUlPdoPuplWDc2mP7zPr7oGpEBwaeSIUNti8S4EgeRTfwLIf8M8NaTw5FSibuV0o_sXInvp9t6xLbESmADRtQZ5yjFb6Z4zk2qiJGoPdsx31rmW0FhkKpO_U-cZzlcau854dVJqH--1r5HiCygoEbS_jHyQZ8gQta_BI2iGboe1yyWKjbJnE-NoL66uhj1IXP8xwURskEDI4zD3zmy45uRLs_ks72pkAFE6Z_arO63qqaffP0VjZk_e3VGp6FlMJt_MYYyvJ0dEBnLBcXv2slGRujIyCGzdxj9XCyxj1ecsCMzr8AHb6aMeDAFWG_gAHhV2BdoHs-rYKO8svZl3rSQGTMCYBsXIef9gTXrQylhyDmC7ExAsveC4adhEMBlIWtpnSg9xALZoE4Jp2_Jd6Jcuhwee9Fr3X7q-i7EmYosihu_aWSIf0g-tYHdFU9j-R6Df28LPDygGOPXoWdSJlWji4PPNminrUVMzHJtEq4GJg5FCBI97HDour7YAWq1_bXLVC7x1TlbbUp267XTdsJonKgNczuUGb0UNnI0ZJRnykzJVpCvKNd5YMACtjSMWDuyeEJyayk0KZB6I1BYFmJiUY8CkpsCv2bFpYfSJYnmNaO3LIeot0FpB_JhQ9lGvMdgV97WAZisDfGjaP_s6uWSSw4yGljPyblurL-4_P99-Q1mA8qgSJVh8r3O4PAdzxOvy3HpS_7z6_VibdOKEFMLDw0I7kmf0gTsrFN4z3WTMb0HdrX_S_oHrwYJNLexQ2ygBNGJmY1Zu0Sg1ni6bhmhLFctz79Ufz8ExZtmFQLHWcIORzz9qXj-r5A09lOLMcGi3SJHRi7L0XmcKa_7BtM0jIcMz-iz1AtqmqOBIlthmBgB8nEqpNKdSU6TsJgUgmqWongIBiREssKJC2svsVi_k6oIKeEH5ZIQjxzuH6iEITJsJ9DfCJeYOm1QwoBJa8eOZNz3yGa8G5ayaQMBqJZyGh0tAHj8iME64KUl492p58jR9IscJM9P5Om09vlQsVYOSWuIf_ZgafsiJ7_fYQCl9xGP_Hl1NfLWOnWFMXn2oG6KwsfCAgJM_XA6uOXIf9YA-RyQcD1vak5xvTvzccX4oOExN8GyyM4xdU-b5-Do88MIURghg6gM2NVOU3KIc-WV84M5d9M6n94U9iFtBukPmnsJhjaWtxO_ntNGDwhjaAZMH5Ejy5_zzTACSST1m9pbmvn_ZllucRicG1D7cJi5vvI&cid=CAASEuRowtk_hVTXqWWAN8EsIHSwyw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11727
x-xss-protection
0
server
cafe
etag
4188671789125589074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 21:50:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 2C70 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BA7Y81prYc0acB9vNg3jgCSBg0tZW-pTHceov2D69rM5F1erh2tVwSKD-88JWpQeomCN0EVOuRNFVEZB6_4Pi5qwpDspb2VVRghYym_kj27uA4agoh9hyUQRUMIrLVus33kd82XqoeP62RM39spqH-Vx80n0F01OxLf2fpKWGQq-8CJn0&cry=1&dbm_d=AKAmf-DSascJfQzjSWzq_RSoJs0gI6mqx_-alB2Qca6GWyyHhO9yURis2YzBkz5iQ9F7nVEcZcrCjCj83OjDcF5MB61DYWGAbCq6lZYy7nTobQHHGELCfbkostTurc0b4A-tXYMLI5a7LJOAnLPZkK60bUN3TAsUbXOcIQDLZNUCQtfatfJQNGhLNGm0K0Xu_QdH27y-B1VgUdy1AqzOvlMejNbvVTE7bLBL0wqGAefi9WS253ssnvfm8YJd4ZESY1xr9b8pPPDw7wrcapEQ5p2aLh8wgzJgzfZhoTz-HWhW5hKUvFFmAr0sfitc6GmW51PhjrYywOHKrtoOMv_WgX1FkQeBkd5qOBAM0D3NP4bZ_m_POrJuTTClE7Dh71zwuHnVy-YtVgAjc4oN5iGH-UCxDY6LBIY1FY0I9fI_flu4IEjEmIyjw5IVfA-w00a3Uc16uk7Xsh0b9WfkmREbeVD_sRucwxJVWOWTMfdl-E7PmSwiqPt7btnKFSYr46puR2oMGNBqVuHxZs7PyQVnsuJ0--Ab6-qakzd7cJlWFKxx4A_IuLOlmWgWbJV_a8lNS3DIfjmuDVdJgh4ZyR7BD7nYu6v7lyQRmPTAJMSLcyumZ05yKziZeFKsEO9tUzR-abIQQWTp2uSgcBsliLQUBxcL4vbUkWEJ2s-JRfCjUILKv2Iooxpv7oNQoCo-KxpTegMHDSA2mhTlx7zi1Xq5_DJzL8l8AY9YqQr2-sLFjKq0_WMBJZqEbcrsNlpVcqZFwpHfvHKD0tqOjR4aJCE8jyrW-l-viu53g_jHkrvRVnO28Xnkrf0SuDQQTFV5opzN8q6dpN2LsaYqlosB11PJPV21yaA7x4XynKcdBoy2s-aJwIm2qOgOSvkGuSgySWHckRtgvqGCwj7Q8JyH_BoE8v79dkzuBIKRah9zCA5Yk0pA90IE-cI8daNtB4LCxCizb07Cg8SmJzkl7Z4CysN-Jj4OMeFta2rWIAsqDXFWkZ2-uk31mi0haHkPgBSzJfwMbFAo4NNEHsU3g6CXhWPRNe7MkliGopQ-jcvylhz8bVMnscNLaHi6Yz_V-E6rYsQmthKvWuyKPdpfNGv9c5oVGdctMO6V6oW0DcSF0-xuACIBZAZ0XBuY2DYEN5YK67NC0gEephePCCJg1VeOASPSOTwNHRgMqXIpDJfmqPv_FYioBEaz63rjZXb8oI780EbLUwliRVIHmjyMpFsqRAvOA64xIhZ24eGZVUqW-Q-YgSbNsIB3DZGj-FX4t1UN6R-E4ToIB_4LUzOXMwYHp5jbqOWWyE4rwalZ-hxYooMcD0fdBcwkS_LnPHmAs7TgmJSQ4xL4oL7n10Ij0bmlZapWwqLV4sKRiiTIR3kbcGanPZ9nmdAwn8cAUUV_94P2fd3hdn05IEkGrvuFTVYFeocSIJ4ceUWUS2b62nBptF9ejZRfLBpaQu8doC1YrDUp7x9QGFmDaQrJ-ihl96bLHH-vtzpuLPiEbtOnSU2aMWyDvUW47FEigssuh6D2Sd008kffFdLq5KWHU6zMuxs_mQdgLBarLiVaBXx-lTqGA0rdWaib01z0I8hfNa57dcYl8T15QONNXborXfG6_JEPgubeSHvGFXU6nSbCBfePmf8g1EW08mRtFBatUU02VDWoDlElXry7oMop3IiODOSj3dJ0Vwn0wMdrVcmvwTbiowqrxkQHEPTbd_nuaANK05bFptNx-E7rgrtdTthKQMGSGffkLFcqByLF0irgMyA8zPeBx1qKZk8oaUjRUZufEjoFSuTZCEu2RE820_cbBxXWZxZ9K4tE7JcgJO0HkGgYBu3LplqPbbSKfigermE_Tq-i8pmuKOOamrnl_XHZigguh4Rj6i4Znu139JCon6lItsUd5zmQy2ztOtrHMwn0QkHFS3q14P8AHlVQyxb7TV40nqEfaEh1KYlskDmoTQQiMkr2NlLj2opViL4xZu0jCigQIvJfzeDAava2FWiy5Y3xblMoGRzo20uSTw2XtMMtHDY27PHqspT6rOFFUlPdoPuplWDc2mP7zPr7oGpEBwaeSIUNti8S4EgeRTfwLIf8M8NaTw5FSibuV0o_sXInvp9t6xLbESmADRtQZ5yjFb6Z4zk2qiJGoPdsx31rmW0FhkKpO_U-cZzlcau854dVJqH--1r5HiCygoEbS_jHyQZ8gQta_BI2iGboe1yyWKjbJnE-NoL66uhj1IXP8xwURskEDI4zD3zmy45uRLs_ks72pkAFE6Z_arO63qqaffP0VjZk_e3VGp6FlMJt_MYYyvJ0dEBnLBcXv2slGRujIyCGzdxj9XCyxj1ecsCMzr8AHb6aMeDAFWG_gAHhV2BdoHs-rYKO8svZl3rSQGTMCYBsXIef9gTXrQylhyDmC7ExAsveC4adhEMBlIWtpnSg9xALZoE4Jp2_Jd6Jcuhwee9Fr3X7q-i7EmYosihu_aWSIf0g-tYHdFU9j-R6Df28LPDygGOPXoWdSJlWji4PPNminrUVMzHJtEq4GJg5FCBI97HDour7YAWq1_bXLVC7x1TlbbUp267XTdsJonKgNczuUGb0UNnI0ZJRnykzJVpCvKNd5YMACtjSMWDuyeEJyayk0KZB6I1BYFmJiUY8CkpsCv2bFpYfSJYnmNaO3LIeot0FpB_JhQ9lGvMdgV97WAZisDfGjaP_s6uWSSw4yGljPyblurL-4_P99-Q1mA8qgSJVh8r3O4PAdzxOvy3HpS_7z6_VibdOKEFMLDw0I7kmf0gTsrFN4z3WTMb0HdrX_S_oHrwYJNLexQ2ygBNGJmY1Zu0Sg1ni6bhmhLFctz79Ufz8ExZtmFQLHWcIORzz9qXj-r5A09lOLMcGi3SJHRi7L0XmcKa_7BtM0jIcMz-iz1AtqmqOBIlthmBgB8nEqpNKdSU6TsJgUgmqWongIBiREssKJC2svsVi_k6oIKeEH5ZIQjxzuH6iEITJsJ9DfCJeYOm1QwoBJa8eOZNz3yGa8G5ayaQMBqJZyGh0tAHj8iME64KUl492p58jR9IscJM9P5Om09vlQsVYOSWuIf_ZgafsiJ7_fYQCl9xGP_Hl1NfLWOnWFMXn2oG6KwsfCAgJM_XA6uOXIf9YA-RyQcD1vak5xvTvzccX4oOExN8GyyM4xdU-b5-Do88MIURghg6gM2NVOU3KIc-WV84M5d9M6n94U9iFtBukPmnsJhjaWtxO_ntNGDwhjaAZMH5Ejy5_zzTACSST1m9pbmvn_ZllucRicG1D7cJi5vvI&cid=CAASEuRowtk_hVTXqWWAN8EsIHSwyw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 23:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 23:48:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2C70 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDfhPyuPH77Zb0FQ_5Mj99XGnD0DS4dy5oJBxrKjO_kJutJAS0-ylLqANWgKWZy0RtvhKt9f2BEwpUfW_0WMF9H2D4d68RpfxyotGe6NvsVd4rQIUo_3lCoBrghbQraanxxgrbucT7DdFq0VoGw_BYEMEE4EhCZQb1PmfvPTHoyDKu9G2GySXwYrrSN5xzuPhw-J6bVqvZPxlE5J5eRl1l8cdPptmOrRfNFOfOOLQ8b_ix-mzOkGxX7DZkpFseV9Tweit642kMhRR6pKfd8lJBMhO0zkAn6K7i4T54MKe2RUzSp89I5EGQ-_YDgCAuVh8x-RF4iYoznmlaZ2iNiFbSuCFTAECjiXvCYUnEdi96y_ZHro6HDRCBXXlhLOGilncYZqPxtqPNcECxxo8JCa4-ETbVN4X14klME7A84BBNXvLIEAKgt4z5ihMHKdqOLd2Mt72sq_lWvMIVjzdvliLUpPouur3ZVJn3ZAo0qyqN5kfppEVMu74zrw4e9_WaIEwoUyGvNAPMsFuI5nNr0TC9gcFlqw4Ej0TohkjdQtMkTJ4Cl0yjeKxTxThjeh6frxgAxTI6jnDB1HFfv26H0cg-E07sQIkvYq1sk7Cb7hPUsH4XjrdLn3SHg9ensn6FsnBky0_w3YGRMbbTkflheHuLmtvECgaXBO6qzgbSD0aJgjuAdOZUNgRLrZzKdZ9e0txguEvlGgrUtCsxER4QQZr1JT3qZIe7rN8grjVCpbw6PMAkrXKM3C6fdBh59aDPHknnJr-EPi3TmzVApKXIYxCZKuBe8CQ9dJbWMhE2a2WBIBrQ49puUWSiCsO7BIVGnd8Stsdty80nvGIlPeD8zI6mfYaoWxBA6ZlwcdeVCo16WnL0_JdxHBxNAM2cuQWu4syQz2gAHCq7Rd9-xrhFAvPIS86P-K3TMCFb406qxoiJEEsMXUC6MziJSEQXyydPOBPRM9hcD23KxcUZ8BLSvGY8aBxfUScJh8OSqLvznQccT0iE93yX-J9uiQZuSdk5IST9cwc9a4UYgOBk-40gp6oNa4yy03DK0DnXrmeO7T9QYqbCt75ETv_D8zLg1kGbodaKixDNXissxegOsByuZcs-bxnSInU4oFmLqWqST8ZEORihD_89Ooyb2pGbdmt7niQmavRCg4RVwXr7fJq3RVIKLUUmc927D4CtJneK&sai=AMfl-YSpoxqYzX0PvGSNJ3k3IFOrHB3Ivyy0pkB40rwM3UdY3Kv9DSvqXbv0XjO_U5pxzsdSUyPsTS5Zng4ok9EkEjD4NJNYyUqrtN92Dw9qQdDj_NRRA-mv3itQH5jyUgdZiy6rl1WGnEx0WdYdx815s9wzD44wbeRl&sig=Cg0ArKJSzGunIf3EHpiQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220928.63207&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BA7Y81prYc0acB9vNg3jgCSBg0tZW-pTHceov2D69rM5F1erh2tVwSKD-88JWpQeomCN0EVOuRNFVEZB6_4Pi5qwpDspb2VVRghYym_kj27uA4agoh9hyUQRUMIrLVus33kd82XqoeP62RM39spqH-Vx80n0F01OxLf2fpKWGQq-8CJn0&cry=1&dbm_d=AKAmf-DSascJfQzjSWzq_RSoJs0gI6mqx_-alB2Qca6GWyyHhO9yURis2YzBkz5iQ9F7nVEcZcrCjCj83OjDcF5MB61DYWGAbCq6lZYy7nTobQHHGELCfbkostTurc0b4A-tXYMLI5a7LJOAnLPZkK60bUN3TAsUbXOcIQDLZNUCQtfatfJQNGhLNGm0K0Xu_QdH27y-B1VgUdy1AqzOvlMejNbvVTE7bLBL0wqGAefi9WS253ssnvfm8YJd4ZESY1xr9b8pPPDw7wrcapEQ5p2aLh8wgzJgzfZhoTz-HWhW5hKUvFFmAr0sfitc6GmW51PhjrYywOHKrtoOMv_WgX1FkQeBkd5qOBAM0D3NP4bZ_m_POrJuTTClE7Dh71zwuHnVy-YtVgAjc4oN5iGH-UCxDY6LBIY1FY0I9fI_flu4IEjEmIyjw5IVfA-w00a3Uc16uk7Xsh0b9WfkmREbeVD_sRucwxJVWOWTMfdl-E7PmSwiqPt7btnKFSYr46puR2oMGNBqVuHxZs7PyQVnsuJ0--Ab6-qakzd7cJlWFKxx4A_IuLOlmWgWbJV_a8lNS3DIfjmuDVdJgh4ZyR7BD7nYu6v7lyQRmPTAJMSLcyumZ05yKziZeFKsEO9tUzR-abIQQWTp2uSgcBsliLQUBxcL4vbUkWEJ2s-JRfCjUILKv2Iooxpv7oNQoCo-KxpTegMHDSA2mhTlx7zi1Xq5_DJzL8l8AY9YqQr2-sLFjKq0_WMBJZqEbcrsNlpVcqZFwpHfvHKD0tqOjR4aJCE8jyrW-l-viu53g_jHkrvRVnO28Xnkrf0SuDQQTFV5opzN8q6dpN2LsaYqlosB11PJPV21yaA7x4XynKcdBoy2s-aJwIm2qOgOSvkGuSgySWHckRtgvqGCwj7Q8JyH_BoE8v79dkzuBIKRah9zCA5Yk0pA90IE-cI8daNtB4LCxCizb07Cg8SmJzkl7Z4CysN-Jj4OMeFta2rWIAsqDXFWkZ2-uk31mi0haHkPgBSzJfwMbFAo4NNEHsU3g6CXhWPRNe7MkliGopQ-jcvylhz8bVMnscNLaHi6Yz_V-E6rYsQmthKvWuyKPdpfNGv9c5oVGdctMO6V6oW0DcSF0-xuACIBZAZ0XBuY2DYEN5YK67NC0gEephePCCJg1VeOASPSOTwNHRgMqXIpDJfmqPv_FYioBEaz63rjZXb8oI780EbLUwliRVIHmjyMpFsqRAvOA64xIhZ24eGZVUqW-Q-YgSbNsIB3DZGj-FX4t1UN6R-E4ToIB_4LUzOXMwYHp5jbqOWWyE4rwalZ-hxYooMcD0fdBcwkS_LnPHmAs7TgmJSQ4xL4oL7n10Ij0bmlZapWwqLV4sKRiiTIR3kbcGanPZ9nmdAwn8cAUUV_94P2fd3hdn05IEkGrvuFTVYFeocSIJ4ceUWUS2b62nBptF9ejZRfLBpaQu8doC1YrDUp7x9QGFmDaQrJ-ihl96bLHH-vtzpuLPiEbtOnSU2aMWyDvUW47FEigssuh6D2Sd008kffFdLq5KWHU6zMuxs_mQdgLBarLiVaBXx-lTqGA0rdWaib01z0I8hfNa57dcYl8T15QONNXborXfG6_JEPgubeSHvGFXU6nSbCBfePmf8g1EW08mRtFBatUU02VDWoDlElXry7oMop3IiODOSj3dJ0Vwn0wMdrVcmvwTbiowqrxkQHEPTbd_nuaANK05bFptNx-E7rgrtdTthKQMGSGffkLFcqByLF0irgMyA8zPeBx1qKZk8oaUjRUZufEjoFSuTZCEu2RE820_cbBxXWZxZ9K4tE7JcgJO0HkGgYBu3LplqPbbSKfigermE_Tq-i8pmuKOOamrnl_XHZigguh4Rj6i4Znu139JCon6lItsUd5zmQy2ztOtrHMwn0QkHFS3q14P8AHlVQyxb7TV40nqEfaEh1KYlskDmoTQQiMkr2NlLj2opViL4xZu0jCigQIvJfzeDAava2FWiy5Y3xblMoGRzo20uSTw2XtMMtHDY27PHqspT6rOFFUlPdoPuplWDc2mP7zPr7oGpEBwaeSIUNti8S4EgeRTfwLIf8M8NaTw5FSibuV0o_sXInvp9t6xLbESmADRtQZ5yjFb6Z4zk2qiJGoPdsx31rmW0FhkKpO_U-cZzlcau854dVJqH--1r5HiCygoEbS_jHyQZ8gQta_BI2iGboe1yyWKjbJnE-NoL66uhj1IXP8xwURskEDI4zD3zmy45uRLs_ks72pkAFE6Z_arO63qqaffP0VjZk_e3VGp6FlMJt_MYYyvJ0dEBnLBcXv2slGRujIyCGzdxj9XCyxj1ecsCMzr8AHb6aMeDAFWG_gAHhV2BdoHs-rYKO8svZl3rSQGTMCYBsXIef9gTXrQylhyDmC7ExAsveC4adhEMBlIWtpnSg9xALZoE4Jp2_Jd6Jcuhwee9Fr3X7q-i7EmYosihu_aWSIf0g-tYHdFU9j-R6Df28LPDygGOPXoWdSJlWji4PPNminrUVMzHJtEq4GJg5FCBI97HDour7YAWq1_bXLVC7x1TlbbUp267XTdsJonKgNczuUGb0UNnI0ZJRnykzJVpCvKNd5YMACtjSMWDuyeEJyayk0KZB6I1BYFmJiUY8CkpsCv2bFpYfSJYnmNaO3LIeot0FpB_JhQ9lGvMdgV97WAZisDfGjaP_s6uWSSw4yGljPyblurL-4_P99-Q1mA8qgSJVh8r3O4PAdzxOvy3HpS_7z6_VibdOKEFMLDw0I7kmf0gTsrFN4z3WTMb0HdrX_S_oHrwYJNLexQ2ygBNGJmY1Zu0Sg1ni6bhmhLFctz79Ufz8ExZtmFQLHWcIORzz9qXj-r5A09lOLMcGi3SJHRi7L0XmcKa_7BtM0jIcMz-iz1AtqmqOBIlthmBgB8nEqpNKdSU6TsJgUgmqWongIBiREssKJC2svsVi_k6oIKeEH5ZIQjxzuH6iEITJsJ9DfCJeYOm1QwoBJa8eOZNz3yGa8G5ayaQMBqJZyGh0tAHj8iME64KUl492p58jR9IscJM9P5Om09vlQsVYOSWuIf_ZgafsiJ7_fYQCl9xGP_Hl1NfLWOnWFMXn2oG6KwsfCAgJM_XA6uOXIf9YA-RyQcD1vak5xvTvzccX4oOExN8GyyM4xdU-b5-Do88MIURghg6gM2NVOU3KIc-WV84M5d9M6n94U9iFtBukPmnsJhjaWtxO_ntNGDwhjaAZMH5Ejy5_zzTACSST1m9pbmvn_ZllucRicG1D7cJi5vvI&cid=CAASEuRowtk_hVTXqWWAN8EsIHSwyw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 01 Oct 2022 01:13:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2C70 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BA7Y81prYc0acB9vNg3jgCSBg0tZW-pTHceov2D69rM5F1erh2tVwSKD-88JWpQeomCN0EVOuRNFVEZB6_4Pi5qwpDspb2VVRghYym_kj27uA4agoh9hyUQRUMIrLVus33kd82XqoeP62RM39spqH-Vx80n0F01OxLf2fpKWGQq-8CJn0&cry=1&dbm_d=AKAmf-DSascJfQzjSWzq_RSoJs0gI6mqx_-alB2Qca6GWyyHhO9yURis2YzBkz5iQ9F7nVEcZcrCjCj83OjDcF5MB61DYWGAbCq6lZYy7nTobQHHGELCfbkostTurc0b4A-tXYMLI5a7LJOAnLPZkK60bUN3TAsUbXOcIQDLZNUCQtfatfJQNGhLNGm0K0Xu_QdH27y-B1VgUdy1AqzOvlMejNbvVTE7bLBL0wqGAefi9WS253ssnvfm8YJd4ZESY1xr9b8pPPDw7wrcapEQ5p2aLh8wgzJgzfZhoTz-HWhW5hKUvFFmAr0sfitc6GmW51PhjrYywOHKrtoOMv_WgX1FkQeBkd5qOBAM0D3NP4bZ_m_POrJuTTClE7Dh71zwuHnVy-YtVgAjc4oN5iGH-UCxDY6LBIY1FY0I9fI_flu4IEjEmIyjw5IVfA-w00a3Uc16uk7Xsh0b9WfkmREbeVD_sRucwxJVWOWTMfdl-E7PmSwiqPt7btnKFSYr46puR2oMGNBqVuHxZs7PyQVnsuJ0--Ab6-qakzd7cJlWFKxx4A_IuLOlmWgWbJV_a8lNS3DIfjmuDVdJgh4ZyR7BD7nYu6v7lyQRmPTAJMSLcyumZ05yKziZeFKsEO9tUzR-abIQQWTp2uSgcBsliLQUBxcL4vbUkWEJ2s-JRfCjUILKv2Iooxpv7oNQoCo-KxpTegMHDSA2mhTlx7zi1Xq5_DJzL8l8AY9YqQr2-sLFjKq0_WMBJZqEbcrsNlpVcqZFwpHfvHKD0tqOjR4aJCE8jyrW-l-viu53g_jHkrvRVnO28Xnkrf0SuDQQTFV5opzN8q6dpN2LsaYqlosB11PJPV21yaA7x4XynKcdBoy2s-aJwIm2qOgOSvkGuSgySWHckRtgvqGCwj7Q8JyH_BoE8v79dkzuBIKRah9zCA5Yk0pA90IE-cI8daNtB4LCxCizb07Cg8SmJzkl7Z4CysN-Jj4OMeFta2rWIAsqDXFWkZ2-uk31mi0haHkPgBSzJfwMbFAo4NNEHsU3g6CXhWPRNe7MkliGopQ-jcvylhz8bVMnscNLaHi6Yz_V-E6rYsQmthKvWuyKPdpfNGv9c5oVGdctMO6V6oW0DcSF0-xuACIBZAZ0XBuY2DYEN5YK67NC0gEephePCCJg1VeOASPSOTwNHRgMqXIpDJfmqPv_FYioBEaz63rjZXb8oI780EbLUwliRVIHmjyMpFsqRAvOA64xIhZ24eGZVUqW-Q-YgSbNsIB3DZGj-FX4t1UN6R-E4ToIB_4LUzOXMwYHp5jbqOWWyE4rwalZ-hxYooMcD0fdBcwkS_LnPHmAs7TgmJSQ4xL4oL7n10Ij0bmlZapWwqLV4sKRiiTIR3kbcGanPZ9nmdAwn8cAUUV_94P2fd3hdn05IEkGrvuFTVYFeocSIJ4ceUWUS2b62nBptF9ejZRfLBpaQu8doC1YrDUp7x9QGFmDaQrJ-ihl96bLHH-vtzpuLPiEbtOnSU2aMWyDvUW47FEigssuh6D2Sd008kffFdLq5KWHU6zMuxs_mQdgLBarLiVaBXx-lTqGA0rdWaib01z0I8hfNa57dcYl8T15QONNXborXfG6_JEPgubeSHvGFXU6nSbCBfePmf8g1EW08mRtFBatUU02VDWoDlElXry7oMop3IiODOSj3dJ0Vwn0wMdrVcmvwTbiowqrxkQHEPTbd_nuaANK05bFptNx-E7rgrtdTthKQMGSGffkLFcqByLF0irgMyA8zPeBx1qKZk8oaUjRUZufEjoFSuTZCEu2RE820_cbBxXWZxZ9K4tE7JcgJO0HkGgYBu3LplqPbbSKfigermE_Tq-i8pmuKOOamrnl_XHZigguh4Rj6i4Znu139JCon6lItsUd5zmQy2ztOtrHMwn0QkHFS3q14P8AHlVQyxb7TV40nqEfaEh1KYlskDmoTQQiMkr2NlLj2opViL4xZu0jCigQIvJfzeDAava2FWiy5Y3xblMoGRzo20uSTw2XtMMtHDY27PHqspT6rOFFUlPdoPuplWDc2mP7zPr7oGpEBwaeSIUNti8S4EgeRTfwLIf8M8NaTw5FSibuV0o_sXInvp9t6xLbESmADRtQZ5yjFb6Z4zk2qiJGoPdsx31rmW0FhkKpO_U-cZzlcau854dVJqH--1r5HiCygoEbS_jHyQZ8gQta_BI2iGboe1yyWKjbJnE-NoL66uhj1IXP8xwURskEDI4zD3zmy45uRLs_ks72pkAFE6Z_arO63qqaffP0VjZk_e3VGp6FlMJt_MYYyvJ0dEBnLBcXv2slGRujIyCGzdxj9XCyxj1ecsCMzr8AHb6aMeDAFWG_gAHhV2BdoHs-rYKO8svZl3rSQGTMCYBsXIef9gTXrQylhyDmC7ExAsveC4adhEMBlIWtpnSg9xALZoE4Jp2_Jd6Jcuhwee9Fr3X7q-i7EmYosihu_aWSIf0g-tYHdFU9j-R6Df28LPDygGOPXoWdSJlWji4PPNminrUVMzHJtEq4GJg5FCBI97HDour7YAWq1_bXLVC7x1TlbbUp267XTdsJonKgNczuUGb0UNnI0ZJRnykzJVpCvKNd5YMACtjSMWDuyeEJyayk0KZB6I1BYFmJiUY8CkpsCv2bFpYfSJYnmNaO3LIeot0FpB_JhQ9lGvMdgV97WAZisDfGjaP_s6uWSSw4yGljPyblurL-4_P99-Q1mA8qgSJVh8r3O4PAdzxOvy3HpS_7z6_VibdOKEFMLDw0I7kmf0gTsrFN4z3WTMb0HdrX_S_oHrwYJNLexQ2ygBNGJmY1Zu0Sg1ni6bhmhLFctz79Ufz8ExZtmFQLHWcIORzz9qXj-r5A09lOLMcGi3SJHRi7L0XmcKa_7BtM0jIcMz-iz1AtqmqOBIlthmBgB8nEqpNKdSU6TsJgUgmqWongIBiREssKJC2svsVi_k6oIKeEH5ZIQjxzuH6iEITJsJ9DfCJeYOm1QwoBJa8eOZNz3yGa8G5ayaQMBqJZyGh0tAHj8iME64KUl492p58jR9IscJM9P5Om09vlQsVYOSWuIf_ZgafsiJ7_fYQCl9xGP_Hl1NfLWOnWFMXn2oG6KwsfCAgJM_XA6uOXIf9YA-RyQcD1vak5xvTvzccX4oOExN8GyyM4xdU-b5-Do88MIURghg6gM2NVOU3KIc-WV84M5d9M6n94U9iFtBukPmnsJhjaWtxO_ntNGDwhjaAZMH5Ejy5_zzTACSST1m9pbmvn_ZllucRicG1D7cJi5vvI&cid=CAASEuRowtk_hVTXqWWAN8EsIHSwyw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 00:29:27 GMT
11360290319235734685
s0.2mdn.net/simgad/ Frame 2C70 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11360290319235734685
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
964733d41b55e7f16c2e019e6045e54234a5daa4be7bd073ecdac8224ef90aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 23:09:47 GMT
x-content-type-options
nosniff
age
180247
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69677
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:44:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Sep 2023 23:09:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ECC0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtt8Wxj-faOPpYTcHdA6Ymc_-Pf5BHfU6hX-y7Hq2NFVpoMXSRij0Zkhku5V_Z8CEt0bvGnq2e3VabJ3S8n1ZCSAeM&sig=Cg0ArKJSzGo_FA8F8H38EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664586831851&rpt=907&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trv
dsp-trk.eskimi.com/ Frame ECC0 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?coId=&bId=1664586831552.2.YzeUTwAIDeACD0hdnQYZuQ&cId=142576&crId=959041&sId=17367198500&pId=1837222630&trve=1&trv=1&trvv=v2&dvt=&dvm=&locid=0&audid=0&prb=6&src=utr&spt=CAIQrev4DRjmlYfsBiABKIszMAU4CFjBxDpoAXABeAI&_=1664586833806
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664586831&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586830477&bpp=11&bdt=1707&idt=816&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=2994923742522&frm=23&ife=1&pv=1&ga_vid=940022030.1664586831&ga_sid=1664586831&ga_hid=1006221885&ga_fc=0&ga_cid=amp-KMocftX73XaSzkGdL3TqTQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1094511521&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069958%2C42531705%2C31070009%2C44772928%2C31067826&oid=2&pvsid=4056235245441197&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gmm1m3u86jcp&fsb=1&dtd=834
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame E086 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=2171895363441964&bg=!nZ6lntrNAAYQgTJdMIE7ACkAdvg8Wn-AXBtmsQOC0-wJVZJF-0ALKEuPSNEr6DRmJHmB5yt3PajVFgIAAABOUgAAAAJoAQcKAEWM9SzdrUzWT-DtwcQcloXkU33wnqvVgT54g9sC4pR2mUr4OTS_zzqSMdcUSFJLI5yeHv2VD5PYdy-qQL-lBCKMUsA17l-ZArFui39drSKAqxsGnRqLKgyaMp0HvwAISIinc9uYDIHqDgOUJlbTQ5AfY428DKbPbI8H8S6nVWqTlxIX__QZo8S5cl-BMQV2m8WA7nAFhLAOSgxynOcVDbVx9XEc_hKP9Cb__-9vvJchkkI_zCYUwXxs1nzF4hW0ay_5oKNML0cpGSNwEin6O6bbHAtkyqJsMLBlEov1DGcfDbKNdtEbPhrsphxvApBNIO6_weUs3HR6aGI_poWeyfJQpbjAuGH77UYWrGbq5hFLLvCD-QIELdJGCR40e0j2Sr2B2-BbreMql7QVJ0J6KNrIYwQK_1Qip1PPG3M_r7BBgFZxUI_0pEGum2cLI3vqX6gDVsXPQFyw4-2VHh15GDpO0CKBMowLfwLTsmdey1ej1IrEBM8PrQjSz3dZ0tW2OtJp7Fd2NK5D91RdOhBXGwUXq6vDNkXoJczVWNHMw9lVpyaKrTFgHkeoqQM4j3zoDlbDGjhRJIObDHQu0YGcmtQGUJMfU7K3OartjpAU2-JGYKxivUzgjO-M06I_7OhC9ZmL8X3RiCmpgKwOEn4Ja9PzoKkRYTomDj-LGx-GBu6iHrEwj5oqA-tsUGUWOU0wz_OerpAtCTBZFX40Jsf5Hyn8KfGkIxstc90vDEUIYXm636DRdoFcqCZ03XIJ8kNBs0q5EsAjGqlG4enVTlPhIDxklrxReUkOUZ3GBSXtU472MHyXV8avmthoQBHFkYXmRBBXTzEniDwyZoSn0ht6U7I0Sl1FWrlLzhrJhPfEuXZrZ9h5HWUZuQor886vAjFX4ouV9dWYhgxP24KJ-BD3UZoJh4Ss4m5xHyh0NbmCKaka2V__K0hTeUvI1LIwCZVwmVjW910wZjC_QWq8b1tOO6k8dBztLdCwUm-uNX7Mv98fM4SXzXEStUV5Ow
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5EFA 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
69122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AE84 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
32537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 16:11:37 GMT
expires
Sat, 30 Sep 2023 16:11:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2C70 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae49deaf11adf8cf798d12f2ab05f18e9b962262bd4d96130831d80310fecdf3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 01E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=1953301433462118&bg=!LS6lLmrNAAYQgTJdMIE7ACkAdvg8WsBWo4-8YAQ6MiRlLp6-5bBaMgO5QNLDwx1kLCXKH2CYuNXXCQIAAABeUgAAAAFoAQcKALLikSsdsSqjdYWj2bCxBtYdbjvnK9OTB25RbaySRTTgTJYXWGXaypnkKYavrVa5T4L85yJ_AuRWw1YEfypCVOafjSgt-V8NThyEIh4vWYEIeITHXG47cLXzV7E65HPUO8LO7CcfNK7JuLG5gyAxcSNOGWnsN7oxaqoVY1MAKUGfXpYz1VpccnXIjIDGICjC482mZaVcIRz62-cDNGA8zn9yKbtmZUCxsP6udr7y3Uw0-EKAmQKn9UZpmpFOPEs9jHXL9UKnIxVGYPZ_u9sZMEdWOu_QWtMfm_EnAbfj4PzF9bXN92O-BXYjK9REdtgdVW7EgSm19ArqsCbeEbiYH9nWnODgbbxFWLGa3AiK8f-nNd9Xl-ER4XQxb2ufu021_5g4gGrWSyMBJL9CWqghUFMlkMnG_P1At0v6ZSkzho_NMciBZGi3F38fFGZDKBKl3k9_QjRa22ftoc5AoDjX6d8_TqU8MaSUyYEGoVb3SaAod7y61vtwY5Ifa9kkqOcA2AFkmuB8d6OQvkqQwY_WsE5MqKiXI4ysk-rpUcPPAbZctP6AeU8hW3zoaLfZTyyoWS-RpL_JwRyJq1a07rSVnE1dsTxqwx-BUgxGq1HnKGZKltmoY5rK96Etp3q_iGiOQW7JKsS8hCVxD5oMa12rquQcq03REXJAQGU2TIqLqi6rXwJmqdO962O8Di8We95OgaZQ9sLqNI004_ExGOJX5tM86JdAc1vsYi_2fpyKLiecun9IrBCCJ7fPKvnAzesmQGB07gePI6tIkAJFlMs7k15ELdxF6D8iGAJxL5W0gPqHPw5sTexkALwL4dRR8O0CvgzSat7VLiRg4CXrDjuxNNZkkTvwuVOqpVN4Fxbon3ZUxaABOIdJJl8aUKHgcAm20x4YpYCYRkVFxy-I2fVEfO21kHFnMFuMvTHpZOCRDt4uYRNzgnIwNq3ARUtQSkXosKiGSY3iwvdXrvqoWPefGJrNyDOLKSjYWhEalj0NIzKZeuDxrJj4Rr87WBrRdCKo2LRgbekO1FXRQw9m8LSnWg6yC-Ks2ZSwaOi9sXqQcfIHqlIESOawEnIlhTvtGPHegsT4JmIovoAr-JUibP5zLSLlOGHjSTA3EAPHSS-lirfgqyCBynbMFPKdORiIbA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 5EFA
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmI2NzlmODAtYzRkOC00YWQ5LThmMTQtNDNhYzM1NmQ4ZWI0&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg-e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmI2NzlmODAtYzRkOC00YWQ5LThmMTQtNDNhYzM1NmQ4ZWI0&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg-ehGM98GjA33bM_lrxstUYWj-yYIPopZzXEOl0-n0TvZCbF8IIBzRUyZBDHW_4ysY5gUHhxvoqshdMMUDR1vK-IINXH_DU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmI2NzlmODAtYzRkOC00YWQ5LThmMTQtNDNhYzM1NmQ4ZWI0&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg-ehGM98GjA33bM_lrxstUYWj-yYIPopZzXEOl0-n0TvZCbF8IIBzRUyZBDHW_4ysY5gUHhxvoqshdMMUDR1vK-IINXH_DU
date
Sat, 01 Oct 2022 01:13:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EFA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEAkE5I8i6BSdCdj2gXaQ9S8&google_cver=1&google_push=AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieSNRKimj...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEAkE5I8i6BSdCdj2gXaQ9S8&google_cver=1&google_push=AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieS...
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieSNRKimj21vW9Hpzx8tEg&google_hm=2--ZvM-0Sw6y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieSNRKimj21vW9Hpzx8tEg&google_hm=2--ZvM-0Sw6y60XNjM2ulg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieSNRKimj21vW9Hpzx8tEg&google_hm=2--ZvM-0Sw6y60XNjM2ulg==
Date
Sat, 01 Oct 2022 01:13:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5EFA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBiy7eLspl-4Z9VILPuCpoo&google_cver=1&google_push=AZmPxg8ceWvzjuBZuTo78LbBHn2i6AUPcK2GBhavuuiTX-H7nEvuTQv4hiowduIv89TJcBYscLKyc7XQ1Z9EP6qW7QMc-l53e5...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8ceWvzjuBZuTo78LbBHn2i6AUPcK2GBhavuuiTX-H7nEvuTQv4hiowduIv89TJcBYscLKyc7XQ1Z9EP6qW7QMc-l53e5J...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D&google_push=AZmPxg8ceWvzjuBZuTo78LbBHn2i6AUPcK2GBhavuuiTX-H7nEvuTQv4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D&google_push=AZmPxg8ceWvzjuBZuTo78LbBHn2i6AUPcK2GBhavuuiTX-H7nEvuTQv4hiowduIv89TJcBYscLKyc7XQ1Z9EP6qW7QMc-l53e5Juug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D&google_push=AZmPxg8ceWvzjuBZuTo78LbBHn2i6AUPcK2GBhavuuiTX-H7nEvuTQv4hiowduIv89TJcBYscLKyc7XQ1Z9EP6qW7QMc-l53e5Juug
date
Sat, 01 Oct 2022 01:13:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 5EFA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEArEBBAm28PPpojBBsxkbTs&google_cver=1&google_push=AZmPxg-xiVzr3Fb4xAi9I3Ue50VKfpsOOgDL_ulvmhpZRJvXRdHXy39eBTleWGPmMyfII8_Il9...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEArEBBAm28PPpojBBsxkbTs&google_cver=1&google_push=AZmPxg-xiVzr3Fb4xAi9I3Ue50VKfpsOOgDL_ulvmhpZRJvXRdHXy39eBTleWGPmMyfII8_Il9...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11UGhtdnVoRTJ1R0ZrWVBnZ2tSUUxjTmRrNjJXbU1zVX5B&google_push=AZmPxg-xiVzr3Fb4xAi9I3Ue50VKfpsOOgDL_ulvmhpZRJvXRdHXy39eB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11UGhtdnVoRTJ1R0ZrWVBnZ2tSUUxjTmRrNjJXbU1zVX5B&google_push=AZmPxg-xiVzr3Fb4xAi9I3Ue50VKfpsOOgDL_ulvmhpZRJvXRdHXy39eBTleWGPmMyfII8_Il975UM_041N-R3vSgSMKMkM6b1U98IQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11UGhtdnVoRTJ1R0ZrWVBnZ2tSUUxjTmRrNjJXbU1zVX5B&google_push=AZmPxg-xiVzr3Fb4xAi9I3Ue50VKfpsOOgDL_ulvmhpZRJvXRdHXy39eBTleWGPmMyfII8_Il975UM_041N-R3vSgSMKMkM6b1U98IQ
date
Sat, 01 Oct 2022 01:13:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 5EFA
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENffBLMQE4vErqCv47ValAk&google_cver=1&google_push=AZmPxg_0rttykSiK1CPmsjFkafTLnINK1jIFqEe994PugQEKyvSYKE7GeZ4kZKL_ZBVYfYmYbv6ybKsrUs-5tp8SG...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTRjYjEzOWUtNWM1NC00Yjc3LTkwZDAtMTFhMDljZTc5MTVj&google_push=AZmPxg_0rttykSiK1CPmsjFkafTLnINK1jIFqEe994PugQEKyvSYKE7GeZ4kZKL_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTRjYjEzOWUtNWM1NC00Yjc3LTkwZDAtMTFhMDljZTc5MTVj&google_push=AZmPxg_0rttykSiK1CPmsjFkafTLnINK1jIFqEe994PugQEKyvSYKE7GeZ4kZKL_ZBVYfYmYbv6ybKsrUs-5tp8SGTgdPWQsmgELzw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTRjYjEzOWUtNWM1NC00Yjc3LTkwZDAtMTFhMDljZTc5MTVj&google_push=AZmPxg_0rttykSiK1CPmsjFkafTLnINK1jIFqEe994PugQEKyvSYKE7GeZ4kZKL_ZBVYfYmYbv6ybKsrUs-5tp8SGTgdPWQsmgELzw
date
Sat, 01 Oct 2022 01:13:54 GMT
content-length
0
sspsync
cksync.yahoo.co.jp/ Frame 5EFA 		35 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEOQZwu5LOTbbaQpviXZbQnw&google_cver=1&google_push=AZmPxg9mnEXSb-aNwuHmJCr12RoKRzAl6v4Zr4RdSTfASBDKUqRx4MAVE6G3RNo7UEyrRjwFnqdaT2JNW6xTUtmSW6ROECuHF8GciRs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.24.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 5EFA
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJ54NswucUSoCLeoBhTEq28&google_cver=1&google_push=AZmPxg8maEwRWFe6i6-FSrnST6p6DV_4ZCrWpeyEI9i1zO_yJLV8CWJO4JiIiGWzJj2R_89dxR7QfNDH8YJ7lazILIt8I_ITO...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg8maEwRWFe6i6-FSrnST6p6DV_4ZCrWpeyEI9i1zO_yJLV8CWJO4JiIiGWzJj2R_89dxR7QfNDH8YJ7lazILIt8I_ITO0vF5g8&google_hm=8314b548dc9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg8maEwRWFe6i6-FSrnST6p6DV_4ZCrWpeyEI9i1zO_yJLV8CWJO4JiIiGWzJj2R_89dxR7QfNDH8YJ7lazILIt8I_ITO0vF5g8&google_hm=8314b548dc913210255be567e4187628
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg8maEwRWFe6i6-FSrnST6p6DV_4ZCrWpeyEI9i1zO_yJLV8CWJO4JiIiGWzJj2R_89dxR7QfNDH8YJ7lazILIt8I_ITO0vF5g8&google_hm=8314b548dc913210255be567e4187628
date
Sat, 01 Oct 2022 01:13:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 5EFA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQGBj2ziowPHuYLmuTFp6qWCHAPEhxzTo0QBoFW7rrXiTvWRboBnv2It1uKs7LTjzVX8ernwFsrw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame AE84 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:49:26 GMT
container.html
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 62C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:53 GMT
expires
Sun, 01 Oct 2023 01:13:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2DEF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:53 GMT
expires
Sun, 01 Oct 2023 01:13:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 481A 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 18:08:59 GMT
age
371095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
etag
"b9e6b1d3ca7cc68d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 18:08:59 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 481A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Sep 2022 01:34:43 GMT
age
257951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"dcaf3864e0ab6b08"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Sep 2023 01:34:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 481A 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Sep 2022 00:59:44 GMT
age
260050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"95b4b320f7966d1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Sep 2023 00:59:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 481A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Sep 2022 01:34:43 GMT
age
257951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
etag
"5561dff7c028bd87"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Sep 2023 01:34:43 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 481A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Sep 2022 01:34:43 GMT
age
257951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
etag
"00747b471d2f1a24"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Sep 2023 01:34:43 GMT
truncated
/ Frame 481A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f96aeaba5355b65e8adb4bbbd2e04ae9c759dac2df06ca88d25af29addf35c5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
13556731753679583741
tpc.googlesyndication.com/simgad/ Frame 481A 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13556731753679583741
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
b53c5641931f7a79011eca8fbe7582ab69c6b3a85ea27beb442145bb8ffee06c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82866
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 07:54:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Oct 2023 01:13:54 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 481A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 09:49:53 GMT
x-content-type-options
nosniff
server
cafe
age
55441
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sat, 01 Oct 2022 09:49:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 481A 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:59:02 GMT
x-content-type-options
nosniff
server
cafe
age
69292
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 01 Oct 2022 05:59:02 GMT
l
www.google.com/ads/measurement/ Frame 481A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRii5DvaawNmF0brezkbKweDfvSe7Dfp3pv5oZMOajgNvPahD2Cim8N1-_4bWf-zRu5qxfOI_BVXDgshJ91E37Qf5vj2A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 481A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ7fXUZQ3Y5alMMz3rQG6xpGQBuqfxdRszNvP4oIQsJAfEAEguoTAM2ClgICAkAGgAY2714IDyAED4AIAqAMByAMIqgTKAk_QIq3K8UEkLaewZ_Sxtb5IC0vGM7JX9EaPkgZiM0I0pV38lNsaCcps5jvPkob4Xgodlz0c_Ch6fKAkE1QKUnkbX6dq2WGY6DYrPSagzEwPfMoiclkwLhDqylTyuyU69naxV1jh7h94ZEZBWuGECOidRGY8MQ-sxlC6Myh_HfGR3AtoLnTziOLcfKOSC5nOKA4XN5z7IDPQ6k7Af4SkQNG0Y9_7XsyJeAzUPfALX-9CVrQ_dla4zo-3RuJd5pw8QNfwH1WbNpHphU5WB3j3oPZy3kSU2dVJT46giYmQFsGc4iqWSzH_XeoWPl3f8G8UO5wfDjL3eSvrKOI0rRzdiFOcx6XtVE3-eBnWEFpGLVk8xaNchyla5Qyc9hxclj_Fd6DEbr3kajA-L_5a-jODGV6ehPa16I2StZnUCE-7ischlNJwtDGzuuTjjMAE1bqS4dYC4AQBkgUECAQYAZIFBAgFGASgBgOAB9vEqH2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCk6gPSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=GCIyQeXuaGE&uach_m=[UACH]
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 Oct 2022 01:13:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE84 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAvYKUZQ3Y-rgI8SXoQPi4qK4BwAAAAA4AeAEAg&bg=!ExClEFTNAAYQgTJdMIE7ACkAdvg8Wnd4eLxOsOJHH7DwuB6zXYJA9F89mXPxr3YpSWLOv9wYgGvueQIAAACEUgAAAAFoAQcKAEjDZW4DUekTHuJJjPvFGBHtpNQcFHW8X2radgYgXVPgiIpIk6Bdh3CRZfvdz8c0fEECOmUM7E8fI0I4ZLFd4FUWAuoz8LY8D7eZAxVrVC0M2iBDqt1LpdOeQEq6Y0ELheKH0UbQwFQKo74XxQb8jlt3QXGts7MGNbN_pz_Qnm8s2WV4c1JSxsa-5UQv6NYXfffllsjx01TKMcKRrHoqvDUw99Jyo9NrupvvSNf7RjAw0n99lnKTYQv9v0F6uuiBefdMJk9qkovZ6Y_B2VWe2AO3GXgSJLzEOuk0qtmypuUSEEu8dU6cId7Ydi2X3Ih4fN9gD1zdqO0C55M6drxo5kHsgBrFglyDWFKTc0BP9j46ycMMZ1O8NEZUd7wzsorwk_yb29d1VjpFU43vABzB1TEsgdsTtTHZZyW_jskV9_egSuQ86mA2abwG_O0HSP3-dRQKv3j7St_K-nGku7x8PaRxSoHf4Y0Aq5CKoh_U5BPellXosrbwwLpY2MGU9weqjttGABp_if1idqGjCC2eLb-4uEUp9N53L0dFsLCBlZcoiA81_xPCwLwYcGN4sPyjKvLpWYmgr8HBj4QBKfPbRhDYwJnbzA3zo_xlBlmM-m2bl6zx2gnfDihLyWk9zX_-3a9b5YGOjhSAILl4E6NcvPDBP8WxbDPPDKjyOPD3x0vUoynZRkx9QYMC1T689B0Bl_EdjN4Ns-urbSRQYucVLO_-kyjd0Qr0O6JgKGpoA5fWx5lsFUmxUljU4CYqfS4ULZpU9Vx5-Dd0FsuleX0rxTcPWrGQAhRYuRZEVMwa18pcpp2Vq2zmqMkmM8MHNE2tLQ8TKbsacBviBBusj_PWlGL46s6gRx8EW6lMxueSnSboiHc_baVlINQrsyioCs0Bh54lKKKEaYUAC7PHrxYxDqBjprd4oNubwJF2myMDVqHvZU_8YwWIRxwDZNzich_NcraMtYc4A6TDydrNq0vHGGVuVSVVp_6s0fjF9OhenmlIkg4z3D_3oSZm4ONkpsyU9sjJ10kWW3XCqSpffXsk1kJenS7t5IqVD9RJuctVf6X-l3xj9VIMXcCyOpLGSEoAs0K0QadQtM5tdpVoeTVdoiq_K-feRwogwynVJAmdVlSs76b-OTrmpW_76-MHp0I9OLo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664586832628&bpp=10&bdt=235&idt=296&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=7250029182810&frm=8&ife=1&pv=2&ga_vid=800534875.1664586833&ga_sid=1664586833&ga_hid=1864140366&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C21066428%2C31069992%2C44769661%2C31062930%2C31068919&oid=2&pvsid=2314726519442788&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.bs1tin2x94qb&fsb=1&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 203A 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
7fdf5ac73a635ea59763384cc107500ddbbd49c468b6ab7450a1f9741ea4679f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11307
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2C70 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDfhPyuPH77Zb0FQ_5Mj99XGnD0DS4dy5oJBxrKjO_kJutJAS0-ylLqANWgKWZy0RtvhKt9f2BEwpUfW_0WMF9H2D4d68RpfxyotGe6NvsVd4rQIUo_3lCoBrghbQraanxxgrbucT7DdFq0VoGw_BYEMEE4EhCZQb1PmfvPTHoyDKu9G2GySXwYrrSN5xzuPhw-J6bVqvZPxlE5J5eRl1l8cdPptmOrRfNFOfOOLQ8b_ix-mzOkGxX7DZkpFseV9Tweit642kMhRR6pKfd8lJBMhO0zkAn6K7i4T54MKe2RUzSp89I5EGQ-_YDgCAuVh8x-RF4iYoznmlaZ2iNiFbSuCFTAECjiXvCYUnEdi96y_ZHro6HDRCBXXlhLOGilncYZqPxtqPNcECxxo8JCa4-ETbVN4X14klME7A84BBNXvLIEAKgt4z5ihMHKdqOLd2Mt72sq_lWvMIVjzdvliLUpPouur3ZVJn3ZAo0qyqN5kfppEVMu74zrw4e9_WaIEwoUyGvNAPMsFuI5nNr0TC9gcFlqw4Ej0TohkjdQtMkTJ4Cl0yjeKxTxThjeh6frxgAxTI6jnDB1HFfv26H0cg-E07sQIkvYq1sk7Cb7hPUsH4XjrdLn3SHg9ensn6FsnBky0_w3YGRMbbTkflheHuLmtvECgaXBO6qzgbSD0aJgjuAdOZUNgRLrZzKdZ9e0txguEvlGgrUtCsxER4QQZr1JT3qZIe7rN8grjVCpbw6PMAkrXKM3C6fdBh59aDPHknnJr-EPi3TmzVApKXIYxCZKuBe8CQ9dJbWMhE2a2WBIBrQ49puUWSiCsO7BIVGnd8Stsdty80nvGIlPeD8zI6mfYaoWxBA6ZlwcdeVCo16WnL0_JdxHBxNAM2cuQWu4syQz2gAHCq7Rd9-xrhFAvPIS86P-K3TMCFb406qxoiJEEsMXUC6MziJSEQXyydPOBPRM9hcD23KxcUZ8BLSvGY8aBxfUScJh8OSqLvznQccT0iE93yX-J9uiQZuSdk5IST9cwc9a4UYgOBk-40gp6oNa4yy03DK0DnXrmeO7T9QYqbCt75ETv_D8zLg1kGbodaKixDNXissxegOsByuZcs-bxnSInU4oFmLqWqST8ZEORihD_89Ooyb2pGbdmt7niQmavRCg4RVwXr7fJq3RVIKLUUmc927D4CtJneK&sai=AMfl-YSpoxqYzX0PvGSNJ3k3IFOrHB3Ivyy0pkB40rwM3UdY3Kv9DSvqXbv0XjO_U5pxzsdSUyPsTS5Zng4ok9EkEjD4NJNYyUqrtN92Dw9qQdDj_NRRA-mv3itQH5jyUgdZiy6rl1WGnEx0WdYdx815s9wzD44wbeRl&sig=Cg0ArKJSzGunIf3EHpiQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=941&vt=11&dtpt=940&dett=2&cstd=0&cisv=r20220928.63207&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BA7Y81prYc0acB9vNg3jgCSBg0tZW-pTHceov2D69rM5F1erh2tVwSKD-88JWpQeomCN0EVOuRNFVEZB6_4Pi5qwpDspb2VVRghYym_kj27uA4agoh9hyUQRUMIrLVus33kd82XqoeP62RM39spqH-Vx80n0F01OxLf2fpKWGQq-8CJn0&cry=1&dbm_d=AKAmf-DSascJfQzjSWzq_RSoJs0gI6mqx_-alB2Qca6GWyyHhO9yURis2YzBkz5iQ9F7nVEcZcrCjCj83OjDcF5MB61DYWGAbCq6lZYy7nTobQHHGELCfbkostTurc0b4A-tXYMLI5a7LJOAnLPZkK60bUN3TAsUbXOcIQDLZNUCQtfatfJQNGhLNGm0K0Xu_QdH27y-B1VgUdy1AqzOvlMejNbvVTE7bLBL0wqGAefi9WS253ssnvfm8YJd4ZESY1xr9b8pPPDw7wrcapEQ5p2aLh8wgzJgzfZhoTz-HWhW5hKUvFFmAr0sfitc6GmW51PhjrYywOHKrtoOMv_WgX1FkQeBkd5qOBAM0D3NP4bZ_m_POrJuTTClE7Dh71zwuHnVy-YtVgAjc4oN5iGH-UCxDY6LBIY1FY0I9fI_flu4IEjEmIyjw5IVfA-w00a3Uc16uk7Xsh0b9WfkmREbeVD_sRucwxJVWOWTMfdl-E7PmSwiqPt7btnKFSYr46puR2oMGNBqVuHxZs7PyQVnsuJ0--Ab6-qakzd7cJlWFKxx4A_IuLOlmWgWbJV_a8lNS3DIfjmuDVdJgh4ZyR7BD7nYu6v7lyQRmPTAJMSLcyumZ05yKziZeFKsEO9tUzR-abIQQWTp2uSgcBsliLQUBxcL4vbUkWEJ2s-JRfCjUILKv2Iooxpv7oNQoCo-KxpTegMHDSA2mhTlx7zi1Xq5_DJzL8l8AY9YqQr2-sLFjKq0_WMBJZqEbcrsNlpVcqZFwpHfvHKD0tqOjR4aJCE8jyrW-l-viu53g_jHkrvRVnO28Xnkrf0SuDQQTFV5opzN8q6dpN2LsaYqlosB11PJPV21yaA7x4XynKcdBoy2s-aJwIm2qOgOSvkGuSgySWHckRtgvqGCwj7Q8JyH_BoE8v79dkzuBIKRah9zCA5Yk0pA90IE-cI8daNtB4LCxCizb07Cg8SmJzkl7Z4CysN-Jj4OMeFta2rWIAsqDXFWkZ2-uk31mi0haHkPgBSzJfwMbFAo4NNEHsU3g6CXhWPRNe7MkliGopQ-jcvylhz8bVMnscNLaHi6Yz_V-E6rYsQmthKvWuyKPdpfNGv9c5oVGdctMO6V6oW0DcSF0-xuACIBZAZ0XBuY2DYEN5YK67NC0gEephePCCJg1VeOASPSOTwNHRgMqXIpDJfmqPv_FYioBEaz63rjZXb8oI780EbLUwliRVIHmjyMpFsqRAvOA64xIhZ24eGZVUqW-Q-YgSbNsIB3DZGj-FX4t1UN6R-E4ToIB_4LUzOXMwYHp5jbqOWWyE4rwalZ-hxYooMcD0fdBcwkS_LnPHmAs7TgmJSQ4xL4oL7n10Ij0bmlZapWwqLV4sKRiiTIR3kbcGanPZ9nmdAwn8cAUUV_94P2fd3hdn05IEkGrvuFTVYFeocSIJ4ceUWUS2b62nBptF9ejZRfLBpaQu8doC1YrDUp7x9QGFmDaQrJ-ihl96bLHH-vtzpuLPiEbtOnSU2aMWyDvUW47FEigssuh6D2Sd008kffFdLq5KWHU6zMuxs_mQdgLBarLiVaBXx-lTqGA0rdWaib01z0I8hfNa57dcYl8T15QONNXborXfG6_JEPgubeSHvGFXU6nSbCBfePmf8g1EW08mRtFBatUU02VDWoDlElXry7oMop3IiODOSj3dJ0Vwn0wMdrVcmvwTbiowqrxkQHEPTbd_nuaANK05bFptNx-E7rgrtdTthKQMGSGffkLFcqByLF0irgMyA8zPeBx1qKZk8oaUjRUZufEjoFSuTZCEu2RE820_cbBxXWZxZ9K4tE7JcgJO0HkGgYBu3LplqPbbSKfigermE_Tq-i8pmuKOOamrnl_XHZigguh4Rj6i4Znu139JCon6lItsUd5zmQy2ztOtrHMwn0QkHFS3q14P8AHlVQyxb7TV40nqEfaEh1KYlskDmoTQQiMkr2NlLj2opViL4xZu0jCigQIvJfzeDAava2FWiy5Y3xblMoGRzo20uSTw2XtMMtHDY27PHqspT6rOFFUlPdoPuplWDc2mP7zPr7oGpEBwaeSIUNti8S4EgeRTfwLIf8M8NaTw5FSibuV0o_sXInvp9t6xLbESmADRtQZ5yjFb6Z4zk2qiJGoPdsx31rmW0FhkKpO_U-cZzlcau854dVJqH--1r5HiCygoEbS_jHyQZ8gQta_BI2iGboe1yyWKjbJnE-NoL66uhj1IXP8xwURskEDI4zD3zmy45uRLs_ks72pkAFE6Z_arO63qqaffP0VjZk_e3VGp6FlMJt_MYYyvJ0dEBnLBcXv2slGRujIyCGzdxj9XCyxj1ecsCMzr8AHb6aMeDAFWG_gAHhV2BdoHs-rYKO8svZl3rSQGTMCYBsXIef9gTXrQylhyDmC7ExAsveC4adhEMBlIWtpnSg9xALZoE4Jp2_Jd6Jcuhwee9Fr3X7q-i7EmYosihu_aWSIf0g-tYHdFU9j-R6Df28LPDygGOPXoWdSJlWji4PPNminrUVMzHJtEq4GJg5FCBI97HDour7YAWq1_bXLVC7x1TlbbUp267XTdsJonKgNczuUGb0UNnI0ZJRnykzJVpCvKNd5YMACtjSMWDuyeEJyayk0KZB6I1BYFmJiUY8CkpsCv2bFpYfSJYnmNaO3LIeot0FpB_JhQ9lGvMdgV97WAZisDfGjaP_s6uWSSw4yGljPyblurL-4_P99-Q1mA8qgSJVh8r3O4PAdzxOvy3HpS_7z6_VibdOKEFMLDw0I7kmf0gTsrFN4z3WTMb0HdrX_S_oHrwYJNLexQ2ygBNGJmY1Zu0Sg1ni6bhmhLFctz79Ufz8ExZtmFQLHWcIORzz9qXj-r5A09lOLMcGi3SJHRi7L0XmcKa_7BtM0jIcMz-iz1AtqmqOBIlthmBgB8nEqpNKdSU6TsJgUgmqWongIBiREssKJC2svsVi_k6oIKeEH5ZIQjxzuH6iEITJsJ9DfCJeYOm1QwoBJa8eOZNz3yGa8G5ayaQMBqJZyGh0tAHj8iME64KUl492p58jR9IscJM9P5Om09vlQsVYOSWuIf_ZgafsiJ7_fYQCl9xGP_Hl1NfLWOnWFMXn2oG6KwsfCAgJM_XA6uOXIf9YA-RyQcD1vak5xvTvzccX4oOExN8GyyM4xdU-b5-Do88MIURghg6gM2NVOU3KIc-WV84M5d9M6n94U9iFtBukPmnsJhjaWtxO_ntNGDwhjaAZMH5Ejy5_zzTACSST1m9pbmvn_ZllucRicG1D7cJi5vvI&cid=CAASEuRowtk_hVTXqWWAN8EsIHSwyw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 62C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyshgUZQ3Y5SlMMz3rQG6xpGQBtib0Ktqt7m5-qcNwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAa7pvMgDyAEJ4AIAqAMBqgTDAk_QtlxL9XYA-63w09nj8lvmzHR_zLBQUwz-8s5LaBQzOC79rED_fwEESVEmbWKOGr5BiEQyJQDHVGsU6-Q-i_DF_MnRvA4Ux8gQKnzbmLdAPpSgf-PZdofYTo7MBN8DP3Kix87Sb8NNrZyi6o2z9y8AAf2Jd-xOMGoG1I3m0P7Ky2T_K3cDoZxO1HAIHoQPbyITuNetvG6LjcrLWORGrFmqqUJ_SzegmcKnEs9sYOOi1w8Y4nMvMpr-pIAHFmeqWNMcNlgDoBmll3J1zDFQCmOShcaNiF7i-RALXTBlpFncBJ2nD9Hq6PAvmyONKxBG_vd94AmfNpBvdJj7DIoc65rah-HsbGREmfEnutJnzQFoYzlP82_1VyUkV1J_EiWYNHQ3NPsdP7KYSo-kVe09gGXBQQrJiLNHZp_88OVGGTEDZu644AQBgAbwh5---qLOyDWgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=TBWfRFCaYuo&uach_m=[UACH]&cid=CAQSPACsnQUxj8a10htMXhfVitPxqwv6ltYEImcAGO6B50buaMq-Ol1K4ERLUPO6jLqyiezu8y-CWYUBxjiWexgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
doubleWin
win.eskimi.com/ Frame 62C9 		43 B
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://win.eskimi.com/doubleWin?eid=2&w=EiEKFll6ZVVVUUFOUHNNS0syV1BfQTVHRmcQAhjwv-2IuTAYBCCAotfvCiit6_gNMQisHFpkO88_QXsUrkfheoQ_SISwprMiUJCXod4DWPDZCGDCxDpoAnDYnwKAAQaaARtDQUVTRUlKaWlod2c3OXpqUl9ScnJZaUxrVGeiARtDQUVTRUlKaWlod2c3OXpqUl9ScnJZaUxrVGepARSuR-F6FNY_sgEIIAJCAmF1SAHCASAIAhCt6_gNGJCXod4DIAEowCQwBTgIWMLEOmgBcAF4AsoBIGYzNGU5Njk5NWRkZjNmZjVlYjFiZmRlMTM4Y2ZlMjlj2AG8qeSn1uLp5bsB&esc=false&spent=YzeUUQAMEpQKK3vMAARjOpxHOi4kktNZzsSD0A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.27.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
mystyle.css
dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/ Frame 62C9 		919 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/mystyle.css
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
817228108b993bcefe00f04fb09477326204ba6af2e596ed59b4ac771a8cad18
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 01:13:54 GMT
date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:54
cdn-pullzone
692289
last-modified
Thu, 29 Sep 2022 08:11:30 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"63355332-397"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
5371cf8b2bbf32edcaa67915968fc4f8
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gsap.min.js
dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/js/ Frame 62C9 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/js/gsap.min.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
30bf084580eafb803e434b2dd4cda19eb68070fa742017f483762cc070b4a864
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 01:13:54 GMT
date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:54
cdn-pullzone
692289
last-modified
Fri, 31 Jul 2020 11:55:38 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"5f2406ba-dc69"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
5c878c24b58b4dfc778653b66c6abaef
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Draggable.min.js
dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/js/ Frame 62C9 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/js/Draggable.min.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
21925e61c628cbfcca948c44af08b72467172a01667a631dd0007834b5e54241
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 01:13:54 GMT
date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:54
cdn-pullzone
692289
last-modified
Fri, 31 Jul 2020 11:55:38 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"5f2406ba-80c8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
6bf3e3227efaf5726da403374e6cca26
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
cap
dsp-trk.eskimi.com/ Frame 62C9 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/cap?id=CAESEIJiihwg79zjR_RrrYiLkTg&dc=4&tz=%2B10:00&sgid=9234388996&pid=1002982288&cid=142576&crid=959042
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
2_83444633553f54468e_450215437.js
dsp-media.eskimi.com/upload/js/ Frame 62C9 		886 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/upload/js/2_83444633553f54468e_450215437.js?_=1664439285
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
8fd72e959727d0b0057ecefc2ca04c40b39ac21e4f2c1628c4eafba831f4b407
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 01:13:54 GMT
date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:54
cdn-pullzone
692289
last-modified
Thu, 29 Sep 2022 08:14:45 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"633553f5-376"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
abd71b9c456df15704f0ca4fd21d72f4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
code.js
dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/ Frame 62C9 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/code.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
003a837d00aaec93f7c895b72430c56dd6ec0df5fa6e1b4646b363f941112c71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 01:13:54 GMT
date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:54
cdn-pullzone
692289
last-modified
Mon, 25 Oct 2021 13:27:00 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6176b0a4-2989"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
13287cd36c96dcd02bd685b5a37b1c8e
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ad-choice.min.js
dsp-media.eskimi.com/assets/js/e/ Frame 62C9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.5
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
cbf3c064cae2cf267d7cc01cd279cf1adadc1387c3e542b387ac60a8a07bee7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 12:24:48 GMT
date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
01/26/2022 12:24:48
cdn-pullzone
692289
last-modified
Thu, 02 Sep 2021 14:37:16 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6130e19c-bfe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
ef284d3a4c93dc11ef6a794b00fcf752
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
cellularTracking.min.js
dsp-media.eskimi.com/assets/js/e/ Frame 62C9 		803 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/cellularTracking.min.js?v=1
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
33dc14e1be2ccee701bf1afe545c0602f2723e4bf29a824332bbf55486d38b0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 02 Jun 2023 20:05:30 GMT
date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
06/02/2022 20:05:30
cdn-pullzone
692289
last-modified
Tue, 18 Aug 2020 12:41:28 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"5f3bcc78-323"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
3d664dae66c68da40a1dc341dfa41802
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
utr
dsp-trk.eskimi.com/ Frame 62C9 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/utr?coId=CAESEIJiihwg79zjR_RrrYiLkTg&e=2
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 62C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 00:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 00:53:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 62C9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 01:08:59 GMT
l
www.google.com/ads/measurement/ Frame 62C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8oBip8wXFFtM3ix1jcB7MxFBxpYW22BS1Hfq1bYtc9M2r_eUk3808hIYkWsz_Q3MyIC-UG8sEhciFqVs37bUdk5ic4A
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 62C9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 18:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Sep 2023 18:23:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 62C9 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 203A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:54 GMT
css
fonts.googleapis.com/ Frame 2DEF 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 01:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 23:58:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Oct 2022 01:13:55 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2DEF 		2 KB
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 00:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 00:34:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2DEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxFmbUZQ3Y5WlMMz3rQG6xpGQBrmHqsxstqmZ4-MPlYee_rEJEAEguoTAM2ClgICAkAGgAZzquPsDyAEJqQJ5hRj26HmlPuACAKgDAcgDywSqBN0CT9A5VkUFJjnOqr5WeeqPdhEBPXZfj-q0aRXEOgu9smZsbKxelzo6kX_Vnw4iAliUYotMq74V98aY9VyHmiJRIfkJ1V5AzsECJ0yvhKEdBhKQRXswZ-lsPJaFbeCB1GkZRsCco8hqNMY1NdubQQD175Z4DI3RoPgxEGzbjTNfVd77Vg8SRo3JKgFP2wge_bRg4KjQTPXHLLyUTKgjzVg4IYB1epV8PEy9GW5hKanyRtlo2_NeRdr2UAVAiz-74PPpVsUuwN0YUvGyUbk3ct7EbsB5ld1-wFpgJFON0Tj8MFN9C5l13CTPtD0zlPRzw37joqYhjZ_cIK9b0zeXyNZXkb3nuM4kODjWJ0LjZxc2rTSNHGzD91ShdCTXJZRalkQ4NbLV2NraXD-IuRfB_YSf0Mk3oMJaDgKrMJYu4IuB1AeliUZ2Yu0rvL-Phm6J1cGZGnLLUBXVixR2YGY628AEq6fbwvsD4AQBkgUECAQYAZIFBAgFGASgBi6AB8yVxwSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCuiAfSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwGYDLfkxv_5A7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=QYw4zSfREwM&uach_m=[UACH]&template_id=515
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 2DEF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 01:07:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2DEF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 00:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 00:53:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2DEF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 01:08:59 GMT
l
www.google.com/ads/measurement/ Frame 2DEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPn0d4KnpmV6p3jtXJ6Kq6kQl5h1VjNthJybg0dsUHzE6dbiYxrMsH4HHu5R-MH20NPc7MXylDI_lU5IbLSjBJtMTYWw
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2DEF 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:55 GMT
270cb447f650f22be90b4349b85576c2.js
www.gstatic.com/mysidia/ Frame 2DEF 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 00:52:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 29 Dec 2022 05:32:33 GMT
9601297064202836687
tpc.googlesyndication.com/simgad/ Frame 2DEF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9601297064202836687?w=100&h=100
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
37c4de34d63a769957d7baa0840538ad77025bd63c2b78766519b89699f90c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2835
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 23:59:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Oct 2023 01:13:55 GMT
truncated
/ Frame 2DEF 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/getconfig/ Frame 37B5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js?bust=31069992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
bb457069db223ccdf70f704e69173908b1ac8f48a3fd37ce7f20ab81ca625cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11159
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7118 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
6cba27853a80cbc2d1de992ca97c328d7b12251818503ecd197cece45f7bc1ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11132
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 481A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sat, 01 Oct 2022 01:13:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 56FD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
139546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 10:28:09 GMT
expires
Fri, 29 Sep 2023 10:28:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C67B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
GSE /
Resource Hash
2285364c1527a32e96ddb22ac181ea5f2df445e6d583c1f40faa2886e0ea18d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uudac-ng5boZKi1IJBZ7TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Uudac-ng5boZKi1IJBZ7TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:55 GMT
expires
Sat, 01 Oct 2022 01:13:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1047 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
69123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2DEF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
456c09892a08f48a597fa8afbeae21d5995a9d73f2ead0dcb9bf83dd415e0cef

