urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Submission: On August 21 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 11 countries across 111 domains to perform 496 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
46 142.251.12.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 72.247.81.112 20940 (AKAMAI-ASN1)
3 64.120.88.131 133752 (LEASEWEB-...)
19 172.67.72.16 13335 (CLOUDFLAR...)
49 172.217.194.157 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
13 74.125.200.156 15169 (GOOGLE)
9 74.125.68.156 15169 (GOOGLE)
1 172.217.194.94 15169 (GOOGLE)
2 74.125.200.97 15169 (GOOGLE)
3 216.239.34.178 15169 (GOOGLE)
4 74.125.24.155 15169 (GOOGLE)
21 65 74.125.68.155 15169 (GOOGLE)
1 13.33.33.38 16509 (AMAZON-02)
2 182.161.73.136 55569 (CRITEO-AS...)
1 104.16.89.20 13335 (CLOUDFLAR...)
1 104.83.197.63 16625 (AKAMAI-AS)
15 52.212.135.106 16509 (AMAZON-02)
2 3 145.40.88.5 54825 (PACKET)
1 13.251.219.40 16509 (AMAZON-02)
3 54.238.123.46 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
6 22 104.18.19.126 13335 (CLOUDFLAR...)
6 10 104.254.151.69 29990 (ASN-APPNEX)
1 34.107.148.139 15169 (GOOGLE)
7 29 139.99.49.250 16276 (OVH)
1 182.161.73.145 55569 (CRITEO-AS...)
2 13 35.244.159.8 15169 (GOOGLE)
1 148.251.44.111 24940 (HETZNER-AS)
1 4 103.229.10.180 16509 (AMAZON-02)
1 13.227.254.108 16509 (AMAZON-02)
2 23.108.101.160 59253 (LEASEWEB-...)
1 151.101.66.132 54113 (FASTLY)
5 142.251.12.154 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 23.72.45.76 16625 (AKAMAI-AS)
1 199.232.46.132 54113 (FASTLY)
8 142.251.10.147 15169 (GOOGLE)
1 10 184.87.200.25 16625 (AKAMAI-AS)
1 42.99.128.161 4637 (ASN-TELST...)
3 104.83.196.24 16625 (AKAMAI-AS)
1 182.161.73.141 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
1 2 23.53.160.138 16625 (AKAMAI-AS)
3 3 13.107.42.14 8068 (MICROSOFT...)
2 2 104.45.178.220 8075 (MICROSOFT...)
2 2 18.177.11.95 16509 (AMAZON-02)
22 142.251.12.149 15169 (GOOGLE)
2 2 3.82.84.88 14618 (AMAZON-AES)
2 2 18.176.241.222 16509 (AMAZON-02)
1 1 13.228.139.136 16509 (AMAZON-02)
9 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.25.14 13335 (CLOUDFLAR...)
7 7 103.229.205.243 30419 (MEDIAMATH...)
1 2 172.64.152.245 13335 (CLOUDFLAR...)
4 4 124.146.215.42 2514 (INFOSPHER...)
1 124.146.215.3 2514 (INFOSPHER...)
1 1 31.220.27.134 39572 (ADVANCEDH...)
13 14 35.71.131.137 16509 (AMAZON-02)
4 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
1 1 13.115.228.100 16509 (AMAZON-02)
1 1 202.232.238.37 2497 (IIJ Inter...)
4 7 52.77.147.141 16509 (AMAZON-02)
4 4 174.137.133.49 27257 (WEBAIR-IN...)
2 3 202.131.200.84 17941 (BIT-ISLE ...)
1 74.125.200.95 15169 (GOOGLE)
4 142.251.10.155 15169 (GOOGLE)
2 103.229.206.241 30419 (MEDIAMATH...)
3 142.251.12.94 15169 (GOOGLE)
2 8 23.9.185.218 16625 (AKAMAI-AS)
1 184.87.200.196 16625 (AKAMAI-AS)
1 108.138.36.84 16509 (AMAZON-02)
1 184.87.201.3 16625 (AKAMAI-AS)
3 9 35.71.178.8 16509 (AMAZON-02)
13 15 35.213.12.39 15169 (GOOGLE)
3 3 35.213.93.179 15169 (GOOGLE)
3 3 50.116.239.135 6336 (TURN-US-ASN)
1 1 13.33.88.34 16509 (AMAZON-02)
2 2 13.33.88.20 16509 (AMAZON-02)
1 2 69.173.144.165 26667 (RUBICONPR...)
7 13 69.173.158.64 26667 (RUBICONPR...)
1 4 23.106.127.39 59253 (LEASEWEB-...)
4 7 35.190.60.146 15169 (GOOGLE)
2 6 52.46.128.147 16509 (AMAZON-02)
13 18 67.199.150.82 3257 (GTT-BACKB...)
7 8 52.74.13.196 16509 (AMAZON-02)
1 2 104.18.100.194 13335 (CLOUDFLAR...)
1 204.79.197.200 8068 (MICROSOFT...)
4 4 50.31.142.255 22075 (AS-OUTBRAIN)
2 2 104.69.148.168 16625 (AKAMAI-AS)
2 3 52.94.220.185 16509 (AMAZON-02)
1 106.10.236.40 56173 (YAHOO-SG3...)
3 23.72.44.196 16625 (AKAMAI-AS)
2 52.193.120.195 16509 (AMAZON-02)
1 2 23.106.127.38 59253 (LEASEWEB-...)
1 3 54.174.20.147 14618 (AMAZON-AES)
2 2 209.191.163.209 29791 (VOXEL-DOT...)
2 2 209.191.163.210 29791 (VOXEL-DOT...)
11 11 74.118.186.45 26120 (RHYTHMONE)
1 21 13.112.54.241 16509 (AMAZON-02)
1 1 198.8.71.129 54312 (ROCKETFUEL)
2 2 72.34.250.75 27630 (AS-XFERNET)
2 2 34.198.200.28 14618 (AMAZON-AES)
2 4 52.88.128.19 16509 (AMAZON-02)
2 2 104.19.172.108 13335 (CLOUDFLAR...)
1 104.18.12.76 13335 (CLOUDFLAR...)
4 4 104.254.151.68 29990 (ASN-APPNEX)
7 7 151.101.66.49 54113 (FASTLY)
2 2 13.115.89.75 16509 (AMAZON-02)
1 1 52.205.37.96 14618 (AMAZON-AES)
1 104.18.18.126 13335 (CLOUDFLAR...)
5 6 67.199.150.86 3257 (GTT-BACKB...)
3 3 35.227.202.26 15169 (GOOGLE)
3 4 107.178.244.193 15169 (GOOGLE)
1 1 54.249.253.250 16509 (AMAZON-02)
2 103.231.98.196 62713 (AS-PUBMATIC)
1 1 13.227.254.51 16509 (AMAZON-02)
2 2 13.231.81.146 16509 (AMAZON-02)
3 4 66.225.223.95 3949 (NTTA-3946)
3 3 3.1.169.35 16509 (AMAZON-02)
1 1 52.0.153.146 14618 (AMAZON-AES)
1 141.148.45.191 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 44.195.112.134 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 3 185.84.60.20 198622 (ADFORM)
9 13 103.231.98.194 62713 (AS-PUBMATIC)
6 67.199.150.85 3257 (GTT-BACKB...)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
1 1 34.124.209.251 396982 (GOOGLE-CL...)
1 182.161.73.146 55569 (CRITEO-AS...)
1 1 18.138.18.111 16509 (AMAZON-02)
2 2 18.138.158.87 16509 (AMAZON-02)
1 13.114.41.24 16509 (AMAZON-02)
2 2 13.250.207.233 16509 (AMAZON-02)
1 2 119.9.108.191 45187 (RACKSPACE...)
1 2 18.140.96.174 16509 (AMAZON-02)
2 2 34.102.253.54 15169 (GOOGLE)
2 2 89.207.22.76 41041 (VCLK-EU-SE)
496 103
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
46    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
8c8641eaa5df0bc1d8f41b2ac9620311.safeframe.googlesyndication.com
14247d44765c4ef64af988c3254350b9.safeframe.googlesyndication.com
tpc.googlesyndication.com
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    72.247.81.112 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-81-112.deploy.static.akamaitechnologies.com
cdn.adpushup.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
19    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
49    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
pagead2.googlesyndication.com
ade.googlesyndication.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
13    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
9    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
adservice.google.com
adservice.google.com.au
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
d-14199441001193768644.ampproject.net
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
3    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
adservice.google.com.au
65    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
1    13.33.33.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-38.sin2.r.cloudfront.net
adx.holmesmind.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
15    52.212.135.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    13.251.219.40 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-219-40.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    54.238.123.46 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-123-46.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
22    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
10    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
29    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    148.251.44.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sundoro
rtb.adxpremium.services
4    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    13.227.254.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-108.sin52.r.cloudfront.net
rules.quantcount.com
2    23.108.101.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1-sindc1.zemanta.com
b1t-sindc1.zemanta.com
1    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
widgets.zemanta.com
5    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
www.googletagservices.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    23.72.45.76 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-76.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    199.232.46.132 (Singapore, Singapore)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
8    142.251.10.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f147.1e100.net
www.google.com
10    184.87.200.25 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-200-25.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    42.99.128.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-128-161.pacnet.net
qsearch-a.akamaihd.net
3    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    182.161.73.141 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.sg1.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
2    23.53.160.138 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-160-138.deploy.static.akamaitechnologies.com
sync.teads.tv
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
22    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
s0.2mdn.net
2    3.82.84.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-84-88.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    18.176.241.222 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-241-222.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    13.228.139.136 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-139-136.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
9    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    172.64.152.245 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    124.146.215.42 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    124.146.215.3 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
14    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    13.115.228.100 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-228-100.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
7    52.77.147.141 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-147-141.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
4    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
rtb2-useast.e-volution.ai
3    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net
fonts.googleapis.com
4    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
googleads4.g.doubleclick.net
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
3    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
8    23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    184.87.200.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-200-196.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    108.138.36.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-84.muc50.r.cloudfront.net
public.servenobid.com
1    184.87.201.3 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-201-3.deploy.static.akamaitechnologies.com
js-sec.indexww.com
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
15    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    13.33.88.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-34.sin2.r.cloudfront.net
cr-p3.ladsp.jp
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-pall.ladsp.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
13    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
4    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
6    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
18    67.199.150.82 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
8    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    104.18.100.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
4    50.31.142.255 (Lincolnwood, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    104.69.148.168 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-148-168.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    106.10.236.40 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: o2.ycpi.vip.sg3.yahoo.com
ads.yahoo.com
3    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    52.193.120.195 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-120-195.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
3    54.174.20.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-20-147.compute-1.amazonaws.com
x.yieldlift.com
2    209.191.163.209 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    209.191.163.210 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
11    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
21    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
1    198.8.71.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    34.198.200.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-200-28.compute-1.amazonaws.com
ssp.disqus.com
4    52.88.128.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-128-19.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    104.19.172.108 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    104.18.12.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
4    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
7    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    13.115.89.75 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-89-75.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    52.205.37.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-37-96.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
6    67.199.150.86 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
3    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
4    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
1    54.249.253.250 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-253-250.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    13.227.254.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-51.sin52.r.cloudfront.net
s.ad.smaato.net
2    13.231.81.146 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-231-81-146.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
4    66.225.223.95 (United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
sync.outbrain.com
3    3.1.169.35 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-169-35.ap-southeast-1.compute.amazonaws.com
ice.360yield.com
ad.360yield.com
1    52.0.153.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-153-146.compute-1.amazonaws.com
sync.ipredictive.com
1    141.148.45.191 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    44.195.112.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-112-134.compute-1.amazonaws.com
cs.emxdgt.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
13    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    67.199.150.85 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    34.124.209.251 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    18.138.158.87 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-158-87.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    13.114.41.24 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-41-24.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    13.250.207.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    119.9.108.191 (Central, Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
2    18.140.96.174 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-96-174.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    89.207.22.76 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-login-ds.dotomi.com
pubmatic-match.dotomi.com
Apex Domain
Subdomains		 Transfer
85 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
8c8641eaa5df0bc1d8f41b2ac9620311.safeframe.googlesyndication.com
14247d44765c4ef64af988c3254350b9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 285
831 KB
80 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
602 KB
48 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 603
ads.pubmatic.com — Cisco Umbrella Rank: 492
image2.pubmatic.com — Cisco Umbrella Rank: 877
image6.pubmatic.com — Cisco Umbrella Rank: 634
simage2.pubmatic.com — Cisco Umbrella Rank: 672
image4.pubmatic.com — Cisco Umbrella Rank: 881
simage4.pubmatic.com — Cisco Umbrella Rank: 1252
42 KB
29 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
14 KB
28 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com — Cisco Umbrella Rank: 582
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2237
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
token.rubiconproject.com — Cisco Umbrella Rank: 711
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 959
43 KB
23 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1417
usersync.gumgum.com — Cisco Umbrella Rank: 1974
rtb.gumgum.com — Cisco Umbrella Rank: 1284
7 KB
23 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
dsum.casalemedia.com — Cisco Umbrella Rank: 1387
21 KB
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
425 KB
20 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
227 KB
16 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
ads.yahoo.com — Cisco Umbrella Rank: 2295
9 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
public.servenobid.com — Cisco Umbrella Rank: 3759
10 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
6 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
pix.as.criteo.net — Cisco Umbrella Rank: 14815
csm.as.criteo.net — Cisco Umbrella Rank: 15360
309 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com — Cisco Umbrella Rank: 604
secure.adnxs.com — Cisco Umbrella Rank: 463
30 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
5 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
8 KB
14 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
hblg.media.net — Cisco Umbrella Rank: 1470
contextual.media.net — Cisco Umbrella Rank: 537
warp.media.net — Cisco Umbrella Rank: 2128
lg3.media.net — Cisco Umbrella Rank: 3677
cs.media.net — Cisco Umbrella Rank: 1357
163 KB
13 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
us-u.openx.net — Cisco Umbrella Rank: 399
u.openx.net — Cisco Umbrella Rank: 705
jp-u.openx.net — Cisco Umbrella Rank: 9434
3 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
17 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
217 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1260
6 KB
9 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 476
tags.mathtag.com — Cisco Umbrella Rank: 3512
5 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 570
5 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 590
2 KB
7 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 592
idsync.rlcdn.com — Cisco Umbrella Rank: 310
990 B
7 zemanta.com
b1-sindc1.zemanta.com — Cisco Umbrella Rank: 50077
widgets.zemanta.com — Cisco Umbrella Rank: 7082
b1t-sindc1.zemanta.com — Cisco Umbrella Rank: 38314
b1sync.zemanta.com — Cisco Umbrella Rank: 572
7 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
bidder.criteo.com — Cisco Umbrella Rank: 759
rtb.sg1.as.criteo.com — Cisco Umbrella Rank: 30153
ads.as.criteo.com — Cisco Umbrella Rank: 15131
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 15082
dis.criteo.com — Cisco Umbrella Rank: 712
44 KB
7 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
e3.adpushup.com Failed
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
229 KB
6 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1937
ssbsync.smartadserver.com — Cisco Umbrella Rank: 939
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 600
2 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
1 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
5 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
gdn.socdm.com — Cisco Umbrella Rank: 152147
5 KB
5 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1238
sync.outbrain.com — Cisco Umbrella Rank: 744
4 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
216 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 464
757 B
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
3 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 936
ap.lijit.com — Cisco Umbrella Rank: 654
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
cms.quantserve.com — Cisco Umbrella Rank: 1072
11 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 612
1 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1893
ad.360yield.com — Cisco Umbrella Rank: 671
891 B
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
802 B
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049
1 KB
3 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3650
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
1 KB
3 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2550
1 KB
3 gstatic.com
fonts.gstatic.com
62 KB
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2792
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
2 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
1 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
sync.teads.tv — Cisco Umbrella Rank: 1030
768 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
430 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3549
744 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4114
681 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 728
855 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1070
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1500
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 783
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 794
715 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 668
700 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5040
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 504
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 942
691 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2420
549 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 992
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 509
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 457
551 B
2 ladsp.com
cr-pall.ladsp.com — Cisco Umbrella Rank: 3699
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com — Cisco Umbrella Rank: 1405
2 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5540
1 KB
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6522
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 816
s.tribalfusion.com — Cisco Umbrella Rank: 2148
1 KB
2 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 17820
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 754
1005 B
2 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 133282
1 KB
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3963
1009 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
775 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
10 KB
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 18293
220 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24110
653 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
656 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4025
391 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 952
67 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 522
664 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 913
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1099
292 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1010
465 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 740
547 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 461
513 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1369
379 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 743
731 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 204
667 B
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 22525
222 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 59409
716 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 172426
357 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3867
327 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
5 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 544
396 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1614
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 2536
13 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
635 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7555
396 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 369022
1 KB
1 ampproject.net
d-14199441001193768644.ampproject.net
0 eyeota.net Failed
ps.eyeota.net — Cisco Umbrella Rank: 949 Failed
0 audience73.com Failed
ad.audience73.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
496 111
Domain Requested by
55 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
45 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.bg3.co
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
30 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
29 onetag-sys.com 7 redirects cdn.adpushup.com
googleads.g.doubleclick.net
www.bg3.co
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
22 s0.2mdn.net 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
www.bg3.co
s0.2mdn.net
21 usersync.gumgum.com 1 redirects public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
19 static.bg3.co www.bg3.co
18 image8.pubmatic.com 13 redirects onetag-sys.com
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
15 x.bidswitch.net 13 redirects onetag-sys.com
eb2.3lift.com
15 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
ssbsync.smartadserver.com
g2.gumgum.com
eus.rubiconproject.com
14 match.adsrvr.org 13 redirects cdn.adpushup.com
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
13 simage2.pubmatic.com 9 redirects ads.pubmatic.com
g2.gumgum.com
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 ib.adnxs.com 6 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
9 static.criteo.net cdn.adpushup.com
ads.as.criteo.com
static.criteo.net
8 sync.1rx.io 8 redirects
8 ups.analytics.yahoo.com 7 redirects onetag-sys.com
8 pixel.rubiconproject.com 3 redirects onetag-sys.com
www.bg3.co
8 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
7 sync-tm.everesttech.net 7 redirects
7 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
7 sync.mathtag.com 7 redirects
7 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 image2.pubmatic.com 5 redirects ads.pubmatic.com
6 s.amazon-adsystem.com 2 redirects onetag-sys.com
eb2.3lift.com
ssum-sec.casalemedia.com
6 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
6 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
6 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
6 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 token.rubiconproject.com 4 redirects www.bg3.co
5 id.rlcdn.com 3 redirects onetag-sys.com
ssbsync.smartadserver.com
5 www.googletagservices.com googleads.g.doubleclick.net
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 ade.googlesyndication.com www.bg3.co
4 image4.pubmatic.com ads.pubmatic.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 pixel.tapad.com 3 redirects g2.gumgum.com
4 secure.adnxs.com 4 redirects
4 dpm.demdex.net 2 redirects ssum-sec.casalemedia.com
4 b1sync.zemanta.com 4 redirects
4 googleads4.g.doubleclick.net www.bg3.co
4 pix.as.criteo.net ads.as.criteo.com
4 tg.socdm.com 4 redirects
4 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 odr.mookie1.com 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 ad.turn.com 3 redirects
3 a.sportradarserving.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 sync-dsp.ad-m.asia 2 redirects ads.pubmatic.com
3 cs.media.net 1 redirects contextual.media.net
3 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
3 px.ads.linkedin.com 3 redirects
3 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
3 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 prebid.a-mo.net 2 redirects cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 pubmatic-match.dotomi.com 2 redirects
2 ads.playground.xyz 2 redirects
2 sync.crwdcntrl.net 1 redirects g2.gumgum.com
2 uipglob.semasio.net 1 redirects g2.gumgum.com
2 cm.adgrx.com 2 redirects
2 pm.w55c.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects ads.pubmatic.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 pool.admedo.com 2 redirects
2 rtb-csync.smartadserver.com ssbsync.smartadserver.com
2 image6.pubmatic.com ads.pubmatic.com
2 match.prod.bidr.io 2 redirects
2 csync.loopme.me 2 redirects
2 ssp.disqus.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 stags.bluekai.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-pall.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tags.mathtag.com 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
www.bg3.co
2 rtb2-useast.e-volution.ai 2 redirects
2 dsp.adkernel.com 2 redirects
2 csm.as.criteo.net ads.as.criteo.com
2 ds.uncn.jp 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cs.r-ad.ne.jp 2 redirects
2 mweb.ck.inmobi.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 pixel.quantserve.com 1 redirects www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 gum.criteo.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 rtb.gumgum.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 um.simpli.fi 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 ice.360yield.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 aa.agkn.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 ads.yahoo.com www.bg3.co
1 c.bing.com eb2.3lift.com
1 cr-p3.ladsp.jp 1 redirects
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 fonts.googleapis.com cdnjs.cloudflare.com
1 sync.fout.jp 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 cms.quantserve.com 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
1 s.uuidksinc.net 1 redirects
1 gdn.socdm.com 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
1 s.tribalfusion.com 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 match.sharethrough.com 1 redirects
1 ads.as.criteo.com 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
1 rtb.sg1.as.criteo.com www.bg3.co
1 warp.media.net googleads.g.doubleclick.net
1 qsearch-a.akamaihd.net www.bg3.co
1 zem.outbrainimg.com googleads.g.doubleclick.net
1 widgets.outbrain.com googleads.g.doubleclick.net
1 b1t-sindc1.zemanta.com googleads.g.doubleclick.net
1 widgets.zemanta.com googleads.g.doubleclick.net
1 b1-sindc1.zemanta.com googleads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 14247d44765c4ef64af988c3254350b9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 8c8641eaa5df0bc1d8f41b2ac9620311.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 d-14199441001193768644.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 ps.eyeota.net Failed ssbsync.smartadserver.com
0 ad.audience73.com Failed 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
0 e3.adpushup.com Failed www.bg3.co
496 180

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.a-mo.net
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.adpushup.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-27 -
2022-08-29		 2 years crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.outbrainimg.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-26 -
2022-09-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.yieldlift.com
Amazon		 2022-01-14 -
2023-02-11		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh

This page contains 75 frames:

Primary Page: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Frame ID: 75E4592B861F6935EBF3345A54D325DB
Requests: 98 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 79E94C683FD59BFB145897A07E12CD8F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 09A552A871150A1171F2B6398EB0FBD9
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1AC9B39C73893F7726408A90A3053FCD
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8DE0A96E735B22B4C710CEDF8C32C72C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Frame ID: A9452DA9FF1BBED061BCA1134BB6E93F
Requests: 11 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 869F59CC5F457B10D0CE59DEBFAE6409
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-27549019203291375241&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3114&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=9008221&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&ga_hid=8221&dt=1661073723605&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&bdt=2124&dtd=350&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: A684819398276084AF7B1E38BC809A1B
Requests: 1 HTTP requests in this frame

Frame: https://8c8641eaa5df0bc1d8f41b2ac9620311.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: AE4A63BF9669942E3BD7BF2595314ECB
Requests: 1 HTTP requests in this frame

Frame: https://14247d44765c4ef64af988c3254350b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 074CD00CE01B480A45E045F30857C759
Requests: 1 HTTP requests in this frame

Frame: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7E0898FB9D46225A8E5DC0F4DEB5E200
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 19D6CA33AE7BC6B8EA2AEF260888C364
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E500F255839461A88BCC29FA2608E6D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78BA6ECF133E73A16A22AEC4CED2C89D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B07418F9AC6CDB919EE9147C2B7A912
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Frame ID: 278E496E442DAAB0B0DC76BBAB2BDDDB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CY6kqPvkBY5veHoWSssUP8NyX2Aes1_3wZLT2qJPiC8CNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoErgFP0CcjfdeEXGAiZSoPjzADARyTBCJ3C3Bi2aZ-3OlqCBjZVuaBS889chsi3NVZPhxUaLELepnp_NOuFplu5_9nX9Lkk5-o3b-QkTUuHGAYmXbZo5vOHyGOf2tBLnpUvCbY8fgUpBvilQaiyaQ9n-ywcdZKfuYZTmbgUyT0z5Kfubf63ljzyAzqFBBvzwIc7JF5r1ps0FcWofX6pLzbwNRx28ga3VMKE2Fuf84egQGABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=pokM3SQiefo&uach_m=[UACH]&cid=CAQSKQCsnQUx3SP9rBLi__KoyqPx2wAiwQ4afgWbfJRlikwgHrJpuaarlDe7GAE
Frame ID: 317624C52AF9EA18BB12EAC4934CAB64
Requests: 16 HTTP requests in this frame

Frame: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B610F7CCE60B0F7E39D2445B72B47F8E
Requests: 18 HTTP requests in this frame

Frame: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D21BB105BB4FA7510AEEB1E9EA571470
Requests: 18 HTTP requests in this frame

Frame: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D23EAECE15B8D968E98A4C8455D7E72E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNUHmGprNC-1aILpuIAfCW3evN6OWouda181_aFOo2hNa4kKXSrSuCD0Ir9ll2t4rYg5GT5WxF_mvVXBI20FXR2DZuIruQ
Frame ID: AD00B7A5D1E96C940FDE9DE96107B9C2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXWX-4JSbRko0bVicJxTU1_CzepeJQVUUUXyNZWQm-QIwFMugj48b2x1P3cToE7N4cxqsMl3xcIfwxQsg9X31hDJl0ohg
Frame ID: AC620759271FF8BB6C13D49B7A91B31B
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 338CB11C49870582C82ECA31A8DC0580
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 850CE3303DB4AB53AB516AD88B358308
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: C7FD7594A9ACD71B4D0714A528BFC38F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1FBF8A952BA27807379089AA83133809
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B9D33AE93F3FB2F6765F19D00B54A294
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC62EFE8D3D934F9B39D19A214789CC0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 844F9A5731540054F1687C1703A23586
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 64EFB30732EF13686CF54B46AFB5432D
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8FCCD8B8E24A72DC2BB8F024F6717109
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Frame ID: 26B202FC03F3940929607EDCE5CDDDD3
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
Frame ID: A40D2461F7D1D0330755D3FF123455F6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5BFAEE7525787DA262A0F941715D5A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0E67AA2FEB1577C5B11BA3C3723FB785
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A5ACF7493B8BF3EABF324F22AE32C472
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7922257FC0ABB9C1630BA1BE7CEAB90C
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7E9DCB06BC9F20708159D98D5FDED696
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 93DE163DA0E17641A8674E29577D47E1
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3E6170D291D5CBC46934DFD2B3F5C667
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661073725391
Frame ID: 16A9D8ED95A086298FA212CE31B5CC4E
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 6E5BB3F9F1FB794E1AEE011AF34FB23A
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA36CCF1152828CF758B9A22DBB53125
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE8F268316521FF9FF7D422D46ACB3CF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2015BF50237BE604B4F78529EF918051
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE38088A18287FD242CBD47063AB725F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 901A2AE0ED36D412C523248744F05B51
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: F93B3E2C188ABA2885D91F74E7DA0E53
Requests: 14 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: EFFAD835B4FFBD989047C3E02CA2773E
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 7EB89A073225A79CA121969A16874EEA
Requests: 14 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: A5C8907651AE716AFCBB3DB96EC254FC
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 7E230D7C98103B4E6BB488D899A980D3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 1C2B72D9425637067C16C45534103D1E
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
Frame ID: ADC378A2E0C2729C93E9E1C7DF8231B7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YwH5QwAIBSOJIgBC&gdpr=0&gdpr_consent=&_test=YwH5QwAIBSOJIgBC
Frame ID: B9DAC5A615A2410D7F6B75D60CB9A237
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9mMWY5MGU1MS0yNjUwLTRjZmQtOTE5Zi1jMTliYjllYWNhNGU=&gdpr=0&gdpr_consent=
Frame ID: 8D7EB0C8C431AC7D71F595E6E705ACBD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 8770FA97588EEBF29F546AD06CEB39C0
Requests: 9 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
Frame ID: 3C184F4995D853A20A4AB6236653F5C9
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 03763D461C458057C26B996DCD8D35A1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YwH5QMCo8YUAAOViAlAAAAAA
Frame ID: B324555D42038A70270FAAEA2DB424F6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YwH5P6jl3HQWy3adPjXdYgAA%26887
Frame ID: 48CC888386B0132397E20E3CF1C35561
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=dRofJNyj00kklMRai5ve&pi=gumgum&tc=1
Frame ID: 5144DA190AB417805AC4869C7CA602F0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DDAEB04DAFACBFF7D9B67C8D98D6CFD6
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Frame ID: 7FA6FD3E00662BA911302D83AC787F3C
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
Frame ID: 3A6DD67ABC18AFBC91629E1989691D60
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
Frame ID: 483EAA39E1256AF1E838A5F4750CF317
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Frame ID: E7FE3E644A1063E3CC669DF7E91B00F3
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: BD11F20596236D7078EAAC7C97378382
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: ED67812016FFB77AF180EFA9A58239C8
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 9047C53B763ECEF8D8275194EBDDE259
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:i5DgjOCl1OpH9R5&gdpr=0&gdpr_consent=
Frame ID: B4C56E84B2A93F3BA2FDDED3C5B4F278
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
Frame ID: 23975FA0600F40953301C905456B8DDE
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Frame ID: E85E148F0CEA601AE02A608DF2A40360
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: B19495DAD9A7816C6160AA43AAA93C1B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Frame ID: 65835F3A54FD28AD381E8D51B491AC52
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