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pic1.png
dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/images/ Frame 62C9 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/images/pic1.png
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
cfda16366d4e14235a8d71335e5717cf303f82380499646d9e5a3057a56e7a1e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sat, 01 Oct 2022 01:13:55 GMT
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:55
cdn-pullzone
692289
content-length
94177
last-modified
Thu, 29 Sep 2022 12:04:42 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"633589da-16fe1"
content-type
image/png
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
66989a951454803cff5f3de2288b1d3c
accept-ranges
bytes
cdn-requestcountrycode
AU
cdn-status
200
expires
Sun, 01 Oct 2023 01:13:55 GMT
pic2.png
dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/images/ Frame 62C9 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/images/pic2.png
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
cfda16366d4e14235a8d71335e5717cf303f82380499646d9e5a3057a56e7a1e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sat, 01 Oct 2022 01:13:55 GMT
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:55
cdn-pullzone
692289
content-length
94177
last-modified
Thu, 29 Sep 2022 12:04:42 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"633589da-16fe1"
content-type
image/png
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
8c2b52572089094662136f6986f78568
accept-ranges
bytes
cdn-requestcountrycode
AU
cdn-status
200
expires
Sun, 01 Oct 2023 01:13:55 GMT
pic3.png
dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/images/ Frame 62C9 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/images/pic3.png
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
cfda16366d4e14235a8d71335e5717cf303f82380499646d9e5a3057a56e7a1e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sat, 01 Oct 2022 01:13:55 GMT
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:55
cdn-pullzone
692289
content-length
94177
last-modified
Thu, 29 Sep 2022 12:04:42 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"633589da-16fe1"
content-type
image/png
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
f23200a1f9a336be4d6642513a43d1a4
accept-ranges
bytes
cdn-requestcountrycode
AU
cdn-status
200
expires
Sun, 01 Oct 2023 01:13:55 GMT
adchoice_logo_15x15.png
dsp-media.eskimi.com/upload/wl/eskimi/ Frame 62C9 		293 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15.png?_=2.1.0.5
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
d7a8e13b65622c665aff7562e5e47af2ade5b08398a3fecfeedc4a84544d40ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sat, 01 Oct 2022 01:13:55 GMT
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
01/26/2022 12:24:48
cdn-pullzone
692289
content-length
293
last-modified
Thu, 14 Nov 2019 13:40:34 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"5dcd5952-125"
content-type
image/png
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
753797b312489575c558ae98ce72eb67
accept-ranges
bytes
cdn-requestcountrycode
AU
cdn-status
200
expires
Thu, 26 Jan 2023 12:24:48 GMT
col
dsp-trk.eskimi.com/ Frame 62C9 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/col?u=CAESEIJiihwg79zjR_RrrYiLkTg&exid=4X3qmevbIFC_NxV5wGj2bN_EG8R4gi3OMMzQornndI-6FCzJ6P-yCeX74Esy5jYT&exidtmp=1&ct=0&cntr=au&ipl=2918568192&op=0&conn=0&extid=2
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
utr.min.js
cdn-europe.eskimi.com/ Frame 62C9 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-europe.eskimi.com/utr.min.js?cId=142576&dmid=36824&trv=0&fla=0&locid=0&sId=9234388996&src=utr&spt=CAIQrev4DRiQl6HeAyABKMAkMAU4CFjCxDpoAXABeAI&pId=1002982288&bId=1664586833904.2.YzeUUQANPsMKK2WP_A5GFg&crId=959042&vv=0&prb=6&dtid=2&trve=0&audid=0&baId=ead-41d92ac87480679df5d500c94d8024be&mr=0
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.120 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d54880119f0b820d2bcda604d93b516f4f9da8284d3215230b63ab6d1dd2528

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1961
x-guploader-uploadid
ADPycduk7aCW9IwLJgRy8OKyzD8J0rHGO7DEFhT1V6cWfxj5hOSq8X0bcODh5u9dn6bp6_40SnMptOzJTxua2frNYqfUQg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 06:38:16 GMT
server
cloudflare
etag
W/"9504c6c8eaed2c9675a8ff01255e9826"
vary
Accept-Encoding
x-goog-generation
1636439896715049
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=0FsiuA==, md5=lQTGyOrtLJZ1qP8BJV6YJg==
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XEfyuHRFdFOLsQOlGcCw4UbgK%2BgDSqB6%2Fr%2BerlJ%2BMOs34POsCHzu%2BX1v%2FtQnnbTy2P6jrqJL%2FApp%2FiwBDFuTIC%2F3mK11lNY%2Bo30FUpLPqaY7LJpOp9fp%2Fg7vYn16r0xq%2Bcl9l38MDw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
11112
cf-ray
753156a8984ea86e-SYD
expires
Sat, 01 Oct 2022 01:41:14 GMT
gtr.min.js
dsp-media.eskimi.com/assets/js/e/ Frame 62C9 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
9815c5028421996acaf760f85539642ed35bfdb7e2ca0f4a5411530accfb4689
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 12:24:53 GMT
date
Sat, 01 Oct 2022 01:13:55 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
744
cdn-cachedat
01/26/2022 12:24:53
cdn-pullzone
692289
last-modified
Mon, 20 Sep 2021 07:46:35 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61483c5b-12fb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
8b1d71b23fe041d9d8f9cf130024af2d
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 69AF 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
69123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
icon.png
dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/images/ Frame 62C9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/images/icon.png
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/mystyle.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG2-744 /
Resource Hash
35ab6b849009dca5d51bfcf9c85b80b2de2e00b1ae79158cd2338964540c27f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://dsp-media.eskimi.com/upload/rm/upload/1664439089/wave_Slider_300x250/mystyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sat, 01 Oct 2022 01:13:55 GMT
cdn-edgestorageid
744
cdn-cachedat
10/01/2022 01:13:55
cdn-pullzone
692289
content-length
6747
last-modified
Fri, 31 Jul 2020 11:55:36 GMT
server
BunnyCDN-SG2-744
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"5f2406b8-1a5b"
content-type
image/png
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
f2cdbb09bbfd9945e6bcc511c91f68a0
accept-ranges
bytes
cdn-requestcountrycode
AU
cdn-status
200
expires
Sun, 01 Oct 2023 01:13:55 GMT
truncated
/ Frame 62C9 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4633d2d65a9738c99428fc92451fe7af51f23df6d382b18508d3b3cbd403e56