特斯拉創辦人馬斯克再掀話題 發文稱已刪除推特帳號 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

496
Requests

71 %
HTTPS

0 %
IPv6

111
Domains

180
Subdomains

103
IPs

11
Countries

3740 kB
Transfer

9681 kB
Size

202
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 74
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723818&bpp=12&bdt=1467&idt=627&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=1&ga_vid=650209991.1661073724&ga_sid=1661073724&ga_hid=1780781200&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=962562902&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31068991&oid=2&pvsid=2089749623384575&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lj9la3khqp1p&fsb=1&dtd=644 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1&C=1
Request Chain 184
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwH5PzKTTT3-zI6sppD-cAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECsgNRZ7jSfovcQQqTC1HKc&google_cver=1
Request Chain 186
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY4NTk4NjE3MjU4MTc1MjMwNA%3D%3D
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENG2tg495b5wXJ881_pdMSk&google_cver=1
Request Chain 188
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3Y2Q3NGMtMDU1MC0yMjNiLWM1YmItNTdhNWYxNDNlMmMx
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJxxG8Gm8-wzNzOZHaKj618&google_cver=1
Request Chain 190
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTU0NzhiNjktYzU1Yy00MmNkLTgzYTEtZDMzOWUxZjIzNzZl
Request Chain 191
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEARQya_16WVDZYtCQS5PSVM&google_cver=1&google_push=AehlK4BYgCAYqRe2c-yeqfMD3NfVi5xr-HR-CDVdSaa3Fk_NZslMyeQ_9PTZAL9HC7zwLvZXim_Ky5oVBcvCr0qtFngBUXvyDFnvEIl3SWm9GAdWUb6xAzhCBkmdXucjt4ChX0_BqEzi9if3SzdH0k9wCw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4BYgCAYqRe2c-yeqfMD3NfVi5xr-HR-CDVdSaa3Fk_NZslMyeQ_9PTZAL9HC7zwLvZXim_Ky5oVBcvCr0qtFngBUXvyDFnvEIl3SWm9GAdWUb6xAzhCBkmdXucjt4ChX0_BqEzi9if3SzdH0k9wCw
Request Chain 192
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4Btq7njdA1Wct3t1gpW3aouYuNOxlnoc9qPQCAvsB3V6nTCV53cpyUMmiwTzuS8wtYEKlXLxsiipZryZBj3ihPgYiMdG-N4KOYBqSDMYha-xYACfCbKTaKNdMDutcH4cswFTNMkAcDafA9APnHdpS0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTU5MWE1MjctZWE4MS00Mzg4LThiMzgtMmRlYzBlM2Y2ZDZh&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4Btq7njdA1Wct3t1gpW3aouYuNOxlnoc9qPQCAvsB3V6nTCV53cpyUMmiwTzuS8wtYEKlXLxsiipZryZBj3ihPgYiMdG-N4KOYBqSDMYha-xYACfCbKTaKNdMDutcH4cswFTNMkAcDafA9APnHdpS0
Request Chain 193
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEDal4BfW8te-ZMYKrnUWYPo&google_cver=1&google_push=AehlK4BG7lvlLuNguYjmEeX6dT-Zb4Je9KyrpuCgzGVb6ylSfxUfDUFXYg9W7BMVloXhSQtydAZVnztGn7L9SyhIKvvZaz2bpQ3NjM9exO6_HD7V8W-t8qgNX7UH2GhCoAKNALSalrO_Be7RTXx_-qO4fA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4BG7lvlLuNguYjmEeX6dT-Zb4Je9KyrpuCgzGVb6ylSfxUfDUFXYg9W7BMVloXhSQtydAZVnztGn7L9SyhIKvvZaz2bpQ3NjM9exO6_HD7V8W-t8qgNX7UH2GhCoAKNALSalrO_Be7RTXx_-qO4fA&google_hm=NTA1OU04MDBXQkRBWTAwODBHOHI
Request Chain 195
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAz3tAN06qUK1Ib_gDtnEJQ&google_cver=1&google_push=AehlK4AFp-iCpQzTOmUeNWdo7ImTPoeqDYCcWlK3DSXJyeHeFnjGfqZQBHERbco5ktpWepV7g8iSMBcZo9fEm4kjb3U1nUKgpz5cbMEM9_YY7ECwEXBfK32a2wuOBfK4wCi2hgPm3UHMIafPXvxfeRhWeFE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Y1raay6HRExpCvZ3mSNRG2fR_gU&google_push=AehlK4AFp-iCpQzTOmUeNWdo7ImTPoeqDYCcWlK3DSXJyeHeFnjGfqZQBHERbco5ktpWepV7g8iSMBcZo9fEm4kjb3U1nUKgpz5cbMEM9_YY7ECwEXBfK32a2wuOBfK4wCi2hgPm3UHMIafPXvxfeRhWeFE
Request Chain 196
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEMBEthfDFsiGpw_sJ5igdHQ&google_cver=1&google_push=AehlK4DvDcSU4soV90hg_8fpodIyRJjdNa-S10wgRxzfahGf-JldvrrXUvj0b78FdhjGyoHY4PrZ7onjkkKhLRx-__zMXWfaALffclb7Fqc6MyeQGt-RswG9S4De1P145RBtJng1K9rXDG-4H3UPUw3rxRQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4DvDcSU4soV90hg_8fpodIyRJjdNa-S10wgRxzfahGf-JldvrrXUvj0b78FdhjGyoHY4PrZ7onjkkKhLRx-__zMXWfaALffclb7Fqc6MyeQGt-RswG9S4De1P145RBtJng1K9rXDG-4H3UPUw3rxRQ&google_hm=AfC7zHv3gEZToSFvAfo8HW0
Request Chain 197
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHQin8Gdp9CF7ScVRcX64Q0&google_cver=1&google_push=AehlK4AcpzNns4mOwnJIZhZ6fDrwQ3w6uHqiiD8ZLHkU-xolQEEllD7Zugh46dIiDs2optXXTvYthvegdgC95O02CyhXmkvsMREYYkUoCbsSSu7fb5XKa7QwnKwdsx06Hm3F8iu_Joo27q1KFu5eJvhGvM0D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDNlNWYzNjctMDE2ZS00NWNmLTllODctY2IzZWE2NjBlNzU3&google_push=AehlK4AcpzNns4mOwnJIZhZ6fDrwQ3w6uHqiiD8ZLHkU-xolQEEllD7Zugh46dIiDs2optXXTvYthvegdgC95O02CyhXmkvsMREYYkUoCbsSSu7fb5XKa7QwnKwdsx06Hm3F8iu_Joo27q1KFu5eJvhGvM0D
Request Chain 223
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENHlO3NWGwMzBY5uH8CUWEU&google_cver=1&google_push=AehlK4Bo4jJk-ucA7G6r6ZiaddCMizfNxQYK6EE5lM9TifmqYlP8wFGimYP8o5rlqoNZH9m7QOYURiGiTxSfc09phPoFbDMYZ1XbaGZFdmV3ciqzlC_e395hR-rInoIC9kwrZNQSAu6_IxrCyw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4Bo4jJk-ucA7G6r6ZiaddCMizfNxQYK6EE5lM9TifmqYlP8wFGimYP8o5rlqoNZH9m7QOYURiGiTxSfc09phPoFbDMYZ1XbaGZFdmV3ciqzlC_e395hR-rInoIC9kwrZNQSAu6_IxrCyw
Request Chain 224
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEACr7teCQr33uss478j7A7M&google_cver=1&google_push=AehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9ZPgxPPS1l31gzK5XNd3IuGYfll5WnQRtED9GEtkQa5IVqg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9ZPgxPPS1l31gzK5XNd3IuGYfll5WnQRtED9GEtkQa5IVqg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEACr7teCQr33uss478j7A7M&google_cver=1&google_push=AehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9ZPgxPPS1l31gzK5XNd3IuGYfll5WnQRtED9GEtkQa5IVqg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9ZPgxPPS1l31gzK5XNd3IuGYfll5WnQRtED9GEtkQa5IVqg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 225
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEAKdXbFui3cITjkJ_Su8eWE&google_cver=1&google_push=AehlK4BLi29ajVnomWc5tur3gyEeeUFs_KwzYdpK5s8y0y8hygxNqcATvN5v1mUxYk83CfgnubbVXavLFP5-2uGJUN867G6pOY5ujGAYS0k_Ec5ZojQ7m3XwAWw9UuDiUEReTrYSoV2YRWYJpA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXdINVFNQ284WVVBQU9WaUFsQUFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEAKdXbFui3cITjkJ_Su8eWE&google_cver=1
Request Chain 227
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEBS3aZLPNqSVlcR4g7E4rRw&c_param1=AehlK4DEFnTHlp56EAhZSLSeUaFRAz4dPFsHojT8jaLAQVBGAKFHpGICGGN2HOkCavQyRLLbxSa1wzvrOISOXj5LhD8RbH4mWDoysTl6uDtJLTcE3rKa9Cfu6EV1ABNjqod_Uv6XWkZc5Y5_&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4DEFnTHlp56EAhZSLSeUaFRAz4dPFsHojT8jaLAQVBGAKFHpGICGGN2HOkCavQyRLLbxSa1wzvrOISOXj5LhD8RbH4mWDoysTl6uDtJLTcE3rKa9Cfu6EV1ABNjqod_Uv6XWkZc5Y5_
Request Chain 228
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_cver=1&google_push=AehlK4DwgocZIlt7pLpwVripbJKAKw9KInJHdqRhfrlPIaHrlFu_wBwHy6NXWIAWKNK-Y4aDhIdaoiy3aXRNY4RQY9iKYyffqBAgxnRkyzJrijMKB650WWgVgQpNmPQJJKjq8NhorA4IDmX9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&google_nid=index&google_push=AehlK4DwgocZIlt7pLpwVripbJKAKw9KInJHdqRhfrlPIaHrlFu_wBwHy6NXWIAWKNK-Y4aDhIdaoiy3aXRNY4RQY9iKYyffqBAgxnRkyzJrijMKB650WWgVgQpNmPQJJKjq8NhorA4IDmX9
Request Chain 229
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAxj_5jtuW259E4iZKpCHP0&google_cver=1&google_push=AehlK4DSFF-oO1XH0bCVAgU5vUaPCVgHqtj6JECAM1D-2_0xOrh-OEVub4BV8q1SdliXnThjxJrWm444_xx6C_3ZR3ThV63yn0_EaZVYYcJHbmEOs1VnGsVDXgt0NqJuWQsFN-CmC-eA3GBtlw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1j9WPg3QCRCdtNoLEK8RsLcYjWtCouw&google_push=AehlK4DSFF-oO1XH0bCVAgU5vUaPCVgHqtj6JECAM1D-2_0xOrh-OEVub4BV8q1SdliXnThjxJrWm444_xx6C_3ZR3ThV63yn0_EaZVYYcJHbmEOs1VnGsVDXgt0NqJuWQsFN-CmC-eA3GBtlw
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK1WgSDhf9lojynpKcTu7BQ&google_cver=1
Request Chain 233
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
Request Chain 236
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4CxdYsXt_i4FGxVtoJmxI_SrJpUVp5vKbWTRrnoSrb0Y2uWT0ZFzDJaKONgIp3bp-2-DFLLm3JXDcqPzo-9PSJrws10E92jTjN6iUUOCeRolkPNu-2h0GIQUQIOza-wYZmTKVOWgLOB94QE4aYTcw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=N2M2ZmQ5ZTUtYmJkMy00NjU2LTgwYjYtMGZmZWM0M2NiMWRh&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4CxdYsXt_i4FGxVtoJmxI_SrJpUVp5vKbWTRrnoSrb0Y2uWT0ZFzDJaKONgIp3bp-2-DFLLm3JXDcqPzo-9PSJrws10E92jTjN6iUUOCeRolkPNu-2h0GIQUQIOza-wYZmTKVOWgLOB94QE4aYTcw
Request Chain 237
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEDal4BfW8te-ZMYKrnUWYPo&google_cver=1&google_push=AehlK4CAHnB2LWPG9WhZBCfiEyntC7rv0AU1Wce5st5M2K8l4iFdIHJqPssJ6jrCT1urTrKNRJw1h0f047WguDK-7cBBE6R6OKBpBPWTvgYNp5_a0mrRKRY6ImVyOXEWUH0o6Tfj7-XxbptOGF6RFtlLgQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CAHnB2LWPG9WhZBCfiEyntC7rv0AU1Wce5st5M2K8l4iFdIHJqPssJ6jrCT1urTrKNRJw1h0f047WguDK-7cBBE6R6OKBpBPWTvgYNp5_a0mrRKRY6ImVyOXEWUH0o6Tfj7-XxbptOGF6RFtlLgQ&google_hm=NTA1OU04MDBzQkRHYTAwN0JtVU4
Request Chain 238
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_cver=1&google_push=AehlK4DYpE7D9S0Dqk9yL1yzWh7QPlL2wPQimORjOirlKpjzwYW39Z5edc55rN44C0jMHxH-nucvz44VOvEZrB30v9ezzJpdYbnaFmphEd6dTSBD20wmyEVMTzy0vC-gcN475tB5O1Wwa0WqjXaEKuHoZXU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&google_nid=index&google_push=AehlK4DYpE7D9S0Dqk9yL1yzWh7QPlL2wPQimORjOirlKpjzwYW39Z5edc55rN44C0jMHxH-nucvz44VOvEZrB30v9ezzJpdYbnaFmphEd6dTSBD20wmyEVMTzy0vC-gcN475tB5O1Wwa0WqjXaEKuHoZXU
Request Chain 239
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEMBEthfDFsiGpw_sJ5igdHQ&google_cver=1&google_push=AehlK4DorID-fFHFGa223QEFsaAFtfyhwIdXnRVHKK7snr8GApBxkHYJT_wda3lZSewGaKELbU2C5cBxznspwjZpUUeV02OZfj8pifhFuldcLmL_oZaGoVSOJBv_hECEDJw2xyXIQcc5mc35wBmRhoYRM0Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4DorID-fFHFGa223QEFsaAFtfyhwIdXnRVHKK7snr8GApBxkHYJT_wda3lZSewGaKELbU2C5cBxznspwjZpUUeV02OZfj8pifhFuldcLmL_oZaGoVSOJBv_hECEDJw2xyXIQcc5mc35wBmRhoYRM0Q&google_hm=AcZQlW1s1UmKjdA62i43OB4
Request Chain 240
  • https://cs.media.net/cksync?type=g&google_gid=CAESEK1WgSDhf9lojynpKcTu7BQ&google_cver=1&google_push=AehlK4CGJYjNek65bvktFZyFZacH_TQi0CJDV3tOPpMJR_-dl92NoqnWzqINUhrKyKvzzVkO6gXU3B50AoWeu2vgTgbKxVxXWSnp1WV8E4mQkVmofgZUC537irpmGTfaxgYTRQdi55BUbdYaLVBQuuZEEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3d%3d&mn_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4CGJYjNek65bvktFZyFZacH_TQi0CJDV3tOPpMJR_-dl92NoqnWzqINUhrKyKvzzVkO6gXU3B50AoWeu2vgTgbKxVxXWSnp1WV8E4mQkVmofgZUC537irpmGTfaxgYTRQdi55BUbdYaLVBQuuZEEw&gdpr=&gdpr_consent=
Request Chain 251
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEPUbN_RykOwwp1GiH6h8Qsk&google_cver=1&google_push=AehlK4DG4VSPgwpUegbeGXD56Uas1X60wSJWxfiKLmrCfA8JTlyUWbAAzl7w6GieMXj3FYeyNfPA1TtSiYerhHlQwl3G38K4H_U8UpWKDQYMR3Up9R4Yf1ZHVUnZ2ZRUtLPS0SdajjRrkkz91Q63YfM8aA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4DG4VSPgwpUegbeGXD56Uas1X60wSJWxfiKLmrCfA8JTlyUWbAAzl7w6GieMXj3FYeyNfPA1TtSiYerhHlQwl3G38K4H_U8UpWKDQYMR3Up9R4Yf1ZHVUnZ2ZRUtLPS0SdajjRrkkz91Q63YfM8aA
Request Chain 252