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 37B5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js?bust=31069992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:56 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7118 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 01:13:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C67B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=4056235245441197&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dpixel
cms.quantserve.com/ Frame 1047 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMj5pfgbwOSZEG4l7hvodtg&google_cver=1&google_push=AZmPxg-K-V3mDvNtoSDx8BxmoOdZSYC2a3XYp6259MkIryASdM_2jR_xUTYY6BIw8qxgA1XYS5TaGLDzqceY9hu-J8PhcY49nJijPdV8KhrLK0ZFazOfHmPh5a_WU-YVs2iAwMM-9xDGRB7nu57VG1dz6v8
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1047
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEpGT2Slw6jPIQ9FJxx7muM&google_cver=1&google_push=AZmPxg8XKFqAifrEUI2ECzh3HIAd05-ROnLsNgg4BEs0ayu00SPpzK0VM8XUhRJBdZc_9t138Q5WN82_v12uyJnSn-...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEEpGT2Slw6jPIQ9FJxx7muM&google_cver=1&google_push=AZmPxg8XKFqAifrEUI2ECzh3HIAd05-ROnLsNgg4BEs0ayu00SPpzK0VM8XUhRJBdZc_9t138Q5WN82_v12uyJnSn-...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzZhMTJlYTktMDgwMi00NDAxLWIzMjYtZGY0NTlmNTFkOGM2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c6a12ea9-0802-4401-b326-df459f51d8c6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzZhMTJlYTktMDgwMi00NDAxLWIzMjYtZGY0NTlmNTFkOGM2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c6a12ea9-0802-4401-b326-df459f51d8c6
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzZhMTJlYTktMDgwMi00NDAxLWIzMjYtZGY0NTlmNTFkOGM2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c6a12ea9-0802-4401-b326-df459f51d8c6
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 1047
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmI2NzlmODAtYzRkOC00YWQ5LThmMTQtNDNhYzM1NmQ4ZWI0&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg_C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmI2NzlmODAtYzRkOC00YWQ5LThmMTQtNDNhYzM1NmQ4ZWI0&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg_Ca5C6XeNvhqcAfUg8Wpp5JfVm54VsBExh59SBJHyN5ox-RH4fDVJVV9rx4cGsYXI_RooXz7FokVIcvXhht-WdoqSlAzQxKii2j3J_iNpxtn8731Yu4l22Wvb4M4nO5Ztq021EnQeJWus03GKyDZM
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmI2NzlmODAtYzRkOC00YWQ5LThmMTQtNDNhYzM1NmQ4ZWI0&google_gid=CAESEMHN3dDoUjr6m64GssaKrY8&google_cver=1&google_push=AZmPxg_Ca5C6XeNvhqcAfUg8Wpp5JfVm54VsBExh59SBJHyN5ox-RH4fDVJVV9rx4cGsYXI_RooXz7FokVIcvXhht-WdoqSlAzQxKii2j3J_iNpxtn8731Yu4l22Wvb4M4nO5Ztq021EnQeJWus03GKyDZM
date
Sat, 01 Oct 2022 01:13:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1047
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEGpdLdtGd7FJM2FcrVYdjRo&google_cver=1&google_push=AZmPxg92KubA4ASNfhlNxAM5VlwPque6x1uP-qQuGseSiOnynwm-oDUai7m-R5nnvuOvKT3eH38MYrv9jtiS2vm...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AZmPxg92KubA4ASNfhlNxAM5VlwPque6x1uP-qQuGseSiOnynwm-oDUai7m-R5nnvuOvKT3eH38MYrv9jtiS2vmss1L8suj_l2x4GW42LJTx4LlPYu7I8_b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AZmPxg92KubA4ASNfhlNxAM5VlwPque6x1uP-qQuGseSiOnynwm-oDUai7m-R5nnvuOvKT3eH38MYrv9jtiS2vmss1L8suj_l2x4GW42LJTx4LlPYu7I8_b_ZWNUYSj3jItXWg2vz00L6Zn7cw4Yl6AeftQ
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AZmPxg92KubA4ASNfhlNxAM5VlwPque6x1uP-qQuGseSiOnynwm-oDUai7m-R5nnvuOvKT3eH38MYrv9jtiS2vmss1L8suj_l2x4GW42LJTx4LlPYu7I8_b_ZWNUYSj3jItXWg2vz00L6Zn7cw4Yl6AeftQ
Date
Sat, 01 Oct 2022 01:13:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1047
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEJEZ33SPkT8pqrnqt7obdi4&google_cver=1&google_push=AZmPxg-Y4RrlIdJGxBiVePIUZCaC4U6wobQpMkebOarz5mWEjdfu_VGItIssUvOetGEri9MnkZsMvJygvLvQ-WW5qx0s...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-Y4RrlIdJGxBiVePIUZCaC4U6wobQpMkebOarz5mWEjdfu_VGItIssUvOetGEri9MnkZsMvJygvLvQ-WW5qx0sEfr3S5IDySGfcGfC-LYScJx_TcKvE1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-Y4RrlIdJGxBiVePIUZCaC4U6wobQpMkebOarz5mWEjdfu_VGItIssUvOetGEri9MnkZsMvJygvLvQ-WW5qx0sEfr3S5IDySGfcGfC-LYScJx_TcKvE1sQhxouTQFJKTcg0l3tkrUC7fRnj2Fami8
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-Y4RrlIdJGxBiVePIUZCaC4U6wobQpMkebOarz5mWEjdfu_VGItIssUvOetGEri9MnkZsMvJygvLvQ-WW5qx0sEfr3S5IDySGfcGfC-LYScJx_TcKvE1sQhxouTQFJKTcg0l3tkrUC7fRnj2Fami8
date
Sat, 01 Oct 2022 01:13:56 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 1047
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIyhIrW4scNHFNBct8AjFIw&google_cver=1&google_push=AZmPxg9ziCmkfv5ELxGKvnG7ZS75bvTHFppw2LQFJiNOk7WQ6E9QqcBfS15IXZQtS43w7pxO_1y8f5CTY72VEKvTP2SzSoGj1...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3NTg4NDM2NjgyMTQ0NjAwMFYxMA%3d%3d&mn_hm=MzA3NTg4NDM2NjgyMTQ0NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9ziCmkfv5ELxGKvnG7ZS75bvT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3NTg4NDM2NjgyMTQ0NjAwMFYxMA%3d%3d&mn_hm=MzA3NTg4NDM2NjgyMTQ0NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9ziCmkfv5ELxGKvnG7ZS75bvTHFppw2LQFJiNOk7WQ6E9QqcBfS15IXZQtS43w7pxO_1y8f5CTY72VEKvTP2SzSoGj1goSZYujqWZcZdtUmOU9WQo_PG3mA905-qXXwgqRc_NUcdyu_nyuzFMT_A&gdpr=&gdpr_consent=
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:56 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3NTg4NDM2NjgyMTQ0NjAwMFYxMA%3d%3d&mn_hm=MzA3NTg4NDM2NjgyMTQ0NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9ziCmkfv5ELxGKvnG7ZS75bvTHFppw2LQFJiNOk7WQ6E9QqcBfS15IXZQtS43w7pxO_1y8f5CTY72VEKvTP2SzSoGj1goSZYujqWZcZdtUmOU9WQo_PG3mA905-qXXwgqRc_NUcdyu_nyuzFMT_A&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 01 Oct 2022 01:13:56 GMT
pixel
cm.g.doubleclick.net/ Frame 1047
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEONtbqTA-6CSW83a2jPYqY0&google_cver=1&google_push=AZmPxg-5J_5vJ8167bI3X4VtbIwoNMZA4z4oBDIu2Zv4Tz7gkp7zibFEg7ZVAOFRujQFG6FmFecWkUljrnsbtzi...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg-5J_5vJ8167bI3X4VtbIwoNMZA4z4oBDIu2Zv4Tz7gkp7zibFEg7ZVAOFRujQFG6FmFecWkUljrnsbtzi7xSW2Qk9i8WgAejhJYrF_ZwyDdVUjfX4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg-5J_5vJ8167bI3X4VtbIwoNMZA4z4oBDIu2Zv4Tz7gkp7zibFEg7ZVAOFRujQFG6FmFecWkUljrnsbtzi7xSW2Qk9i8WgAejhJYrF_ZwyDdVUjfX48JlhFR2FuWrYEQdOQ5gwq1vDhvjE80rC4-i63&google_hm=Njk3YjVmNjctZDcyZC0zMjk4LTg1YTUtNTI3YzA3NzU1YTUy
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg-5J_5vJ8167bI3X4VtbIwoNMZA4z4oBDIu2Zv4Tz7gkp7zibFEg7ZVAOFRujQFG6FmFecWkUljrnsbtzi7xSW2Qk9i8WgAejhJYrF_ZwyDdVUjfX48JlhFR2FuWrYEQdOQ5gwq1vDhvjE80rC4-i63&google_hm=Njk3YjVmNjctZDcyZC0zMjk4LTg1YTUtNTI3YzA3NzU1YTUy
date
Sat, 01 Oct 2022 01:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1047 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpYeRmRaN7iZ7akgjQk0h66oPoH0gHToRTctDLi3M2icm0nEbrbXBdKfn-bJts2VwWtx6FOQ
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 56FD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:49:26 GMT
pixel
cm.g.doubleclick.net/ Frame 69AF
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEC041LUVOpMU1zJPCQZaI9k&google_cver=1&google_push=AZmPxg9ptbT8UnIjZjvUNZYuAniYWt9WDTDk4EZlL0TeTbUzMrRxBEDGbfeqX_AOTT5_DPLKMIJIXonV9UkA31lMpe2oFZ2J...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg9ptbT8UnIjZjvUNZYuAniYWt9WDTDk4EZlL0TeTbUzMrRxBEDGbfeqX_AOTT5_DPLKMIJIXonV9UkA31lMpe2oFZ2Jcsg_qg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg9ptbT8UnIjZjvUNZYuAniYWt9WDTDk4EZlL0TeTbUzMrRxBEDGbfeqX_AOTT5_DPLKMIJIXonV9UkA31lMpe2oFZ2Jcsg_qg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg9ptbT8UnIjZjvUNZYuAniYWt9WDTDk4EZlL0TeTbUzMrRxBEDGbfeqX_AOTT5_DPLKMIJIXonV9UkA31lMpe2oFZ2Jcsg_qg
Date
Sat, 01 Oct 2022 01:13:56 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
sync
gdn.socdm.com/rtb/ Frame 69AF
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEDaym_GvHiuo5KG5TMbn1ac&google_cver=1&google_push=AZmPxg9a0iS0zzxHjQ61QSJRQwUcB7kJJ_pLKPyy_immA3Rc26Ie9X3gRLfO8W-QMi07A...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXplVVZNQ284WVFBQUxYc0Vxa0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDaym_GvHiuo5KG5TMbn1ac&google_cver=1
43 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDaym_GvHiuo5KG5TMbn1ac&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
HTTP/1.1
Server
202.241.208.3 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:56 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEDaym_GvHiuo5KG5TMbn1ac&google_cver=1","cluster_id":56,"gdpr":false,"ipv4":"173.245.209.22","key":"YzeUVMCo8YUAAMm6LiMAAAAA","privacy_sensitive":false,"uid":"YzeUVMCo8YUAAMm6LiMAAAAA","upstream_id":"a-ad40222"}
X-SO-Key
YzeUVMCo8YUAAMm6LiMAAAAA
X-SO-Upstream-ID
a-ad40222
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40222.dc2p.scaleout.jp
X-SO-UID
YzeUVMCo8YUAAMm6LiMAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
173.245.209.22
X-SO-Cluster-ID
56
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
9
X-SO-LB-Hostname
a-ng40006.dc2p.scaleout.jp

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDaym_GvHiuo5KG5TMbn1ac&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69AF
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDmH9KhP_0eUUqA3Yl8u6QE&google_cver=1&google_push=AZmPxg_niSAYpVxjcZ14OGf1y7lMHEeOnUgfLNOdYgciVVTBbdu4DRNuZt2JPsNhQYIs0LsLeUh1P2XcxsTomYCOo2mTQ5O7wM4qaw
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_niSAYpVxjcZ14OGf1y7lMHEeOnUgfLNOdYgciVVTBbdu4DRNuZt2JPsNhQYIs0LsLeUh1P2XcxsTomYCOo2mTQ5O7wM4qaw&google_hm=jtyrwZIOz8QzuUSTrxPGjQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_niSAYpVxjcZ14OGf1y7lMHEeOnUgfLNOdYgciVVTBbdu4DRNuZt2JPsNhQYIs0LsLeUh1P2XcxsTomYCOo2mTQ5O7wM4qaw&google_hm=jtyrwZIOz8QzuUSTrxPGjQ==
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_niSAYpVxjcZ14OGf1y7lMHEeOnUgfLNOdYgciVVTBbdu4DRNuZt2JPsNhQYIs0LsLeUh1P2XcxsTomYCOo2mTQ5O7wM4qaw&google_hm=jtyrwZIOz8QzuUSTrxPGjQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
hmu394qdsiherjo4segf5uitk9hlpusj
pixel
cm.g.doubleclick.net/ Frame 69AF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEApL8yAQTaF_0U_NhqjMoVI&google_cver=1&google_push=AZmPxg8oMOSkyPWS1RV50k7Y4MinKf4X1Z7Lq_dztyWJxbwcr2EV1SNqb6ij88irlxgx-5fMQGMTQFc6M8kEf...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEApL8yAQTaF_0U_NhqjMoVI&google_push=AZmPxg8oMOSkyPWS1RV50k7Y4MinKf4X1Z7Lq_dztyWJxbwcr2EV1SNqb6ij88irlxgx-5fMQGMTQFc6M8kEf...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8oMOSkyPWS1RV50k7Y4MinKf4X1Z7Lq_dztyWJxbwcr2EV1SNqb6ij88irlxgx-5fMQGMTQFc6M8kEfAZlhrO3OZCUE-NjlQ&google_hm=Mko4V0M2cmNMNV9wbn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8oMOSkyPWS1RV50k7Y4MinKf4X1Z7Lq_dztyWJxbwcr2EV1SNqb6ij88irlxgx-5fMQGMTQFc6M8kEfAZlhrO3OZCUE-NjlQ&google_hm=Mko4V0M2cmNMNV9wbnNYbFIzQ20=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8oMOSkyPWS1RV50k7Y4MinKf4X1Z7Lq_dztyWJxbwcr2EV1SNqb6ij88irlxgx-5fMQGMTQFc6M8kEfAZlhrO3OZCUE-NjlQ&google_hm=Mko4V0M2cmNMNV9wbnNYbFIzQ20=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69AF
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEIyLThu6lbhdX6vy3OpcEDA&google_cver=1&google_push=AZmPxg_tNOsUgUcZzroe_rEHwYYe8FQGaMgxpjE1ZiKGs79IoFWgPd9CuWaOK-IUo-_UfCb8Zn-jde8KsRXBZySCQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg_tNOsUgUcZzroe_rEHwYYe8FQGaMgxpjE1ZiKGs79IoFWgPd9CuWaOK-IUo-_UfCb8Zn-jde8KsRXBZySCQ7DEP7ekt_FVLw&google_hm=Af771BZG2kXKjAF0dt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg_tNOsUgUcZzroe_rEHwYYe8FQGaMgxpjE1ZiKGs79IoFWgPd9CuWaOK-IUo-_UfCb8Zn-jde8KsRXBZySCQ7DEP7ekt_FVLw&google_hm=Af771BZG2kXKjAF0dtkWUys
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg_tNOsUgUcZzroe_rEHwYYe8FQGaMgxpjE1ZiKGs79IoFWgPd9CuWaOK-IUo-_UfCb8Zn-jde8KsRXBZySCQ7DEP7ekt_FVLw&google_hm=Af771BZG2kXKjAF0dtkWUys
Date
Sat, 01 Oct 2022 01:13:56 GMT
Server
Apache
Connection
keep-alive
Content-Length
233
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 69AF
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMoO1IAUg2TpdvLiL0Wjhw8&google_cver=1&google_push=AZmPxg9sS-n60vUHHYDYO4P-moNDHSXQ5IWPKwmQXUVZKMCmmixtFZ_0osuUfGBrKdg499efOCAN4...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9sS-n60vUHHYDYO4P-moNDHSXQ5IWPKwmQXUVZKMCmmixtFZ_0osuUfGBrKdg499efOCAN4An39_fWjZ1e4hUdjjCp5D0vBA&google_hm=WXplVVZNQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9sS-n60vUHHYDYO4P-moNDHSXQ5IWPKwmQXUVZKMCmmixtFZ_0osuUfGBrKdg499efOCAN4An39_fWjZ1e4hUdjjCp5D0vBA&google_hm=WXplVVZNQ284WVVBQU1tNkxpTUFBQUFB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
56
Date
Sat, 01 Oct 2022 01:13:56 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEMoO1IAUg2TpdvLiL0Wjhw8&google_cver=1&google_push=AZmPxg9sS-n60vUHHYDYO4P-moNDHSXQ5IWPKwmQXUVZKMCmmixtFZ_0osuUfGBrKdg499efOCAN4An39_fWjZ1e4hUdjjCp5D0vBA","cluster_id":56,"gdpr":false,"ipv4":"173.245.209.22","key":"YzeUVMCo8YUAAMm6LiMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40222"}
X-SO-Key
YzeUVMCo8YUAAMm6LiMAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40222
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9sS-n60vUHHYDYO4P-moNDHSXQ5IWPKwmQXUVZKMCmmixtFZ_0osuUfGBrKdg499efOCAN4An39_fWjZ1e4hUdjjCp5D0vBA&google_hm=WXplVVZNQ284WVVBQU1tNkxpTUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40222.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
5
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
173.245.209.22
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 69AF 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEB4DAw953ZS21Vi-HADg1a8&google_cver=1&google_push=AZmPxg9LdnuWyk8Gc-pD2GRIeujlJIOU1X6kpCUsbOvLXVJyrMSbs1R_EchgsE506hmZrCvppkLuje-4h78D8aWSHmQTpjARk2peew
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 69AF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jum_k1-PHIGWe7XpPOW6iOpJM21hzpOMXwBjIoFXNlhVjwyUktMojYEE7cZPgW1HkbUUCa
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gtr
dsp-ap.eskimi.com/v2/ Frame 62C9 		2 B
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-ap.eskimi.com/v2/gtr?&t=1664586835349
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.11.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.11.120.34.bc.googleusercontent.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
date
Sat, 01 Oct 2022 01:13:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
trv
dsp-trk.eskimi.com/ Frame 62C9 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?coId=&bId=1664586833904.2.YzeUUQANPsMKK2WP_A5GFg&cId=142576&crId=959042&sId=9234388996&pId=1002982288&trve=0&trv=0&trvv=v2&dvt=&dvm=&locid=0&audid=0&prb=6&src=utr&spt=CAIQrev4DRiQl6HeAyABKMAkMAU4CFjCxDpoAXABeAI&_=1664586835356
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
trv
dsp-trk.eskimi.com/ Frame 62C9 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?coId=&bId=1664586833904.2.YzeUUQANPsMKK2WP_A5GFg&cId=142576&crId=959042&sId=9234388996&pId=1002982288&trve=1&trv=0&trvv=v2&dvt=&dvm=&locid=0&audid=0&prb=6&src=utr&spt=CAIQrev4DRiQl6HeAyABKMAkMAU4CFjCxDpoAXABeAI&_=1664586835357
Requested by
Host: 4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
URL: https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame 56FD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ugCXnQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2DEF 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:14:35 GMT
x-content-type-options
nosniff
age
14361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 21:14:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 481A 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDwziOTyLn2YBNSDHV_hr0YtfU5FZMIqnhJh4BvEiPPBssGNabhWeGyvxA-swYcDlCH5B4AtO7BjGEdaeK3cCljfROQdCP9g5N77rQge7VoL-w-XQ379DP4llrgbCGaVQbf_NHnMrZ9amYuMPC6e9VfuDlEKelgQ&sai=AMfl-YQS0h4q6kmCzTMamsIHmw39aa8R0H0bdud05fnC41HKDe_6sDE7JvavpHbgAfv5eO8CnLlmzzkzXsyUo9Mqs8GeLqCkds9fhHPsIP5A0V3yYeI3UMcu_WTsnBx7TDA&sig=Cg0ArKJSzJwwnOp_6mTGEAE&cid=CAASFeRo9La6gMfMxxZyaasq1nYc9XtqtA&id=ampim&o=5,300&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=696&tls=1699&g=100&h=100&tt=1699&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB7F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
139547
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 10:28:09 GMT
expires
Fri, 29 Sep 2023 10:28:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 06D2 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
GSE /
Resource Hash
6f8fb6ba4991dd07be9f1cf44ba2656655f8baa1dc39741cd698e406d8378396
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H4Eu0Y_1OaV1-R3aIPWXfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-H4Eu0Y_1OaV1-R3aIPWXfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:56 GMT
expires
Sat, 01 Oct 2022 01:13:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A68A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
139547
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 10:28:09 GMT
expires
Fri, 29 Sep 2023 10:28:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3B76 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f106.1e100.net
Software
GSE /
Resource Hash
ca64d780d71b208ac1100062020b51704c3e15925b15d2439c4daf13e589b8b8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wF-8thmp01BRKr94l9iz1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-wF-8thmp01BRKr94l9iz1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 01:13:56 GMT
expires
Sat, 01 Oct 2022 01:13:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 203A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=4056235245441197&bg=!MjGlMXXNAAYQgTJdMIE7ACkAdvg8WmRmqhOHlOH3QQe_0tAyD67m2V3JXp683gdbYSQKwOrnen9TlAIAAABkUgAAAAFoAQcKAEiHibNyeXdE2y4FMjw29W432dSKYiy_VntT_D4Eswk8DIRDELGA5W44ZFlqZysprRiNgutD3cwiZcL3o9uo3Csc3_lfKcM85KmZArunHKQFvwALedE6IZHB23ujwfPVP-4J88pKjF0cZqEA-Qt760YDOwMXSwVrgVFxIeLW5UbJBatavdmpEcc3BkLtCzO8cmCFMtk0tjI1r4e5kemqve-CivnUr7-pGRqRLA6QfIykoncnzTXwPtxH81MnY931HTO0NGE_YBrGeeaKYeh56tXlLSrj_zeKsJ0js1Sshb6BVIwqG88XuUkBy6jvxRb8q7oMQVdrG9LbU3pgN8GLL0kN_JqHt5QrI0CJSGB6M6_XOWMsY4hYFJX7ms_zO7fXGgqm2SMoys4Ntt3AuHPGszWcWOOKj_nnG7x8NSllrWnUDK7enYFHRiNZyWezcIjqE7U9BBg8YT-7HRiOxxqI_YOV4L2r1kOERp9-EOukSKz4hBla7VOVE_O1hbRfVpzDTxVNYodXjtjEPThIZYQTjklZxKMALxI8mxhOCvfgG8CCLCQCPiD5s5-9eucdvypxMYcfQrqJQUp8xUup96POVuf7lLQpY6GIwLkFQratWtq9bWTs4xNFol9wJLZkKjHN1D2I5V5nuEZMY0ZiqwsMS78YO4DQ2w8F51yS8Sn_5yyO1BombcJy66f7qOJYqHEFf0kFQLVy5-WTeBMpX5VAF2-iesjwGeunWhvhWUhzffoIO1y_cWw1EMHvuHVZn5LO7ZNBkn3iPWkMBjCzgJb46DsxU8FOe8l7fnIl6qNczvKUJx4l-k0e5MtD9o5RzWFXaxC06IT7ndunJO1zsVM2KklrBEe0BkY-6rDgiqR6KJC6wN_rr3oLov-OWrczfi3rQvl2nVQQr0oUzfH03-E0uPrvzP5fB6Mn6eZjmXt-l7ZvtUAv1VWQt7X9-6wezu6wb9L_zCjKjDumGBfKYmm_RUIWhwQQjXCcOdpwG8N21Df39TGZsECZlanNY_-wo7iIiu2sNo-cjHU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
trv
dsp-trk.eskimi.com/ Frame 62C9 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?coId=&bId=1664586833904.2.YzeUUQANPsMKK2WP_A5GFg&cId=142576&crId=959042&sId=9234388996&pId=1002982288&trve=1&trv=1&trvv=v2&dvt=&dvm=&locid=0&audid=0&prb=6&src=utr&spt=CAIQrev4DRiQl6HeAyABKMAkMAU4CFjCxDpoAXABeAI&_=1664586836386
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.110.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.110.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 06D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=2314726519442788&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3B76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=817492877369404&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame AB7F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:49:26 GMT
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame A68A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:49:26 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 01 Oct 2022 01:13:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
486528
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		336 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b76a56ceef748a50323136974997e094f3afa6f316131593dd0772707a49a39d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1494288
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
afd2e660b31a86296f6fbbd5159d6d5651a03f206a5b887b618e83453c98e23b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 01:13:56 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 31 Oct 2022 01:13:57 GMT
/
onetag-sys.com/usync/ Frame D144 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664586831204
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame FFC0 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.44 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
71456dbfbeaae91e6b16e5e116a17873e3be7cab776a756df4789a46e1aae83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 01:13:57 GMT
expires
Mon, 03 Oct 2022 01:13:57 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 137D 		533 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5b34131d0cb71bfa21f703330a25e70bbd67f0591b61ceaab3f57f26ce547153