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEAG0y5qwPTnV8T2GIpBbZM4&google_cver=1&google_push=AehlK4B3R1_zEN-yejLY80fue68FOjhlKMTSUBfF751YwBXjLfjzEf3fld3BX4aavNiwhtDagJcw-kk7SmmuNbTEht9JkvNMRyvuNIiTFOmNpiAa0IJZOHmNDmvzDpUn2pTxQz4ebl93mBYGpF4zZ7s0zew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4B3R1_zEN-yejLY80fue68FOjhlKMTSUBfF751YwBXjLfjzEf3fld3BX4aavNiwhtDagJcw-kk7SmmuNbTEht9JkvNMRyvuNIiTFOmNpiAa0IJZOHmNDmvzDpUn2pTxQz4ebl93mBYGpF4zZ7s0zew&google_hm=SWhxQWRPSG5idGdNQlFzZ2tsalRIZVZNclQ0&from_google=sp1
Request Chain 253
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIN33tDtydpIxJifAXnJC54&google_cver=1&google_push=AehlK4BnvHmHCIWyPQ7J4WRwWgHPkWaeCJ-GadpSc0ftlLdzRC9GpZ36Kx5Bfao16nokz8Q3V5kgJ1XPYrdytd8US2cLGYAp1ciFnhXJ1pc54V3JPwihkSjvS0XutqxMn4E0zlbRNGr0BKAbwmzs_-uUMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BnvHmHCIWyPQ7J4WRwWgHPkWaeCJ-GadpSc0ftlLdzRC9GpZ36Kx5Bfao16nokz8Q3V5kgJ1XPYrdytd8US2cLGYAp1ciFnhXJ1pc54V3JPwihkSjvS0XutqxMn4E0zlbRNGr0BKAbwmzs_-uUMw&google_hm=MjE2Nzk0MjgxMzgzNTgzNjg0Mg%3D%3D
Request Chain 254
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENha-KOU19oZNpsboZLtmMA&google_cver=1&google_push=AehlK4Ag3qRkL34S9XjBCli170M0vTwC-N4vnV6K_NOfLEZL_T1yANAnDgpNS35GuzIsv-oy4XPlr6fqyZ8rIqo8mu9cumKw4CDlEC1SXXlyG-W8pziXg36zs6rlZ6Ap0fa6gUZrb8vVqtO4d1Afmqj87A0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE5MDgyNDAzOTY3NjAyMzU3MTI&google_push=AehlK4Ag3qRkL34S9XjBCli170M0vTwC-N4vnV6K_NOfLEZL_T1yANAnDgpNS35GuzIsv-oy4XPlr6fqyZ8rIqo8mu9cumKw4CDlEC1SXXlyG-W8pziXg36zs6rlZ6Ap0fa6gUZrb8vVqtO4d1Afmqj87A0
Request Chain 255
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJK3yuSmshtoq8nSpU-7eng&google_cver=1&google_push=AehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERNTIkrmMGxijeq70dOx9OrmlQB8PqTGGbrHQPFtffZMEkmOfFnfVdrJP-qLW2IHF3ilzSGcUWFdAJAGnUIdr4j1ASx40FQxPq6gI-VHnI HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJK3yuSmshtoq8nSpU-7eng%26google_cver%3D1%26google_push%3DAehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERNTIkrmMGxijeq70dOx9OrmlQB8PqTGGbrHQPFtffZMEkmOfFnfVdrJP-qLW2IHF3ilzSGcUWFdAJAGnUIdr4j1ASx40FQxPq6gI-VHnI HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1908240396760235712&exchange=193&google_gid=CAESEJK3yuSmshtoq8nSpU-7eng&google_cver=1&google_push=AehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERNTIkrmMGxijeq70dOx9OrmlQB8PqTGGbrHQPFtffZMEkmOfFnfVdrJP-qLW2IHF3ilzSGcUWFdAJAGnUIdr4j1ASx40FQxPq6gI-VHnI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE5MDgyNDAzOTY3NjAyMzU3MTI&google_push=AehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERNTIkrmMGxijeq70dOx9OrmlQB8PqTGGbrHQPFtffZMEkmOfFnfVdrJP-qLW2IHF3ilzSGcUWFdAJAGnUIdr4j1ASx40FQxPq6gI-VHnI
Request Chain 256
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEFTdbD5L__aSo01KjQMvF_A&google_cver=1&google_push=AehlK4BnB36gpFGikCBh5fMnWD5FZQhkyShIb8YHCqOg9MaP5yBgIsRYwIzAcfSxXJ7rATAZZQUVX2jynJ2TPzpMwvqG2bUNsOx-UnccMZwRCFzUAF29URvakLR1jMg1F7OClX0JiOEXotky2zbiDl0vjGo HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEFTdbD5L__aSo01KjQMvF_A&google_cver=1&google_push=AehlK4BnB36gpFGikCBh5fMnWD5FZQhkyShIb8YHCqOg9MaP5yBgIsRYwIzAcfSxXJ7rATAZZQUVX2jynJ2TPzpMwvqG2bUNsOx-UnccMZwRCFzUAF29URvakLR1jMg1F7OClX0JiOEXotky2zbiDl0vjGo&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4BnB36gpFGikCBh5fMnWD5FZQhkyShIb8YHCqOg9MaP5yBgIsRYwIzAcfSxXJ7rATAZZQUVX2jynJ2TPzpMwvqG2bUNsOx-UnccMZwRCFzUAF29URvakLR1jMg1F7OClX0JiOEXotky2zbiDl0vjGo&google_hm=OE4xcEpFNkFKT3k=&suid-set=1
Request Chain 257
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAxj_5jtuW259E4iZKpCHP0&google_cver=1&google_push=AehlK4AALU4rikSLJ49tBdzWgsKf2Nh899aXEQ0GkvJ0U_W_-rJcnR73WuCo436qUXxG8Gvtcf7lPlNeJq4ldLF5X5GHVttP9D6VTH70pWulvAfzWnBI3hoCEixtmKwVlSIAOLO3esprPR-_9NPN-WqDcWBF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1j9Sr7X2wFshs2awltfyWlgd5QkEVxQ&google_push=AehlK4AALU4rikSLJ49tBdzWgsKf2Nh899aXEQ0GkvJ0U_W_-rJcnR73WuCo436qUXxG8Gvtcf7lPlNeJq4ldLF5X5GHVttP9D6VTH70pWulvAfzWnBI3hoCEixtmKwVlSIAOLO3esprPR-_9NPN-WqDcWBF HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 318
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 319
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c1f3ab44-b55a-43a0-bc86-e25039be30dc&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 325
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3418254032047919557&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 326
  • https://match.adsrvr.org/track/cmf/openx?oxid=e4130486-cc27-7c9f-d05b-0d1c3ba12ca1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttd_puid=e4130486-cc27-7c9f-d05b-0d1c3ba12ca1&gdpr=0&gdpr_consent=
Request Chain 327
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwH5QMCo8YUAAOViAlAAAAAA
Request Chain 328
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZdXErv9jx90ks8ADsWuCIhCu88AAAGCv7WtBA
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENG2tg495b5wXJ881_pdMSk&google_cver=1
Request Chain 334
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=1&gdpr_consent=
Request Chain 336
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7685986172581752304
Request Chain 338
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1qRwrvHsCI4YmStpqC8eB9n4cYdCoqg
Request Chain 340
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCMHyh5gGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 341
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=el3vdkUyYKMTzK2MpbORVdwb8qO8ZxDEWGwcEY5MdsI
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAxj_5jtuW259E4iZKpCHP0&google_cver=1
Request Chain 345
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=
Request Chain 354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&dongle=0cfd
Request Chain 355
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQyMTQ1NDYwNTIxODI2MDQ4NDA1 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBUJio1VzebS9MGp1XKBzlM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 357
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQyMTQ1NDYwNTIxODI2MDQ4NDA1
Request Chain 358
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=442145460521826048405&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=442145460521826048405&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=df6a7ade-e186-45b8-9d30-d1c75021f4a3&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=df6a7ade-e186-45b8-9d30-d1c75021f4a3&_noobservation=1&_expected_cookie=c196330926a7ee2fb3d08c5188d440d1
Request Chain 361
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/442145460521826048405?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-UMcf9dlE2oQM04ylySUDVUKWcby2M.OV3GnKhZiNig--~A&dongle=0883
Request Chain 362
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=442145460521826048405 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=442145460521826048405&dcc=t
Request Chain 363
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=FuFg1ugg92Qp6DkxsGln&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IZ2UMZZROVTWOOJSKFYDMRDLPBZUO3DO&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IZ2UMZZROVTWOOJSKFYDMRDLPBZUO3DO HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=FuFg1ugg92Qp6DkxsGln
Request Chain 371
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-4anBZnhQlCisgNid7toQw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-4anBZnhQlCisgNid7toQw
Request Chain 372
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=&expires=30
Request Chain 373
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/L7awvALb9krb8Iqn0OuOr8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2167942813835836842
Request Chain 374
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L734EPFT-1K-M6X4&sigv=1&esig=2~b03e4b6e5f6999036e982ce7fd95ceffe3553e70
Request Chain 375
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkwOTE3YzdlYzRmNzFhNjA3YjY1OWJmNGZjNmY5OWMzM2NmN2NjYQ
Request Chain 376
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGosGwdcZusGwvbgF8qsRnI&google_cver=1
Request Chain 378
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczNEVQRlQtMUstTTZYNA==
Request Chain 384
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 385
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L734EPFT-1K-M6X4&gdpr=0&us_privacy=1YN-
Request Chain 386
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7685986172581752304
Request Chain 387
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FLqSDRZHQJK9P_S-Q-uJYsSC
Request Chain 388
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FLqSELZHWopT95PNT06HPN4M
Request Chain 389
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMzNhODg3OGYtMzE1NS00MzQ2LWJjNjEtZGU3NzY2YjU3ZDk0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMVQwOToyMjoxMS40MTYzMDZaIn0=
Request Chain 390
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661073731414 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2655029591 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
Request Chain 391
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1917759393972564243
Request Chain 392
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=f7e58d47-f487-435b-8128-b9bff81fc66b
Request Chain 393
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F89%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D39fcf0e9-8d6a-4a8f-a40a-f2578cbea260%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/89?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=39fcf0e9-8d6a-4a8f-a40a-f2578cbea260&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=7685986172581752304 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F89%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D39fcf0e9-8d6a-4a8f-a40a-f2578cbea260%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 394
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
Request Chain 395
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3Dhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D346%2526uid%253Dua-749c1111-eb65-3456-a62e-bfc9b5f8a859 HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=c4d3025e-e3c4-45fc-b549-55f08a384ada&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3Dua-749c1111-eb65-3456-a62e-bfc9b5f8a859 HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
Request Chain 396
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
Request Chain 397
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&dcc=t
Request Chain 398
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&expiration=1663665730&gdpr=0&gdpr_consent=
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_cver=1
Request Chain 401
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887
Request Chain 402
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
Request Chain 403
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1ef66301-f940-4b00-ac3f-b249d156aa03
Request Chain 404
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=90666d9d-421a-4c81-abaa-d1ed419e945a&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 408
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7685986172581752304
Request Chain 409
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YwH5QwAIBi9DtAAK HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwH5QwAIBi9DtAAK&_test=YwH5QwAIBi9DtAAK
Request Chain 410
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3418254032047919557
Request Chain 411