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sat, 01 Oct 2022 01:13:56 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame EF0B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
adf902a639dd0b9a6ba4eafa62e86554e3c215338481f1839fc019d720858716

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
459
content-type
text/html; charset=utf-8
date
Sat, 01 Oct 2022 01:13:56 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 8CAD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 01:13:57 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame AFB1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.7 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 01:13:57 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 739C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.81 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
22737
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 30 Sep 2022 18:55:01 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 246214ef31ed453f8169b5e54f10a176.cloudfront.net (CloudFront)
x-amz-cf-id
cW30_DJ9ioZOeIxQ4bqkjeZSqjhppRSRL5qmhWz0KgMLO39K5X22Uw==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 01FD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70175
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 01 Oct 2022 01:13:56 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4, 65097
X-Served-By
cache-lga21956-LGA, cache-syd10130-SYD
X-Timer
S1664586837.934130,VS0,VE0
g.pixel
aa.agkn.com/adscores/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=955dcabf-9295-4566-a613-1ea5d3830624&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523293851477180124&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523293851477180124&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=0e5ea6d9-f834-449d-9a31-b686758cbb25&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523293851477180124&ssp=adaptmx&gdpr=0&gdpr_consent=
0
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L8P80RCH-J-KIWN&gdpr=0&us_privacy=1---
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L8P80RCH-J-KIWN&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L8P80RCH-J-KIWN&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
us
sync.go.sonobi.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D955dcabf-9295-4566-a613-1ea5d3830624&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3365%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D9...
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMTNmNTAzZC1iYTc5LTNmYzktOGY4Zi03OGU3YjIyOW...
0
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=955dcabf-9295-4566-a613-1ea5d3830624
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A&gdpr=0&gdpr_consent=
date
Sat, 01 Oct 2022 01:13:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
8343f4948a1e06602c96c09048af2e48.jpg
static.bg3.co/imgs/202105/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8343f4948a1e06602c96c09048af2e48.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f9edb636cdd76e984b19cca7dec48b085f69cd274541172936dbafa6617c79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:57 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:38:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8343F4948A1E06602C96C09048AF2E48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egeUWUw9kxXTMxxzu7%2B44Ys9SvEpQD5fxGxNs93hTsg7nZ9mvEcD8AQHuHT%2FW%2FDzkq5QpWBz13Z2GJUla8e6pBBSWlaB1EVV6nyUBfCDN7i1h1wjVv5Xi%2BIraIh2Q4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
753156b198b7a894-SYD
content-length
49126
expires
Sat, 08 Oct 2022 01:13:56 GMT
generate_204
tpc.googlesyndication.com/ Frame AB7F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ynhd7A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame A68A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tKV1VA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 69C3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:49:26 GMT
xuid
eb2.3lift.com/ Frame EF0B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c6a12ea9-0802-4401-b326-df459f51d8c6&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=c6a12ea9-0802-4401-b326-df459f51d8c6&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 01 Oct 2022 01:13:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=c6a12ea9-0802-4401-b326-df459f51d8c6&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame EF0B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EF0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGGuuez4JpB7fuhLNLXyurg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGGuuez4JpB7fuhLNLXyurg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 01 Oct 2022 01:13:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGGuuez4JpB7fuhLNLXyurg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EF0B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE5NzczMTU2MDc3MTkyOTk1MjE1Mw%3D%3D
date
Sat, 01 Oct 2022 01:13:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame EF0B
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3197731560771929952153&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3197731560771929952153&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2ecf762e-b0e3-409c-83fb-4e0e1e6c1faa&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2ecf762e-b0e3-409c-83fb-4e0e1e6c1faa&_noobservation=1&_expected_cookie=204451f...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2ecf762e-b0e3-409c-83fb-4e0e1e6c1faa&_noobservation=1&_expected_cookie=204451f66140539a4d080991bedcccdb
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.101.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 01 Oct 2022 01:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
753156bc08cedfc1-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2ecf762e-b0e3-409c-83fb-4e0e1e6c1faa&_noobservation=1&_expected_cookie=204451f66140539a4d080991bedcccdb
date
Sat, 01 Oct 2022 01:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
753156bacf7cdfc1-SYD
content-length
0
xuid
eb2.3lift.com/ Frame EF0B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3197731560771929952153&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=681c66064f314273a351bed7aee0feec&ssp=triplelift&bsw_param=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
0
0
xuid
eb2.3lift.com/ Frame EF0B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3197731560771929952153?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8drADilE2oRRSbtInTZBVCMggm4VXqdciKOeRW1F3g--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8drADilE2oRRSbtInTZBVCMggm4VXqdciKOeRW1F3g--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 01 Oct 2022 01:13:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 01 Oct 2022 01:13:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8drADilE2oRRSbtInTZBVCMggm4VXqdciKOeRW1F3g--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame EF0B
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3197731560771929952153
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3197731560771929952153&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3197731560771929952153&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BY5B43WAT6D8EHG4VX5T
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3197731560771929952153&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame EF0B 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3197731560771929952153&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 132F17C83F5045FB9DDD8127439BC93F Ref B: SYD03EDGE1319 Ref C: 2022-10-01T01:13:57Z
etag
"8766f3fc1fc7d81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame EF0B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=2J8WC6rcL5_pnsXlR3Cm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GJFDQV2DGZZGG...
0
0
sd
us-u.openx.net/w/1.0/ Frame 137D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3958530015422089641&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3958530015422089641&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3958530015422089641&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 137D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=518a21fd-3b88-76ea-d5cd-08247c0afc37&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6a12ea9-0802-4401-b326-df459f51d8c6&ttd_puid=518a21fd-3b88-76ea-d5cd-08247c0afc37&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6a12ea9-0802-4401-b326-df459f51d8c6&ttd_puid=518a21fd-3b88-76ea-d5cd-08247c0afc37&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6a12ea9-0802-4401-b326-df459f51d8c6&ttd_puid=518a21fd-3b88-76ea-d5cd-08247c0afc37&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 137D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzeUVMCo8YUAAMm6LiMAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzeUVMCo8YUAAMm6LiMAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 01 Oct 2022 01:13:56 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":56,"gdpr":false,"ipv4":"173.245.209.22","key":"YzeUVMCo8YUAAMm6LiMAAAAA","privacy_sensitive":false,"uid":"YzeUVMCo8YUAAMm6LiMAAAAA","upstream_id":"a-ad40222"}
X-SO-Key
YzeUVMCo8YUAAMm6LiMAAAAA
X-SO-Upstream-ID
a-ad40222
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40222.dc2p.scaleout.jp
X-SO-UID
YzeUVMCo8YUAAMm6LiMAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.22
X-SO-Cluster-ID
56
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzeUVMCo8YUAAMm6LiMAAAAA
Cache-Control
private
X-SO-Ads-Time
7
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 137D
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Aa68nuPNZuBIks8ADsaW-xUuHM8AAAGDkRtvAQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Aa68nuPNZuBIks8ADsaW-xUuHM8AAAGDkRtvAQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
via
1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Aa68nuPNZuBIks8ADsaW-xUuHM8AAAGDkRtvAQ
cache-control
no-cache
content-length
0
x-amz-cf-id
eaCpe8owyCZktRS0baFPzR39d0YVTVvccw7pV7rGv5SeCIrwkSfEqg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 137D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2RlNWYyMzctZjJmZi0yODRlLWMwMmQtNTI5ZGI2ZTgzMjU3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 137D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGXwxKWBUZKXwY9G_P5alg8&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGXwxKWBUZKXwY9G_P5alg8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGXwxKWBUZKXwY9G_P5alg8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 62C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEU_tObpiZt03vo0DUUQKdttRxPuqCwjd8Xpey_V2Rc38jkNA6S9KKcQDmts53koVPWqYY4-7JwBie3NJbrDjnFrMt&sig=Cg0ArKJSzCDrEE9M5bnREAE&cid=CAASFeRoljttzG-6wnhOOyNUT6hvVxR8xg&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664586834281&rpt=1667&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 01FD 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:57 GMT
AN-X-Request-Uuid
3be307ec-66e2-491d-8e8f-419b90c1f4cd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.22; 173.245.209.22; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 37B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=2314726519442788&bg=!YmGlYSXNAAYQgTJdMIE7ACkAdvg8WsAA19AByMsSh4jmEFCYqLfom8_e6b1g5H_ZN1nkp4pNzietlAIAAACbUgAAAAJoAQcKALXRC3DKVqCEeYfpjV01NwQB_ohxdqjYvPsBkM8zPaEUZdrdlUa0pFrLRdzkk61SkVlOd9FO3z3f3JT4aYkrhcpz1TJRlBWcE4ABOvgClecJo2pPJFcgLnE-uzssz4wyMg-S27WCN1aQuZmbYOlqz-vjinGoT2Nc4ucwGXEE29iZ37mXncJ_ey21w180XUe-mkt-EMmyF-R-w9Mp6e_EzVLF_aM2101y5-JPnM4iN_VqxsuwfyRkmQLSRcRUvsjfe9cKGMOq0b20gNl3qFWoJMEO8J4He_DULVIzw4lybZy3us28y7UFi5HyPmsbhtuNk_hKeRs_L1sp5QFI7RZyufX02_WoGrTzuRxKrTx28A9i9UV8glC2gZHakV9vfmSN0kOEjBoRBvkQs7v7tTtZwxbGpyJVHTJ4z1J9WP1YxKJZdqsjde3CCVBlfyJ1CquwtEXSFusrpfKPDbnVdCGbbmOSDBRuXL75ZpovaPbDi_XgZrQ3qGiaMR4VhnyTyheJRHQRYUUYzy0X75KkZdqBYOh0ac9MNuKUv9C3gUzXaPeW_-12ip13vE9wyWRfubDQecq425_A8okImPGFM14-2B2RaMnzPXoOrDFJbeZ2n5dobnyy_V_Ja5xLEHhHSMWCaJEYqc9TSL8nfMNVn8tC17lXLcw7k2zamlCsyew_xbifv5wBTbR-76xkhNiobhBpVBJ1hcRlu01b4KK4PV97tMqFlEsWcfUOSVB55uoqwMY8cZIDV5Dcofj94hoTcoBHTg4B6wvymeV5ZvrZ1047AUPL3HXUFI0UhJd1txAjkfGm6hiprwCifFH3-fdAqqRIhEXzINKvVw2NTRm4mCqhCps3_D-1BWZKbRGevP0vFZ8YEAwgxyAMV9roy90PxXYIFj3EZhwe4PBZmqC_fvSY2ugIjtKvjTOLcyvUau02sBSujUt3pqwuZUx10HEagtRFToPaxCD4mKrjiMqadnkgrxc8qPpWWqAA9UO-6Bk8woMqp56cfUMLw9XrwXQteX2YeX7_J8s_x6woJzJG_ZzIU1eQxxP6dgYcvboiq0g5G_LQ66jGGNrbeuZeFl-dNjp32Re18gwJN5sWe7ssZg-kz7CioczrO9CopZGbwJjKUJOXtFf6aV2Ec5l50C4LLpbOtda0gUcCeX0FUAFLmwh6yiLaaSerngPvGzIQqo_-t4TavkF2lfRJ7ykyuSg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7118 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=817492877369404&bg=!RkWlRQHNAAYQgTJdMIE7ACkAdvg8Wkx4atotk4KuJoY6I4XKH8LT_vNnSvQCc3_XDoNr7ORS6m6dxAIAAACJUgAAAAJoAQcKAGF5xTo0gzerM_Hp_c7ZnR94Auofyzro5msSuJfnl6o1gi7FU9l-18M8As9my7A4J85Hzfl-zjyiFtQf6yuHV8CRHMVMK3Pz2SeIfzcMTCRV6ihhxqcD_QEPsuzImwkjLzYimQK3HmZqeO-hDFv2H12XRP-PlsycvhaWD3sMSphwQz-gTSvvx5EgsDYurNkoyztTNfNmISg7EFDGEGwQi9aY8M0AEFROEAL7DiagL7r290jbCRgqpDg3Bs5SnGgPSCbzsZgBJErHm5dNPI3mQZo5es3Xv9AU6cS-WAeSySTxRzDOTXMMkVeS7SZaXs__4oC2mY_Cg2D8rYgiE0dznspTNCHl5cyndeJL0_NnwBYORmXw81hxxnMgVR0LjHEuqQJdKb-KjsQff0Z128P_XkRZoarlNi45sSxgcO1emztY09DhOn5l1HR_Jg5Z_whn8Z6jIEZWTlOpSSTHp_QjCqh92tVzMGsLqqf4keTv4qrQvSbw4LrGjp3Hk70Lr0JZZ-JLz_ObHZhGNivsC_s1X-RahiI5f0zAgEEl0H0BZL_7YGzlAGKA3FY06S5tpOlnFv71w9zqoRwvTEdsqgi1HwtArs4AHiZkIzHugYq0viPLRKkpO5FKH4G3DKzkj1VJy9XU--j3lKevyBuyTVo2URVWhYuWXQgG3nTZOXXzrrm23VcXBss6HVTSYpFqC29z5Ed3KO-y3d6X6UG0kCFwaQmb1ELdej9zeK7tJwZmicWLROz5UvOANQQTSUzi2PMwPq9QKNTqGp9ZuPfWxAooOwploVfrtOaqERCqcTQO7xJX63UVy6L9sPMZ2S5BTwy1foeCbkz6Qwp3KicLTMACPBR9LonpumCKFEA_-X-t0F3ESfIR3gB-tTvebNrgymt3Kn8ZYfk8Cp0klX9gWCd6VXO0EH28AhUqv4IwhEQ3iSoJME8tyNXggL-cH61xTY33mweL7DQEnOwut3CtYE7uSWj9XjAozMm013leZ3X5vCjaavRB4-qJ_hTpUhOIT4nDYGjcROYm2Fy_HhBj10ShTsL-FmpV8iyQXoCjvGo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 8CAD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a990c1548dfa09adfa38710df97525b6952b8146dd58b0f2793eb339fa29a901

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 01:13:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85918
Connection
keep-alive
Content-Length
9422
Expires
Sun, 02 Oct 2022 01:05:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CC20 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac6b85de0e8e69156c4a400ef1e15806c9098fd8c9174823d307abdfe1eb0ac

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
753156bacf5fa831-SYD
content-encoding
br
content-type
text/html
date
Sat, 01 Oct 2022 01:13:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRjsIefClc%2BaSlVzea4umGe8tKZpNW834aCuslLJT8GG7B8qVFUNC%2Bb8%2FNzy%2B62GmDgeeybDmv%2FMpsbgNIiLLEX24lCwIJwtVfcPq7NQuKyXYKqvBLSJn2qFcw%2BxwbsoNtjtCUgmBlcCbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
gum.criteo.com/ Frame FFC0 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
524039
expires
60
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 9668 		0
0
cm
p.rfihub.com/ Frame 883A 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF80 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dpba%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=127286
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 01:13:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 02 Oct 2022 12:35:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame FFC0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dapx%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=apx&refUrl=&vid=45868378503075884366821446000V10&ovsid=5395455281270982228
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=apx&refUrl=&vid=45868378503075884366821446000V10&ovsid=5395455281270982228
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 01:13:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 01:13:58 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:57 GMT
AN-X-Request-Uuid
2fce99eb-656c-4896-a053-76410992ba3f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=apx&refUrl=&vid=45868378503075884366821446000V10&ovsid=5395455281270982228
Connection
keep-alive
X-Proxy-Origin
173.245.209.22; 173.245.209.22; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame FFC0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3075884366821446...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3075884366821446000V10&type=opx&refUrl=&vid=45868378503075884366821446000V10&ovsid=99a64862-9088-4c0a-b682-764acee56eeb
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3075884366821446000V10&type=opx&refUrl=&vid=45868378503075884366821446000V10&ovsid=99a64862-9088-4c0a-b682-764acee56eeb
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 01:13:58 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 01:13:58 GMT