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHtkE7GA_MAABCb-k8k5Q&expiration=1662283331
Request Chain 412
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=3fca4e58-0e5e-47c6-9efe-80e9baadbaf0&expiration=1692609731
Request Chain 413
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887
Request Chain 414
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=YwH5QMCo8YUAAOViAlAAAAAA&expires=30&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5b3e17a5-92e0-4399-9d31-33cf70c1789e
Request Chain 415
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3582f438-f2f0-4cbd-b57f-2ed5d6e5268d&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 417
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1rR-8NnT_8OqHiKLbA09w54DpQtq71g
Request Chain 419
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
Request Chain 420
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=L734EPFT-1K-M6X4&gdpr=0
Request Chain 421
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7685986172581752304
Request Chain 423
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6214874680473096912
Request Chain 424
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WBDUFU0IA20muqRd7rOWE-iM-y__3M-h1yU5a__H_rM
Request Chain 425
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FBQjY4RkItRkJGOS00QzlBLUIzQ0QtRjlFNDBEMjFBQTM4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Request Chain 426
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
Request Chain 427
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=
Request Chain 428
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5b3e17a5-92e0-4399-9d31-33cf70c1789e&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10529838142102681692&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Donetag%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10529838142102681692&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Donetag%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dacf31c4-42ff-498d-bd87-3afb89966d1e&ssp=onetag&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10529838142102681692&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=231983304250167149851&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10529838142102681692&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 433
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YwH5QwABSV2MnABN HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YwH5QwABSV2MnABN&gdpr=0&gdpr_consent=&_test=YwH5QwABSV2MnABN
Request Chain 434
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOyrXOb2lRi1tBs1MWuAnvtV-Ux37agxKfuwVO4g&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=1893933702894523039&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/7/3.gif?puid=7685986172581752304&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOyrXOb2lRi1tBs1MWuAnvtV-Ux37agxKfuwVO4g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/3/6/4.gif?puid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttl=%%TTL%% HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEGfBe9ow4FhQJTNOM6aHKGA&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGfBe9ow4FhQJTNOM6aHKGA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7685986172581752304&opid=apx&ops=&utidl=tech:goo:CAESEGfBe9ow4FhQJTNOM6aHKGA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A28829868969&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAHtkE7GA_MAABCb-k8k5Q HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 435
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=c73adda
Request Chain 436
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7685986172581752304
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=5b3e17a5-92e0-4399-9d31-33cf70c1789e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=5b3e17a5-92e0-4399-9d31-33cf70c1789e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=222a8f68-4816-43d8-8341-dd155b04d2a5&user_group=1&ssp=gumgum2&bsw_param=5b3e17a5-92e0-4399-9d31-33cf70c1789e HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=5b3e17a5-92e0-4399-9d31-33cf70c1789e
Request Chain 438
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e&obuid=ENC(i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3Di_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=456c2256-b84a-4193-8b48-6957e9dc86dc&obUid=i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0
Request Chain 439
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=132ea0f6-e432-44c9-b720-1df1f3f12de7
Request Chain 440
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-635ada6b-2e87-444c-690a-f6779923511b$ip$103.209.254.5
Request Chain 441
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5FAVWCBE2pf46s0z9skhaDbNaUu9XM.esAUy~A
Request Chain 442
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=03ac70cd-a13c-4652-9437-75cc783e5575
Request Chain 445
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=hh-XwatS-qAYScs12pxc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22DIFVMHOYLUKMWXCQKZKNRXGMJSOB4GGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22DIFVMHOYLUKMWXCQKZKNRXGMJSOB4GGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=hh-XwatS-qAYScs12pxc&us_privacy=1---
Request Chain 446
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=456c2256-b84a-4193-8b48-6957e9dc86dc
Request Chain 447
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1661073731414 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1878904262 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
Request Chain 448
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=xKjJLpkxNiQz&ev=1&pid=558355
Request Chain 449
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1893933702894523039
Request Chain 451
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
Request Chain 452
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YwH5QwAIBSOJIgBC HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YwH5QwAIBSOJIgBC&gdpr=0&gdpr_consent=&_test=YwH5QwAIBSOJIgBC
Request Chain 455
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
Request Chain 457
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YwH5QMCo8YUAAOViAlAAAAAA
Request Chain 458
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YwH5P6jl3HQWy3adPjXdYgAA%26887
Request Chain 459
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=dRofJNyj00kklMRai5ve&pi=gumgum&tc=1
Request Chain 460
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 463
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L734EPFT-1K-M6X4 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L734EPFT-1K-M6X4
Request Chain 464
  • https://c1.adform.net/serving/cookie/match?party=14&cid=461FC79B-24FE-4D05-9DF7-4B01435FAE38 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Request Chain 465
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
Request Chain 466
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwH5QwAIBSOJIgBC&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rh_HmyT-TQWd90sBQ1-uOA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 469
  • https://idsync.rlcdn.com/420486.gif?partner_uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6e2b1bd1382c36b58d514944c9cba286f324b36f0537ca206b5592a24ed74884791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2ZTJiMWJkMTM4MmMzNmI1OGQ1MTQ5NDRjOWNiYTI4NmYzMjRiMzZmMDUzN2NhMjA2YjU1OTJhMjRlZDc0ODg0NzkxNDI2YjU0MTdkY2UyMRAAGgwIw_KHmAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2ZTJiMWJkMTM4MmMzNmI1OGQ1MTQ5NDRjOWNiYTI4NmYzMjRiMzZmMDUzN2NhMjA2YjU1OTJhMjRlZDc0ODg0NzkxNDI2YjU0MTdkY2UyMRAAGgwIw_KHmAYSBAgCEABCAEoA&google_gid=CAESECeX12YRelquczgVid57KuM&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=51434540-3893-413d-8a6a-8ab6833a98fe
Request Chain 470
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ef66301-f940-4b00-ac3f-b249d156aa03
Request Chain 471
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDYxRkM3OUItMjRGRS00RDA1LTlERjctNEIwMTQzNUZBRTM4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMUzImp6vMmt55gFszjFnsw&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Request Chain 473
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CF7483954E1940709E69873CC72091EC
Request Chain 475
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
Request Chain 476
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7685986172581752304&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Request Chain 477
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=E8VZbkPPWjsIklFtR8dEZxfAWDoIx1prE5d2HxgL HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Request Chain 478
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c1f3ab44-b55a-43a0-bc86-e25039be30dc&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 480
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L734EPFT-1K-M6X4 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L734EPFT-1K-M6X4
Request Chain 486
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wraagdkjfj6 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 487
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:i5DgjOCl1OpH9R5&gdpr=0&gdpr_consent=
Request Chain 488
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004&rndcb=8136756405 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5b3e17a5-92e0-4399-9d31-33cf70c1789e&google_hm=NWIzZTE3YTUtOTJlMC00Mzk5LTlkMzEtMzNjZjcwYzE3ODll HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOtdzi83siBMmLYPm1VIdC8&google_cver=1&ssp=adconductor&bsw_param=5b3e17a5-92e0-4399-9d31-33cf70c1789e HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5b3e17a5-92e0-4399-9d31-33cf70c1789e?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
Request Chain 490
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bea001d0-2132-11ed-80b9-9113a8cf3a64 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Request Chain 492
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=461FC79B-24FE-4D05-9DF7-4B01435FAE38&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=461FC79B-24FE-4D05-9DF7-4B01435FAE38&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 493
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent=&ct=y
Request Chain 494
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=461FC79B-24FE-4D05-9DF7-4B01435FAE38 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dacf31c4-42ff-498d-bd87-3afb89966d1e%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttd_puid=dacf31c4-42ff-498d-bd87-3afb89966d1e%2C
Request Chain 495
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1756822123006844034 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7685986172581752304 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 496
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3418254032047919557&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7685986172581752304 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 497
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=731f7eedf1ea1fff&is_secure=true&networkId=17100&version=1&nuid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALXg0q_j2TDgNeZwz4AAAAAAA&expiration=1661160135&nuid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&is_secure=true&gdpr_consent=&gdpr=0

496 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
www.bg3.co/a/ 		52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3569b93e6740e1a601fccccb01da9b5bce280f4e8f4bf1baca090b3fef3ca3f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Aug 2022 09:22:01 GMT
ETag
"d03b-qANnGge54ASpxu4jUarbFhPeqJ0"
Expires
Sun, 21 Aug 2022 10:22:01 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72499
x-xss-protection
0
server
sffe
date
Sun, 21 Aug 2022 09:22:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"566a4cf199592f12"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Aug 2022 09:22:01 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
sffe
date
Sun, 21 Aug 2022 09:22:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d1fae90a9114f57d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Aug 2022 09:22:02 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7576
x-xss-protection
0
server
sffe
date
Sun, 21 Aug 2022 09:22:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"df45f464576212d8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Aug 2022 09:22:01 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31989
x-xss-protection
0
server
sffe
date
Sun, 21 Aug 2022 09:22:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"a1b1c4bb043ec9da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Aug 2022 09:22:01 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4189
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZURahhBue5e137fFxsKI9WRHt8Ff8etmBxg7DnCI1mWrLKowXbPM%2F03SKgbLjVyU%2BZ73gCuNQ%2BMKLqaveGEuuWVGjUcaF%2FzAQj1unsp8vAddYKDNGQTkuqTkO1he2Y0MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
73e24d4c3c095a73-MEL