Redirect headers

date
Sat, 01 Oct 2022 01:13:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3075884366821446000V10&type=opx&refUrl=&vid=45868378503075884366821446000V10&ovsid=99a64862-9088-4c0a-b682-764acee56eeb
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame FFC0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dmma%26refUrl%3D%26vid%3D458683785030758843668214...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=mma&refUrl=&vid=45868378503075884366821446000V10&ovsid=2d586337-9456-4200-87db-9d514c7b31d6
0
0
RX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004
sync.targeting.unrulymedia.com/csync/ Frame FFC0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dr1%26refUrl%3D%26vid%3D45868378503075884366...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dr1%26refUrl%3D%26vid%3D45868378503075...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3704468924
  • https://sync.1rx.io/usersync/tradedesk/c6a12ea9-0802-4401-b326-df459f51d8c6
  • https://sync.targeting.unrulymedia.com/csync/RX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004
0
0
cksync.php
contextual.media.net/ Frame FFC0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45868378503075884366821...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45868378503075884...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=dxu&refUrl=&vid=45868378503075884366821446000V10&ovsid=Re5EDc1x1OEr4O5
0
0
usersync.aspx
dis.criteo.com/dis/ Frame FFC0 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
116408
expires
Sat, 01 Oct 2022 00:00:00 GMT
bidswitch
event.clientgear.com/cookie/ Frame FFC0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96
0
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame FFC0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Dzem%26refUrl%3D%26vid%3D45868378503075884366821446...
  • https://stags.bluekai.com/site/23178?id=2J8WC6rcL5_pnsXlR3Cm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJSJI4FOQZWOJRUYNK7OBXHGWDMKIZUG...
0
0
sync
rtb.mfadsrvr.com/ Frame FFC0 		0
0
um
cs.emxdgt.com/ Frame FFC0 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Demx%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.45.231 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:58 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame FFC0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6a12ea9-0802-4401-b326-df459f51d8c6
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6a12ea9-0802-4401-b326-df459f51d8c6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:58 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 01 Oct 2022 01:13:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6a12ea9-0802-4401-b326-df459f51d8c6
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
activeview
pagead2.googlesyndication.com/pcs/ Frame 2DEF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssP50b0Uq23v6Bg58fQzefBb8PYX_Jyyv541odf_uZ9Lkqco_n46W9MqwDRzR8F0tfAbJWdYVcYIClsCmVKuG5Tp1B9QJIFmyfJhBF_bV5nxWrsI2wY2F8B5SBKj__pEIqHxha3hohiDl3MDnL1uBoiSadWaJSM1DBlqRsSJYzwwTLS6WAx_Wt1CbfrEvWhCKndlwQONwdwDWHGKha9XOKylaOeMTAbSLl4YSgsE8JDTJvA5K2Ug66sjDBHJ1qYoLqOZC4Nx9-dYNOhvX-MJhy1OzOdWqPh8prcLhwMEDfcsr8WyRv_BodbSl9xzfgdcBzxnqP5Sd-Ka7lDNx4QV1AxnRLViF37n71MK7Fhd5SSP5gVtdTfaqEhfPRNQdeOYd1aq8ePXcDkgSPi8axGp97guFfkcf4sVGtyoEvmjLW3kLVNxc3RGtil1bEsMMs36adi76gHx-uHCGd5pqwmSDaCOvx9KTYRFmwW1HVf_UTvGCnSuiBdVu9zm4I-cQ9U4p65dor_IS3IsTnBzP3E22-cdNfXGdxMYQxIp7YhLXx89qDsaRfWSwVa75dxptAfCU7CkpDR1HN0y8eRZaAaynpWcbJnM4J85k9ImnVSFELhAPevZJZF5QwFdWPZVORZwAEIUBdZxsBXy9QpMHiwh-LUp56QHv7kKBjWU0bksw87fC-YZnjziNishW-Y5r5noAI9loCENuwJLnYhktMIf-aZHVilYn_G1qh-PQ-QTBEPB5NIuT_uXH8wYhkV_WIZ7WXArGCqNtSvB9WDRJQiGWIKtos52iPfxDJwqWjN6thtmlbgjDPRweV6kBpB41NyjdzU0Ds1VEbFe6sf6lRRxKm3p_4y7oiEgHel3qsjemu_iw4aFnHGtywkeZqv0fLNfRt8ErMq4zVuH2HeqcZ0p0n43JFX_U_vMfG2AsIwuvBE2s_3WOhoE5C6OCn0PgESyykGjK6qO3AvGOtaTbeDt2xghVMp-SQz-mv45q9B1qYrTLy-ZYiK0a8nk_tEE2poKVWtskFqlRdnXTcy8Wj5OHWpROawQ5TdAuDp0aj3550aYgJubaazHwXWHoPImgkSXFuygZ-RKfjFvLwmaZaE0IQyamZAoVcG6qyM7sq4JwlDONICwY44HacO6Eg3qI0fsmU79wb396gJNRfIwGG1x4bfN-U8bzygK9uZ04rA7UuOUmtgF09cwX2xaYTCJzxMXBoKFr6QHzahqTq6jlfQIkQHk8GXSmwoeA0c7kZJOVdge601VgYkxrjyAFMUpoUMWKB7rYIBt0cMQgL7bvZ2WgJVXVvhy2UuRn4leWuNORQ60vjJP_V2IaLoMkgkR01vBDCYf8ArVyIdyaHc1H_3&sai=AMfl-YR0oZ8pzruFWQ7gHSy_YQe0Lx6I1xfm7b5BUF2xryVjB5nimlkAdnljZJ05FwbfXQKOt_bRisKpfzRl8wGamnYwnIRK4L9O3jP4K0sqDNJcu7ffgX1FMu9WktYwxnMz20NAv2yJ_M-EUG6v&sig=Cg0ArKJSzDTAAokzxXCwEAE&cid=CAASFeRokxTY1_ftiIYmhlfYEKAyTmxWIQ&id=lidar2&mcvt=1028&p=1110,436,1200,1164&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664586834392&rpt=2438&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8CAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/HR6Jgn4qsdcjCIkk0cistw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4219349577304337726
0
0
ecm3
s.amazon-adsystem.com/ Frame 8CAD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HPk7ptGbRhq7wcXFykBiKQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HPk7ptGbRhq7wcXFykBiKQ
0
0
setuid
px.ads.linkedin.com/ Frame 8CAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8P80RCH-J-KIWN
0
0
tap.php
pixel.rubiconproject.com/ Frame 8CAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHn7SkjO2ICikmVmnxgUmuc&google_cver=1
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHn7SkjO2ICikmVmnxgUmuc&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHn7SkjO2ICikmVmnxgUmuc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8CAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQODBSQ0gtSi1LSVdO
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQODBSQ0gtSi1LSVdO
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQODBSQ0gtSi1LSVdO
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8CAD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6a12ea9-0802-4401-b326-df459f51d8c6&gdpr=0&gdpr_consent=&expires=30
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6a12ea9-0802-4401-b326-df459f51d8c6&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6a12ea9-0802-4401-b326-df459f51d8c6&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8CAD 		0
0
pixel
cm.g.doubleclick.net/ Frame 8CAD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2M3YmRhYjkzNWJjOTNjMWE0MGViNGYwY2M3YTRkODg2ZGU5ZWQzNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2M3YmRhYjkzNWJjOTNjMWE0MGViNGYwY2M3YTRkODg2ZGU5ZWQzNQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2M3YmRhYjkzNWJjOTNjMWE0MGViNGYwY2M3YTRkODg2ZGU5ZWQzNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9s0&_p=222&cid=2133585900.1664586833&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664586832&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-rou-sou-tiao-wen-zheng-mei-jing-xie-mi-shi-shang-jie-bu-neng-shuo-de-xian-shou-mi-ji.html&dt=%E7%B6%B2%E5%8F%8B%E8%82%89%E6%90%9C%E3%80%8C%E6%A2%9D%E7%B4%8B%E6%AD%A3%E5%A6%B9%E3%80%8D%E3%80%80%E7%AB%9F%E6%B3%84%E5%AF%86%E6%99%82%E5%B0%9A%E7%95%8C%E4%B8%8D%E8%83%BD%E8%AA%AA%E7%9A%84%E9%A1%AF%E7%98%A6%E7%A7%98%E6%8A%80%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 01FD 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:58 GMT
AN-X-Request-Uuid
7effea83-7c9b-4af8-8ce7-1c8f99623f53
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.22; 173.245.209.22; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F1A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=127286
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 01:13:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 02 Oct 2022 12:35:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 9EC1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.33.212 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d7a22b50e92f9673c79981c053949983b406f3d29248617af8175fa02c27f6b0

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 01 Oct 2022 01:13:58 GMT
etag
W/"09c89db3d9d40e7bb73c87399c38eda6d"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 1D96 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 0141 		844 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
36baab59eadf0a6a85a6d2fafd46afad2e41f78418a6b7b0beff423edc8454fc

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
844
content-type
text/html
date
Sat, 01 Oct 2022 01:13:58 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 44F2 		2 KB
939 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6519a65cdf8997d35f9d12400675c7f2b66dba5317f2939a7e5d51cf9dc41fb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
753156badf70a831-SYD
content-encoding
br
content-type
text/html
date
Sat, 01 Oct 2022 01:13:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgDmUJDrx3s5NgB32F9kn2ExAB4ZveXg0%2BlHnS7yIKW9w4CLNf3FMwp%2FwEKfvH%2FEbQOBHMUrEQqHCI7RdrnaUUUBlT1sNNGcWN8pwT%2BR2Z0wf4G21Jvi0hgwuY89DCUNUAsN8CmkGOUuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame E4A7 		0
0
setuid
x.yieldlift.com/ Frame 739C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8P80RCH-J-KIWN&gdpr=0&us_privacy=1YN-
0
0
sync
ads.servenobid.com/ Frame 739C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5395455281270982228
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5395455281270982228
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:58 GMT
AN-X-Request-Uuid
be8aad6b-8c63-425f-9fed-d0bff2cada51
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=5395455281270982228
Connection
keep-alive
X-Proxy-Origin
173.245.209.22; 173.245.209.22; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 739C
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
0
0
pixel
ap.lijit.com/ Frame 739C
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
0
0
getuid
x.yieldlift.com/ Frame 739C 		0
0
RX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004
sync.targeting.unrulymedia.com/csync/ Frame 739C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1664586838343
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=696867815
  • https://sync.1rx.io/usersync/tradedesk/c6a12ea9-0802-4401-b326-df459f51d8c6
  • https://sync.targeting.unrulymedia.com/csync/RX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004
0
0
cm
p.rfihub.com/ Frame 739C 		0
0
usa
sync.go.sonobi.com/ Frame 739C 		0
0
2997
prebid.a-mo.net/cchain/1/ Frame 739C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F2997%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D955dcabf-9295-4566-a613-1ea5d3830624%26bidder%3Dappnexus%26cbx%3...
  • https://prebid.a-mo.net/cchain/1/2997?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=955dcabf-9295-4566-a613-1ea5d3830624&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&...
0
0
sync
ads.servenobid.com/ Frame 739C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A
date
Sat, 01 Oct 2022 01:13:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame 739C
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMTNmNTAzZC1iYTc5LTNmYzktOGY4Zi03OGU3YjIyOW...
0
0
sync
ads.servenobid.com/ Frame 739C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-r_IRKO9E2uHn4WUEXw9CcqDB0HwntFWxajnjxhk-~A
date
Sat, 01 Oct 2022 01:13:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame CC20
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6a12ea9-0802-4401-b326-df459f51d8c6&expiration=1667178838&gdpr=0&gdpr_consent=
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6a12ea9-0802-4401-b326-df459f51d8c6&expiration=1667178838&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGEYqOi0PsYPlOQlpvRXIVIZl42ha%2BeRj9bizgJaPP9OB0X1BjchJrlkotJrazfiNplc5GHtCh297cc9KkcXhtS5TAiZa5ItxDCUxaBa41GWcJaLYcxRNXG4BnCZOjWz5SsyzHpVzh%2F5Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
753156bd6946a829-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6a12ea9-0802-4401-b326-df459f51d8c6&expiration=1667178838&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame CC20 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 01:13:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0ZAPXM2V5GHCZFVP7R52
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CC20
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE2uDi9piVLW6huH_z5VE24&google_cver=1
0
0
YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CC20 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.219.108 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-219-108.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame CC20
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3958530015422089641
0
0
rum
dsum-sec.casalemedia.com/ Frame CC20
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=e912d065-1c79-967a-9863c063
0
0
/
csync.loopme.me/ Frame CC20 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.172.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
753156bd7b91a894-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CC20
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.255.219.108 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-219-108.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB
date
Sat, 01 Oct 2022 01:13:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame CC20 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzeUUWU-BsXtuw7mpk8XoQAA%264698
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 01:13:58 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
102
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
753156be2f80a80d-SYD
content-length
43
expires
Sat, 01 Oct 2022 05:13:58 GMT
getuid
secure.adnxs.com/ Frame 44F2 		0
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 44F2 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664586839.741706,VS0,VE0
x-cache
MISS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-syd10174-SYD
ie
match.prod.bidr.io/cookie-sync/ Frame 44F2 		0
0
crum
dsum-sec.casalemedia.com/ Frame 44F2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc8e6337-9456-4200-9cde-6c4d6760c400
0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 44F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE2uDi9piVLW6huH_z5VE24&google_cver=1
0
0
crum
dsum.casalemedia.com/ Frame 44F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5395455281270982228
0
0
rum
dsum-sec.casalemedia.com/ Frame 44F2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3958530015422089641
0
0
ibs:dpid=23728&dpuuid=YzeUUWU-BsXtuw7mpk8XoQAA%264698
dpm.demdex.net/ Frame 44F2 		0
0
sync
ads.servenobid.com/ Frame 44F2 		0
0
sync
ads.servenobid.com/ Frame 0141 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 0141
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=c6a12ea9-0802-4401-b326-df459f51d8c6&gdpr=0&gdpr_consent=
0
0
/
csync.loopme.me/ Frame 0141 		0
0
match
c1.adform.net/serving/cookie/ Frame 0141 		0
0
gjIEMT18
sync-tm.everesttech.net/upi/pid/ Frame 0141 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Sat, 01 Oct 2022 01:13:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664586839.819521,VS0,VE0
x-cache
MISS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-syd10174-SYD
getuid
secure.adnxs.com/ Frame 9EC1 		0
0
sync
x.bidswitch.net/ Frame 9EC1 		0
0
redirectObuid
sync.outbrain.com/ Frame 9EC1 		0
0
cm
us-u.openx.net/w/1.0/ Frame 9EC1 		0
0
sync
sync.srv.stackadapt.com/ Frame 9EC1 		0
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 9EC1 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 9EC1 		0
0
services
sync.technoratimedia.com/ Frame 9EC1 		0
0
142
match.deepintent.com/usersync/ Frame 9EC1 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame 9EC1 		0
0
server_match
ad.360yield.com/ Frame 9EC1 		0
0
floor6
sync.1rx.io/usersync2/ Frame 9EC1 		0
0
rtset
bh.contextweb.com/bh/ Frame 9EC1 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 9EC1 		0
0
sync
ads.servenobid.com/ Frame 9EC1 		0
0
img
sync.mathtag.com/sync/ Frame A9E8 		0
0
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 3EF3 		0
0
pixel
cm.g.doubleclick.net/ Frame 249D 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD7E 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 5B85 		0
0
um
cs.emxdgt.com/ Frame BBE7 		0
0
idsync
tg.socdm.com/aux/ Frame 95E1 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 97F5 		0
0
cm-notify
creativecdn.com/ Frame 0512 		0
0
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame E592 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame EF80 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523293851477180124&ssp=adaptmx&gdpr=0&gdpr_consent=
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMTNmNTAzZC1iYTc5LTNmYzktOGY4Zi03OGU3YjIyOWNiNzcqpAJodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMS8zMzY1P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MS0tLSZBPTk1NWRjYWJmLTkyOTUtNDU2Ni1hNjEzLTFlYTVkMzgzMDYyNCZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTlwWWk1aFpHNTRjeTVqYjIwdmNISmxZbWxrTDNObGRIVnBaRDlpYVdSa1pYSTlZVzE0Sm5WcFpEMDVOVFZrWTJGaVppMDVNamsxTFRRMU5qWXRZVFl4TXkweFpXRTFaRE00TXpBMk1qUSUzRCZ1aWQ9dWEtMDEzZjUwM2QtYmE3OS0zZmM5LThmOGYtNzhlN2IyMjljYjc3MgESOAE=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2409&xuid=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GJFDQV2DGZZGGTBVL5YG442YNRJDGQ3N
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3075884366821446000V10%26type%3Drkt%26refUrl%3D%26vid%3D45868378503075884366821446000V10%26ovsid%3D%7Buserid%7D
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=mma&refUrl=&vid=45868378503075884366821446000V10&ovsid=2d586337-9456-4200-87db-9d514c7b31d6
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&vsid=3075884366821446000V10&type=dxu&refUrl=&vid=45868378503075884366821446000V10&ovsid=Re5EDc1x1OEr4O5
Domain
event.clientgear.com
URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJSJI4FOQZWOJRUYNK7OBXHGWDMKIZUG3JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DKOBWHAZTOOBVGAZTANZVHA4DIMZWGY4DEMJUGQ3DAMBQKYYTAJTWONUWIPJTGA3TKOBYGQZTMNRYGIYTINBWGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3075884366821446000V10
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4219349577304337726
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HPk7ptGbRhq7wcXFykBiKQ
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8P80RCH-J-KIWN
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8P80RCH-J-KIWN&gdpr=0&us_privacy=1YN-
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e79fdd6-14f2-4e5c-a891-97161b679d81-004
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/1/2997?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=955dcabf-9295-4566-a613-1ea5d3830624&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=5395455281270982228
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMTNmNTAzZC1iYTc5LTNmYzktOGY4Zi03OGU3YjIyOWNiNzcqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMDEzZjUwM2QtYmE3OS0zZmM5LThmOGYtNzhlN2IyMjljYjc3MgESOAE=
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE2uDi9piVLW6huH_z5VE24&google_cver=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3958530015422089641
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=e912d065-1c79-967a-9863c063
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc8e6337-9456-4200-9cde-6c4d6760c400
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE2uDi9piVLW6huH_z5VE24&google_cver=1
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5395455281270982228
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3958530015422089641
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YzeUUWU-BsXtuw7mpk8XoQAA%264698?gdpr_consent=&us_privacy=&gdpr=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=333&uid=YzeUUWU_BsXtuw7mpk8XoQAAEloAAAAB
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=317&uid=4440015737889737043&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=c6a12ea9-0802-4401-b326-df459f51d8c6&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_b48f6638-0ab5-4956-b3b8-8620b637a3b3&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=a_b48f6638-0ab5-4956-b3b8-8620b637a3b3&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_b48f6638-0ab5-4956-b3b8-8620b637a3b3
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9iNDhmNjYzOC0wYWI1LTQ5NTYtYjNiOC04NjIwYjYzN2EzYjM=&gdpr=0&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98869111&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString undefined| $ undefined| jQuery function| jqAlias number| ampAdSlotIdCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing boolean| noPreviewPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