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:02 GMT
content-encoding
br
last-modified
Sun, 21 Aug 2022 07:00:09 GMT
server
nginx/1.18.0
etag
W/"6301d7f9-8ea7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=10, origin; dur=222
content-length
9533
expires
Sun, 21 Aug 2022 10:22:02 GMT
adpushup.js
cdn.adpushup.com/42753/ 		513 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
a51abdc945bd68a425eddc829372fe5380aff8fe0343c7246784db121f65f994

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 21 Aug 2022 09:22:02 GMT
content-encoding
br
last-modified
Fri, 19 Aug 2022 10:07:01 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
x-cf-geodata
AU
content-type
application/javascript
content-length
120666
expires
Sun, 21 Aug 2022 10:22:02 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4293
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFAfT4KvusCLkfFHOJh%2FSzINFAUmKJltaxTqfnG9eeH672ArVw%2F1SjaggwZJxYmIvwFaNlf5CySNn2k4HLrSN2Xp%2FIO2aCR8U0rxjRZPhskLSKm7rua3nNW6fOheXVIptQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73e24d4cfd495a73-MEL
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:03 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:03 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5406213409859806&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:02 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.97152027874544&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:02 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
3e3255afbd3e74896a3d467529153435.jpg
static.bg3.co/imgs/202106/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/3e3255afbd3e74896a3d467529153435.jpg?w=800&h=543&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a8dae77651a8899acd413f39b00636042d47a39f9f251626f71f9fd49c8410

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 20:14:58 GMT
server
cloudflare
etag
"3E3255AFBD3E74896A3D467529153435"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryg0WZBzepdrzkP1CpzWopBRuf%2BAvJtKaW6hgsPnRLUSt3yeeNW%2ByTZmErQNvdZn0wYqlhRU4QyYbMf8AnnsRTn1pP6OfsfLy5AM%2BBgxXjDCnSUWO%2Bljzy95rCo2COw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4f7de85a7f-MEL
content-length
84928
expires
Sun, 28 Aug 2022 09:22:03 GMT
089c32912945405345d5254b9644ec1b.jpg
static.bg3.co/imgs/202106/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/089c32912945405345d5254b9644ec1b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f81904ff710efe37490baba856731f5ba0eb6c8e632b46a1f6ac46c07c5aac5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 05:44:54 GMT
server
cloudflare
etag
"089C32912945405345D5254B9644EC1B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4bt6a144V06H73xpxlHo9V8PpT2RSSz6JQUby%2FiDd%2FwCvRtnXGXFPqxNCTbUXyCkHv%2FmjM9P8gTSc%2FlRzcaP4BwxNkYRcYkFN5wurA%2B%2FBpdhcOC0%2BhJCRHOzGzMVjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4eecd75a7f-MEL
content-length
7436
expires
Sun, 28 Aug 2022 09:22:03 GMT
faee51edfb68f6e903d9672d882a0d66.jpg
static.bg3.co/imgs/202010/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202010/faee51edfb68f6e903d9672d882a0d66.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0f293420259a5311c1ee4eebec0c6318fc0afcdbb46649e913cc2e0faa1704

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Wed, 21 Oct 2020 09:55:00 GMT
server
cloudflare
etag
"FAEE51EDFB68F6E903D9672D882A0D66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3O6rMC32cZh9%2BOhpAlhu9jcTFKhRDirYxumffLLqKwj5rJh3R%2BK%2Fvxa7VUvo6EQR%2Bz2c1ZmEqD7rxdx0bSxjtFJH7p5kGpXX2twPNhr2BC703RNZQAzy42zzGXSk7Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4eecc95a7f-MEL
content-length
3985
expires
Sun, 28 Aug 2022 09:22:03 GMT
cde2a37ef0a10c41490d325daf46f2b0.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/cde2a37ef0a10c41490d325daf46f2b0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1d364683bafd44cef44405cd77f9dbe405c2795d589407f22141224648ff72

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 19:12:39 GMT
server
cloudflare
etag
"CDE2A37EF0A10C41490D325DAF46F2B0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5p3o88TrE7r8%2BGtoF4kQUke2VWivF1l5%2F4%2BrCk0LReubAGLdj7jCN%2B3UuXHlP49Y8Yt%2F%2FcZavxSkhgkgwEvupPVu%2FVWpDPHy2RpR%2Fh6BqWhzOrP1n7v8P8yGHgVOsYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4eeccc5a7f-MEL
content-length
8082
expires
Sun, 28 Aug 2022 09:22:03 GMT
fabf1089b8586b2610913c46d49cbb4b.jpg
static.bg3.co/imgs/202205/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202205/fabf1089b8586b2610913c46d49cbb4b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e6fec1d5fc0b781ed6c0447bcf2f7e55ace90f19ec1b8b58d1800fd2160a37a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Thu, 19 May 2022 07:03:02 GMT
server
cloudflare
etag
"FABF1089B8586B2610913C46D49CBB4B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Yc%2F3yUBkRsbZjuRN1vF7K9gn5GprEkR7EviTG6ZEixapvHShmBvd%2B8SAeCZkinjMg1MKIDFbYlg7izg7wx4X96h9FYV3Dotzz3sfwW%2BYxuSRkN9g6NVdxjmQDQtGCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4eecce5a7f-MEL
content-length
7262
expires
Sun, 28 Aug 2022 09:22:03 GMT
7838f073ac86afa4b7b988d40b672197.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7838f073ac86afa4b7b988d40b672197.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de3577fb6836ce8196d135aec683780e913eb06cbeed2796e1049397d9e48dea

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 05:15:39 GMT
server
cloudflare
etag
"7838F073AC86AFA4B7B988D40B672197"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qN7uCzAfgfy3AIEsnh5FXQyzgMYDsQ%2FbaqkSqVUY2%2BvN%2FgeUZQv83sJUEzldGihPh9GfUOl8sljrJFj%2FP37ds5%2FIxrHS65mCO6EhzoJxJlteQZcML38LMGlq5Do5hh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4eeccf5a7f-MEL
content-length
6726
expires
Sun, 28 Aug 2022 09:22:03 GMT
8336f3b16cdd005aa8c782ad3e0dc270.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8336f3b16cdd005aa8c782ad3e0dc270.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b228c5f8c00ed84b7e44f3e0bfba3fa0b050d39bca08194e70bed45d61ce87a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 21:22:09 GMT
server
cloudflare
etag
"8336F3B16CDD005AA8C782AD3E0DC270"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iLOkHT7qdzB5KCVvfJXTEOh%2Boe2nf44m3nvZ%2BHw%2FUrCd%2BHTMYWm7jCb2%2BOFXaAowwK1qPw0%2FLE%2FuzAaprheUQubo5tI1LqpvHRoaarKqSxPRl%2FDJXa7G8h9VU4zxe4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4eecd15a7f-MEL
content-length
3907
expires
Sun, 28 Aug 2022 09:22:03 GMT
367bad4eb67dde6da275030aaccc99e7.jpg
static.bg3.co/imgs/202106/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/367bad4eb67dde6da275030aaccc99e7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876037e1d211d367908afbced450a9fc5269f2cb81dd460fc3658a4431d36187

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 07:36:43 GMT
server
cloudflare
etag
"367BAD4EB67DDE6DA275030AACCC99E7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQznek%2BbFXgcB5c5ghhTlE1%2F%2BNsOAafeDU0le7Z2K7%2FbNdJhspAxE0wd8ndjgVNZbihkI6dx59lzhSZOs5Pvz4Zxnj0P9vCLmz8AXf3VwVnOuEepO9xuh5d5YqwLYjo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4eecd25a7f-MEL
content-length
11398
expires
Sun, 28 Aug 2022 09:22:03 GMT
3425a2a44360fee2fb21a81bc31bf187.jpg
static.bg3.co/imgs/202205/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202205/3425a2a44360fee2fb21a81bc31bf187.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5a92e9a4da7e3cf56a01470b69bc321b6ec7168b8cb57a8e7d636e5d55b76b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Fri, 06 May 2022 07:04:57 GMT
server
cloudflare
etag
"3425A2A44360FEE2FB21A81BC31BF187"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKFl%2BQRIEDvCvfwlyzFrCi7vO2%2BBOlO9xdbghKk36JiGtWwNXjXpysunULSYgEMaTzFeiNC3hYFTVZeQzCM5KpAfao9yrl8G8gRdRhAEJOi76x6C098%2BRaUFgcJnnog%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d4eecd55a7f-MEL
content-length
8291
expires
Sun, 28 Aug 2022 09:22:03 GMT
78ca114ad3299eb4aedd05bdc64cfa20.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/78ca114ad3299eb4aedd05bdc64cfa20.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74509b738f8c3828a0e58dbd0f7badaceeaf7e9513586cf57732fe24ef839a5a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Tue, 18 May 2021 03:49:48 GMT
server
cloudflare
etag
"78CA114AD3299EB4AEDD05BDC64CFA20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnH9PUCM7jSbI3ovo2t8H0E85%2FcD7TpkVOZawrJRmNTvCEseWssUx%2B8gxIRwTVeEYyHIBHpIRR8Lh4%2BfczWdzzKtY8WLbtxpgknaHll8tyHhMH70DfhOGGQOPxIDGDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f9505a7f-MEL
content-length
2691
expires
Sun, 28 Aug 2022 09:22:03 GMT
0fafff50c9bc3c16dc0eec84796eb668.jpg
static.bg3.co/imgs/202204/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/0fafff50c9bc3c16dc0eec84796eb668.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a6138ea0db2ad80451df7fb182cccf8d0598dc9641a9fdbfb5aa5861dc3cfc5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Apr 2022 07:07:59 GMT
server
cloudflare
etag
"0FAFFF50C9BC3C16DC0EEC84796EB668"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YGAZE9Jyi22pTGskXKbyEc4t994fhlKCDa0%2BuYDVoDcA5ApMCpia14XpGcWQtxoaz2dfgeb5%2F%2B%2BM6pDEC3FK6loqKHzMekSUSWo45ysNDbYmfxPyuN8t%2BRz6TiiTRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f9545a7f-MEL
content-length
6221
expires
Sun, 28 Aug 2022 09:22:03 GMT
2f0f740a4a1c233d562e84481fdf1b1d.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2f0f740a4a1c233d562e84481fdf1b1d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a5b1bfa627e17a16d63df1b840918e9898b47d3a3b9006cce89818ec7590ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 23:56:09 GMT
server
cloudflare
etag
"2F0F740A4A1C233D562E84481FDF1B1D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2FQaSrZJE8Fwq7uTXKMbR4aLhxA%2FI0KHud68gm2YnTqUyosLTdOMXVhtp0IC6qRwX8uttTBSKJGqoR1gLdH3LISK3JeQwpsZDzcpo1bkPJoG%2Fbx%2BlFPBdpdAn3IJa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f9565a7f-MEL
content-length
8708
expires
Sun, 28 Aug 2022 09:22:03 GMT
e928034c79e82a2ecfc90d08476d5be4.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e928034c79e82a2ecfc90d08476d5be4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc3ce86228cfece3b66864c9d22a3ee64ffdb1fab21b3ba51a6d0d22febb3f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 04:34:01 GMT
server
cloudflare
etag
"E928034C79E82A2ECFC90D08476D5BE4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtqVj7fQSzl3JUDIWJgimt6IoVkHNvCZCByF0RO6Muwiyyepe7FMOTxuINbnYWT1I1JX5RTBq%2B24ugaFt4ULInxOpkzR6jjABuEq2%2B0LP6XW52sotd8vr4wjxQlQVXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f9585a7f-MEL
content-length
4800
expires
Sun, 28 Aug 2022 09:22:03 GMT
b7de9147d09abd9c94763f632f56c091.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b7de9147d09abd9c94763f632f56c091.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863cd8fa1c2160463b44c65a419195500af58459c71d7bdc7d1e6f9b8ac33671