81 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQmNbtiLkwCgoIgQIQmNbtiLkwCgoI4gEQmNbtiLkwCgoI5gEQmNbtiLkwCgoIhwIQmNbtiLkwCgkICRCY1u2IuTAKCQg6EJjW7Yi5MAoJCAsQmNbtiLkwCgoIjAIQmNbtiLkwCgkIXxCY1u2IuTA=
.aralego.com/ Name: sspid
Value: 240c2bfa-218f-3585-8e25-5edf309bd79d
www.bg3.co/ Name: __AP_SESSION__
Value: 348cc054-d552-49ef-b2d7-611ee794a2fc
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: 4e8b0610-4126-11ed-b09d-002248598f1f
.adpushup.com/ Name: ap_usid
Value: 4e8b0611-4126-11ed-b09d-002248598f1f
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 82261ea4-920f-491d-8f1b-c0cc182dcfca
.openx.net/ Name: i
Value: 82261ea4-920f-491d-8f1b-c0cc182dcfca|1664586830
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwz6jemQY4AUABSAEQz6jemQYYAA..
.adnxs.com/ Name: uuid2
Value: 5395455281270982228
.omnitagjs.com/ Name: ayl_visitor
Value: 7d5a4dc02206ffb6f79f3cf62b418f7a
.rubiconproject.com/ Name: khaos
Value: L8P80RCH-J-KIWN
.prebid.a-mo.net/ Name: __amc
Value: 1_1664586831_1664586831
.a-mo.net/ Name: amuid2
Value: 955dcabf-9295-4566-a613-1ea5d3830624
.prebid.a-mo.net/ Name: sd_amuid2
Value: 955dcabf-9295-4566-a613-1ea5d3830624
.bg3.co/ Name: __gpi
Value: UID=00000a14fe983117:T=1664586831:RT=1664586831:S=ALNI_MZUIdC-nSMO06d8HSKmosqEr5FxcQ
www.bg3.co/ Name: qcSxc
Value: 1664586832017
.doubleclick.net/ Name: IDE
Value: AHWqTUlLKXgPfdsH1H4x7OQv5dU83sd0jnGePXcRRaUAapu4rPCDML4V9euwBXo8vCw
.quantserve.com/ Name: mc
Value: 63379450-1bf5e-9392a-36ac3
.bg3.co/ Name: __qca
Value: P0-1171770421-1664586832014
.teads.tv/ Name: tt_viewer
Value: 84ff362d-9de7-4400-b833-0bec4773c700
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1664586832.1.0.1664586832.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.2133585900.1664586833
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: b0aef428-3672-4ab0-bfd5-646b539f6d4f
.eskimi.com/ Name: __eP
Value: 1
.rmp.rakuten.com/ Name: Rp
Value: 60c71746f0f2099b34351b1f8101633794515e9eed2e7cff
.spotxchange.com/ Name: audience
Value: 50c7c4ac-4126-11ed-8f56-1e0b86f70507
.casalemedia.com/ Name: CMPS
Value: 4777
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVKnm#G[!]tbPl1M>e)ZlrFUfJ+tGXxoDORH[0@p5*MRmPL6XwvY1AfIF4Zsk/HuPcc(3If)y3KL9D3I?+@fZO`7
.bg3.co/ Name: __gads
Value: ID=a67b129afc15d647:T=1664586831:S=ALNI_MZvXdrcP2pK2Vz8N6DY_H_8N0BNtw
a4p.adpartner.pro/ Name: apuid
Value: d1105812-c3cc-4ae6-9250-62f5ff58c997
a4p.adpartner.pro/ Name: buyeruid_27
Value: b0aef428-3672-4ab0-bfd5-646b539f6d4f
.bidswitch.net/ Name: c
Value: 1664586834
.bidswitch.net/ Name: tuuid_lu
Value: 1664586834
.casalemedia.com/ Name: CMID
Value: YzeUUWU-BsXtuw7mpk8XoQAA
.casalemedia.com/ Name: CMTS
Value: 4726
.casalemedia.com/ Name: CMPRO
Value: 4698
.3lift.com/ Name: tluid
Value: 3197731560771929952153
.yahoo.com/ Name: A3
Value: d=AQABBFKUN2MCEKf6Sampn6VvTiRCy0QPCQ4FEgEBAQHlOGNBYwAAAAAA_eMAAA&S=AQAAAgTPFkmOzdHSshh37o9oht4
.sharethrough.com/ Name: stx_user_id
Value: 54cb139e-5c54-4b77-90d0-11a09ce7915c
.bidswitch.net/ Name: tuuid
Value: dbef99bc-cfb4-4b0e-b2eb-45cd8ccdae96
.bidswitch.net/ Name: google_push
Value: AZmPxg-pm1wdLUmqdeqqvJY47-M70DXeQrNn08UtLhrSbwQZdEi0xJB0mjIhFwPpmHPp3q4ATZSpBw8JieSNRKimj21vW9Hpzx8tEg
.yahoo.co.jp/ Name: XA
Value: b9ig239hjf52i&sd=B&t=1664586834&u=1664586834&v=1
.yahoo.co.jp/ Name: XB
Value: b9ig239hjf52i&b=3&s=e2
.mediago.io/ Name: __mguid_
Value: 8314b548dc913210255be567e4187628
.inmobi.com/ Name: idsp_c
Value: 6b679f80-c4d8-4ad9-8f14-43ac356d8eb4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: ECIBCQGdJ4EA
.adsrvr.org/ Name: TDID
Value: c6a12ea9-0802-4401-b326-df459f51d8c6
.dap.fw-ad.jp/ Name: user
Value: 697b5f67-d72d-3298-85a5-527c07755a52
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1664586836002000
.media.net/ Name: visitor-id
Value: 3075884366821446000V10
.media.net/ Name: data-g
Value: CAESEIyhIrW4scNHFNBct8AjFIw~~3
.reemo-ad.jp/ Name: deviceIdentifier
Value: gegSwoYdQKDQcUtEzFJzayTyrlfzyDhn
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.socdm.com/ Name: SOC
Value: YzeUVMCo8YUAAMm6LiMAAAAA
.uncn.jp/ Name: t
Value: v_fefbd416-46da-45ca-8c01-7476d916532b
.zemanta.com/ Name: zuid
Value: 2J8WC6rcL5_pnsXlR3Cm
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22c6a12ea9-0802-4401-b326-df459f51d8c6%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-01T01%3A13%3A57%22%7D
.openx.net/ Name: pd
Value: v2|1664586836|jElYiuvOiahI
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLuF5NPyjSp67UyebV3a1stgxoxpldADKJ2VKQdthl3RytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Em9dRdKCTFZDCax3pyYFnS0=
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~27gp:196y~27gp"
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIxJSY6YfVkTsQBRgFIAIoAjILCNyvhJSe1ZE7EAU4AQ..
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|c6a12ea9-0802-4401-b326-df459f51d8c6|1664586837076285
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY0NTg2ODM2fQ
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.bing.com/ Name: MUID
Value: 0CA297CAEB046C4826C785FAEA366DFF
.c.bing.com/ Name: MR
Value: 0
.linkedin.com/ Name: li_sugr
Value: 2ecf762e-b0e3-409c-83fb-4e0e1e6c1faa
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&05f25e0d-f9f6-4fea-8e99-d57030368939"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2595:u=1:x=1:i=1664586837:t=1664673237:v=2:sig=AQHNo2-9GJeJX3FClujr1eIkIds_NIWj"
.mookie1.com/ Name: id
Value: 10523293851477180124
.mookie1.com/ Name: mdata
Value: 1|10523293851477180124|1664586837468
.mookie1.com/ Name: ov
Value: 6796fb4777d0de6bc6191fdc878ea9d7
.ladsp.com/ Name: cr
Value: 1

6 Console Messages

Source Level URL
Text
network error URL: https://cdn.adpushup.com/42753/L2Evd2FuZy15b3Utcm91LXNvdS10aWFvLXdlbi16aGVuZy1tZWktamluZy14aWUtbWktc2hpLXNoYW5nLWppZS1idS1uZW5nLXNodW8tZGUteGlhbi1zaG91LW1pLWppLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEOQZwu5LOTbbaQpviXZbQnw&google_cver=1&google_push=AZmPxg9mnEXSb-aNwuHmJCr12RoKRzAl6v4Zr4RdSTfASBDKUqRx4MAVE6G3RNo7UEyrRjwFnqdaT2JNW6xTUtmSW6ROECuHF8GciRs
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2f80241080ab424386abcb6f7a118447.safeframe.googlesyndication.com
4693376e08be2b7385bda50e9ac74573.safeframe.googlesyndication.com
a.teads.tv
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
cdn-europe.eskimi.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
d-24636870792853334319.ampproject.net
d3351484448a30a57e9d9ce6d5718687.safeframe.googlesyndication.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
ds.uncn.jp
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dynalyst-sync.adtdp.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gdn.socdm.com
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mweb.ck.inmobi.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s-cs.rmp.rakuten.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.dsp.reemo-ad.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
v9999.adv.admeme.net
win.eskimi.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
y.one.impact-ad.jp
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
c1.adform.net
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
csync.loopme.me
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
event.clientgear.com
image6.pubmatic.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
p.rfihub.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
us-u.openx.net
x.bidswitch.net
x.yieldlift.com
103.229.10.211
103.254.153.160
103.71.26.125
104.16.89.20
104.18.101.194
104.18.12.76
104.18.18.126
104.18.19.126
104.19.172.108
104.21.91.120
104.211.156.162
104.254.151.68
104.26.3.91
104.26.5.103
104.45.178.220
124.146.215.52
13.107.21.200
13.107.42.14
13.115.99.16
13.227.254.11
13.227.254.126
13.227.254.74
13.227.254.91
13.228.253.200
13.76.45.37
130.211.27.62
139.99.63.197
142.250.4.148
142.250.4.155
142.250.4.156
142.251.10.154
142.251.10.94
142.251.12.113
142.251.12.155
142.251.12.156
142.251.12.97
145.40.88.5
15.197.193.217
150.95.47.242
151.101.193.108
151.101.194.49
172.217.194.106
172.217.194.132
172.217.194.94
172.217.194.95
18.176.15.61
18.179.72.109
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
182.22.24.252
184.51.240.213
184.51.241.7
202.241.208.3
209.54.182.161
209.58.188.181
23.106.127.164
23.50.118.44
23.50.119.72
23.75.85.227
3.114.61.6
34.107.148.139
34.120.11.34
34.120.110.45
34.236.45.231
34.253.177.61
34.95.81.88
35.186.253.211
35.208.249.213
35.213.109.249
35.213.12.39
35.213.57.6
35.244.159.8
35.71.178.8
42.99.140.144
42.99.140.161
50.116.239.135
51.79.234.101
51.83.220.94
52.41.101.164
52.74.13.196
52.84.45.81
54.178.150.250
54.199.33.212
54.255.219.108
54.255.75.208
69.16.175.10
69.173.158.64
69.173.158.65
70.42.32.95
74.125.130.157
74.125.200.154
74.125.24.132
74.125.24.157
74.125.24.94
84.17.37.44
96.17.188.24
003a837d00aaec93f7c895b72430c56dd6ec0df5fa6e1b4646b363f941112c71
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d2c46e3668e6cd22cd4abbf6ea68b87d62f199a6379ee28641dc55af620a643
105dfec55f0198ea8326813e28e6508e516068dffc86b16286a048e11b9fc875
10b3844767b6e0533732ef4d0a35e1917ab4ebe147ad1d5d050cc499130da32e
10fa65fcd22b75fb88ca1984bf969187a18a30d31a35f33d23e920019f88976f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13c10c474ae58019d4fa3f3f656a3832dc7f5a76a23fa54e3db624f71397c967
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
18f9edb636cdd76e984b19cca7dec48b085f69cd274541172936dbafa6617c79
1a1b41d1a4299cb01fcbe4b52ea2548b7a84e09b48ec5de3313ff2f53f67fa15
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d3e8aa035ec1fe93a87d4a9144274d726425cee4f3c699953733959d27b70ef
1ece948d98c5e739c54ec068ea618b60e9649127a30091b85ad155b63ce934e8
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
21925e61c628cbfcca948c44af08b72467172a01667a631dd0007834b5e54241
2285364c1527a32e96ddb22ac181ea5f2df445e6d583c1f40faa2886e0ea18d1
255a1f5cb4c7fd223e47b213c53235491c8aff972bb805b5fa3888b68d90217b
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
28dd6bf4db55dd6e97b1c99a5653917c591a3659d31efc84627428ee0d151fb5
30bf084580eafb803e434b2dd4cda19eb68070fa742017f483762cc070b4a864
33dc14e1be2ccee701bf1afe545c0602f2723e4bf29a824332bbf55486d38b0d
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
35ab6b849009dca5d51bfcf9c85b80b2de2e00b1ae79158cd2338964540c27f8
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36baab59eadf0a6a85a6d2fafd46afad2e41f78418a6b7b0beff423edc8454fc
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37c4de34d63a769957d7baa0840538ad77025bd63c2b78766519b89699f90c33
3bca3139bc826b63a52c2f28b1650324d5ec1d09b38e90570c74f94ae87de9a5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7d803f2497ad4acdf038d55905827dcd676cb2f100eb98180371048d63228a
3e67ce92482cbdfbdb9acdae82684b562ff30e11242b8dcc6d20b0d7bf3cf306
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4121e8b4569677503b4c4065a4441af103da3df76b21c0c56bf8d6fd002bf243
424696f0ab78c22764689a040af711a4af38eb834db3a5eef2ef5855b4cc924c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456c09892a08f48a597fa8afbeae21d5995a9d73f2ead0dcb9bf83dd415e0cef
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a7d4e90449311d990c5d7ad6669211dd384f7d1884494702413e07efd494d8
4992a548b2d961eda56b7a94690bd49f28c0909fd56b6af88439160f006d035b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b12b30d12f8ae9c31940170e5c34aa19cc5b13bbe936bd0faeca60451da5af2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510c4808927486dbb35a2e0f9ad5b3439e55b0ce97bf8142a6b2795b9228a825
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58e5aebc942df4c15e649a1958379e4b8b2a12c35c064170edb1896e3fcba8bb
5b34131d0cb71bfa21f703330a25e70bbd67f0591b61ceaab3f57f26ce547153
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
5c399e642e5e066b2fdeacc5b919a3c6d9fa667abb34cc20cc4aec91593f4c20
5d54880119f0b820d2bcda604d93b516f4f9da8284d3215230b63ab6d1dd2528
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6820594319b3750f83c18f1eefa78ad6421d6795f95a596ea53151abeeba1407
695c709cc50ce4a30f0114e518941b6ff081ef7b9a87bfc49d8c9cbe125478d7
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98115040d6b2b895deac8a369a3c9fa8a4aa7ef5bc4be7e998f16721d16d65
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0d44dcb5a595e54d0f351449fc8cb2418f665c493826ee641e51e2cf17ea3f
6cba27853a80cbc2d1de992ca97c328d7b12251818503ecd197cece45f7bc1ba
6cd20faa6b79076a112723c1b80050c940ed0a9cfecc3e7211f859da4cde13ef
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e64a4894f14fab865296b82dd97d4d3ea3bcec78b5378d9b9ef57f5515948d8
6f8fb6ba4991dd07be9f1cf44ba2656655f8baa1dc39741cd698e406d8378396
71456dbfbeaae91e6b16e5e116a17873e3be7cab776a756df4789a46e1aae83f
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
75613ccb9158158babcdb6ba67a63ba0b8254dbe460492e95411aa11462d26e0
7773de834a0e52fac022fa6f4ea8de866e281c8ed8a49de41bd4c961d6c0b5d7
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7cb324446770132841bd9d5d4ea7739429e90f8a76309b8f151f68fb9954a365
7cf91b096068036c98f1b7792e0aaccb98820c3f73c3fbb14443ce84a2f80c8a
7d9e178f64b1fefcd3b22e04e951b374db2cdd9cabff6ffade1038c6f37fd25a
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
7fdf5ac73a635ea59763384cc107500ddbbd49c468b6ab7450a1f9741ea4679f
817228108b993bcefe00f04fb09477326204ba6af2e596ed59b4ac771a8cad18
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
88455c9e51c8fdd216db8cfa62f5179eaac2c25076b277ca98fc5a18f59493c8
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad9dff0acf2b68fd47990c0df60b42a7d99c0a230d6934313c2fbf8c3d8eca2
8d0b211d66fb806fa7eff17d03d6bc0ec896c8c19d1ab027adadd17b97e2c7e4
8fd72e959727d0b0057ecefc2ca04c40b39ac21e4f2c1628c4eafba831f4b407
90ac039b287b2cabdac124621645ffd2d2437c638881ed2c403f10cd40715fc5
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93049f73e7f7cdaa21e85dad2d9417e23e196b1bb15dd6d434c1ad6bd4e6cbbb
9494d0f1effb05a313aca309d797eb060a5a1c9fcf9ae7dc9abeafea20451732
9506584c0060db4aa48f821ebe5129c9b56e1e2dc05b84a4dbdbb8af9ca28506
964733d41b55e7f16c2e019e6045e54234a5daa4be7bd073ecdac8224ef90aa0
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
9815c5028421996acaf760f85539642ed35bfdb7e2ca0f4a5411530accfb4689
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e07846e20c292118f40e47f22d753246fed7577a03734430e63e394e32b2d73
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a96ad4768f32ec875b5e6d4ff9e5107eb19401974d337d1ff79e8da9f435f446
a990c1548dfa09adfa38710df97525b6952b8146dd58b0f2793eb339fa29a901
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aad7a80ebe40ec04b92a50243556bb837d304deedfafd250cda05e40dd966377
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ad7fb620c3cfde544312d98aea1ce014a23a3e97b94b38d869d3909ec56e9f64
adf902a639dd0b9a6ba4eafa62e86554e3c215338481f1839fc019d720858716
ae49deaf11adf8cf798d12f2ab05f18e9b962262bd4d96130831d80310fecdf3
af2bc5fe991e99dc833c79f4a643f6d8d07f74e2ca88fd19c1a7a3cbc00f8b9f
afd2e660b31a86296f6fbbd5159d6d5651a03f206a5b887b618e83453c98e23b
afdfc2ff54ed3cfa7a34be2c2fb1fb9b434bf52a0e9bfec46f3aeca36aaf7e4b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
b34ca125b103667aef16c2cee63d626f7447b963dfd0bf2ef2e14ecd397a4e94
b53c5641931f7a79011eca8fbe7582ab69c6b3a85ea27beb442145bb8ffee06c
b6519a65cdf8997d35f9d12400675c7f2b66dba5317f2939a7e5d51cf9dc41fb
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b76a56ceef748a50323136974997e094f3afa6f316131593dd0772707a49a39d
b8d3f26bd33f85365bc9971e562b95eca5e66fdf72e50ddd3a8209c5e59a1dc4
b9b47834ed17c2f39e117d1e26eabf4a798d7e0d42ff65eb3b1a603c95d0e79d
bac6b85de0e8e69156c4a400ef1e15806c9098fd8c9174823d307abdfe1eb0ac
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb457069db223ccdf70f704e69173908b1ac8f48a3fd37ce7f20ab81ca625cb2
bd268d75b1713c916d922c2b680c1abc348afeb111991f07817c635c3e48bda6
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bffdbf4ab69b451ba0e7cec630a0ae243e96a8e2b8279adf51190828a03586dc
c0eef3f02520787922a61b1cf8b5144068461152c524d4f1a34531df210d3987
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c47de8e691269e7231ee8e14edc3193ab82e69618bfdb17641edf251a7ab0f99
c4b064035d7575f4bec0fd5729fa76ed3aa06324415dffb767812d0b815e0b34
c73053445bfdbc1c2d26de543df0e97f6465e888413aa2649d506edfbfb6a7bf
c8ea2216a60915c1a37a159a59223d0239efb8a09ea222483a2148a14f8cf1cd
ca64d780d71b208ac1100062020b51704c3e15925b15d2439c4daf13e589b8b8
cbf3c064cae2cf267d7cc01cd279cf1adadc1387c3e542b387ac60a8a07bee7a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfda16366d4e14235a8d71335e5717cf303f82380499646d9e5a3057a56e7a1e
d105a42bdc4d4365aeee2ff0486a77329b5922039d4ffd4b9c893a0f0848ae2c
d750371360f5fa8229bb73485b037be6e9932af014cfe2bcd21893d8b5aa176e
d7a22b50e92f9673c79981c053949983b406f3d29248617af8175fa02c27f6b0
d7a8e13b65622c665aff7562e5e47af2ade5b08398a3fecfeedc4a84544d40ed
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
dde6d8d1faa1d4ed891757e2eb8aadba0c9033b8dc1cb76504800fe8fd68ebf6
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e16475c61cc9a928cb3263207942beefd55f46374bd1535daefa19e04b523071
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4633d2d65a9738c99428fc92451fe7af51f23df6d382b18508d3b3cbd403e56
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8e1fbf912c7b086e2fe8e3dd88eb1b7193f79b032a66d15825826b435dd80e7
e9beb8ed84797cade60b4466f6b1f0de9e9960009ac2bd69738b754b4611dd7b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed23bbc0a746c300db678d655979ba127e089dc6162b8083a6f8c594ba61ec14
ed901d75311cc889034ef4ae95dd40c1cc35b5f11bfb8ca654ab70fb56f786ca
eeda47a7454e9e8fe55f17393756a654ba7f211b5266adf06cf3a0f5c577b2be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
f54bd5d6e47d9a75c45b720553258f392a26162a23c8b7dcf0e5db94ce81f68a
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8ffa69bd7aa899e6ecf70df46b31414e23af1442bf1a9d04fc074f88b04f3a1
f96aeaba5355b65e8adb4bbbd2e04ae9c759dac2df06ca88d25af29addf35c5d
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
faa2b98f3aa31cdd0ad7a6b838975c84d95ba3b414228a7ce7348c64d6f18e0c
fbae8e5eb621267aaae37902746797edd6a1133e2cb534ff44aeb54effb94ce3
fedd1601db33a9a7c15141d20a9328b0f6d35592cc1119d72ec9ee6afe8605a5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e