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 14:26:05 GMT
server
cloudflare
etag
"B7DE9147D09ABD9C94763F632F56C091"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogUKgwgvDDuiigJ5lha6QcYqYzkEwqTUokCm%2Bw6gX5lfa9tHxNLM%2B%2FwNLCEpNczwbtLAOgwOvs3DzSSjcv5bB5268UZOKp9kgilH7G3pb7TCxR6TgifNNotNhv6nmyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f95a5a7f-MEL
content-length
5739
expires
Sun, 28 Aug 2022 09:22:03 GMT
62c21f72eab1fa339d1930ef0b58d62d.jpg
static.bg3.co/imgs/202206/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202206/62c21f72eab1fa339d1930ef0b58d62d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c24be0dc33e4732d9c2db83132ee72761d96ac41eda9c5bf34d7447cca18098

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Fri, 17 Jun 2022 07:06:43 GMT
server
cloudflare
etag
"62C21F72EAB1FA339D1930EF0B58D62D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar%2BsAl31LdjIEE5Nv3JUEzU0%2BJ2SxE2CUj4jRE9aNOMVOeaBqwWRJ6mX98HPbnIPP5iiOmOuC1xbAoGXG5MpW4H8vyUX2Rdh3vDaLqXzmzAAFwlKWPbRsNwa8lcTxaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f95b5a7f-MEL
content-length
6195
expires
Sun, 28 Aug 2022 09:22:03 GMT
05e35b20fd8deb54070ceb1cec472685.jpg
static.bg3.co/imgs/202106/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/05e35b20fd8deb54070ceb1cec472685.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa0171d4efb65328150bc36ef873148854e83729df444f9570c761dcb2a25c03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 08:57:58 GMT
server
cloudflare
etag
"05E35B20FD8DEB54070CEB1CEC472685"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hGVQUdzYxN9jGvsNkhkBlbBUvSLgu%2Bnwp9rmBjCJW0O2jyalLOii8%2B0BGzTj9zBcbd7EMG1%2FXzqs3IsbP4ROkvjBTRSP7tRZ71dwuZhvZXcVCRTzi3fNeOFCXZ0pak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f9605a7f-MEL
content-length
11458
expires
Sun, 28 Aug 2022 09:22:04 GMT
be1d12d965b4ed6704079a725d81d67c.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/be1d12d965b4ed6704079a725d81d67c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f891f6d2e72cf7026a272b6dc70a81bbb8af731a28c5fc97d086ea9abd1502

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 15:59:12 GMT
server
cloudflare
etag
"BE1D12D965B4ED6704079A725D81D67C"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCnjkUHykAAv%2Fooo9k5b0CnIV3226%2F43K3NkHavcXOuSgiWvPVJta9MvyPqBKeS2ggVndZb39ApmDHvJxxlItfqwHocdcBuyvThDBTrnda7vxm6shojvcmVJQAiifv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f9625a7f-MEL
content-length
8089
expires
Sun, 28 Aug 2022 09:22:03 GMT
3599e3f8c918c33c5f773fe216bc7850.jpg
static.bg3.co/imgs/202111/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/3599e3f8c918c33c5f773fe216bc7850.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e8c4c95fb9f73d6b2f92abccbdf535308533079c5385ffb3f12f423f7b0524

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Sat, 13 Nov 2021 03:54:30 GMT
server
cloudflare
etag
"3599E3F8C918C33C5F773FE216BC7850"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgD%2BHEmz2mfLCHMZ4QHEYKmXACUoKeRo9gROko8%2Bou1zUL6VWi5yj%2B3IF7l74%2FgrXOCtykKaYUMZVHJopX8G38K0gzbfMd2xb7qLfHdR73nNpns%2FfX4gxeiMsGr9LDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f9645a7f-MEL
content-length
7435
expires
Sun, 28 Aug 2022 09:22:03 GMT
4dd1e0a3b2b63a1a58c5011b63dc565b.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4dd1e0a3b2b63a1a58c5011b63dc565b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de02b286183f13e11ca5ae8dd08f80e11818b6a3ea4973b67d17e2e89bca0cce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 12:12:41 GMT
server
cloudflare
etag
"4DD1E0A3B2B63A1A58C5011B63DC565B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTQJyzeEIqxI%2BtNM9Fi4z6R7C9W6BySUNP5Uut4aesjMPr9CUw0C4ghF9f2WyJATCziwRHf12j7M9eq1QKLYcfHNhYhfHBUSwm95iLFd%2BejxTfPAErYUIjMaRglCZQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73e24d50f9675a7f-MEL
content-length
6797
expires
Sun, 28 Aug 2022 09:22:03 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
380964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2977
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:32:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ab22edc768bc2763"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:32:38 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
245863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23035
x-xss-protection
0
server
sffe
date
Thu, 18 Aug 2022 13:04:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"65c480cb2d2a17eb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 13:04:19 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
1013 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
c53f4706b6959f19ff2d7b6ac019b91cb3eb325d8e5024c6613e226506d6d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
380964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3843
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:32:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e1102914dcffd250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:32:38 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1661073723.dop223.la3.t,1661073723.cds264.la3.hn,1661073723.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
117783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10239
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 00:39:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"62cdf4b1a7a2ae40"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 20 Aug 2023 00:39:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 79E9 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
04724be875e6e6f5ca0e9e9e044ee7e199820365584b4333079c56db00bb15a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
server
cafe
etag
6897135458192158490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:22:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 09A5 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
fdbb68ce0799da05f4952b077678ab33e6f5de147af83b77a8572f448fe3c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40303
x-xss-protection
0
server
cafe
etag
6886440878872419893
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:22:03 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1661073723.dop223.la3.t,1661073723.cds264.la3.hn,1661073723.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
380786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57907
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:35:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"900caa8e3e134c7a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:35:37 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1AC9 		714 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73e24d520fce3771-MEL
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 09:22:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLKOpMUyIUaAaUMHUzUotzLytJIPcIU5nIg9qzkESd6yYSRXmhS8mlMYr7GcmOIWdeWDH1WFhhhttC5Zx7er9iME2Dx4cTpIj%2BVntq0qX%2FM9sQl%2FU4D1g5002uD%2Bri0pEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:03 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 8DE0 		714 B
821 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73e24d521fec3771-MEL
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 09:22:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fv7kMDrpdjPk0LtD19hSqTjCIkZpknJZ5sN2u7r3HnvQTJmXBwdvh6q4SkacFxBgZIttrtBqdYED0Gq2cFy32hUbDEj7b2AXwpl4sihV4ohf5ZxmtD2bzkfCs5cLrY8UaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1AC9 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
0c9aa48a9dff744077cecac94c091930d9495b118a53160a65090bc8e1ae37fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28489
x-xss-protection
0
server
sffe
etag
"1309 / 787 of 1000 / last-modified: 1660946721"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Aug 2022 09:22:03 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8DE0 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
0c9aa48a9dff744077cecac94c091930d9495b118a53160a65090bc8e1ae37fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28489
x-xss-protection
0
server
sffe
etag
"1309 / 974 of 1000 / last-modified: 1660946721"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Aug 2022 09:22:03 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-14199441001193768644.ampproject.net/2208051912001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-14199441001193768644.ampproject.net/2208051912001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gtag.json
cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
351943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Wed, 17 Aug 2022 07:36:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d737f3c89b0705df"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 17 Aug 2023 07:36:20 GMT
pb.42753.1660729490688.js
cdn.adpushup.com/prebid/ 		327 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
br
last-modified
Wed, 17 Aug 2022 09:45:26 GMT
server
nginx/1.18.0
etag
W/"62fcb8b6-51a96"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-type
application/javascript
content-length
93943
expires
Mon, 21 Aug 2023 09:22:04 GMT
4b20ef46-4ed2-40da-bd42-8cbef305cbd9
https://www.bg3.co/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/4b20ef46-4ed2-40da-bd42-8cbef305cbd9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
block.jpg
delivery.adrecover.com/ 		631 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1661073723649
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Sun, 21 Aug 2022 10:22:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ Frame 09A5 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
f1f7753af419f8014dfe809978f84123b23a9dabdf3b27d05f001fad032e3097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122731
x-xss-protection
0
server
cafe
etag
10226188417344260102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:22:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ Frame 79E9 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
bce7b7a333407f4649b212295c4ae99cfc020e26db50d87e3c92138bcf0426a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
15332994839126793295
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:22:03 GMT
pubads_impl_2022081501.js
securepubads.g.doubleclick.net/gpt/ Frame 1AC9 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 13:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133600
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:36:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Aug 2023 13:46:19 GMT
pubads_impl_2022081501.js
securepubads.g.doubleclick.net/gpt/ Frame 8DE0 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 13:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133600
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:36:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Aug 2023 13:46:19 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%89%B9%E6%96%AF%E6%8B%89%E5%89%B5%E8%BE%A6%E4%BA%BA%E9%A6%AC%E6%96%AF%E5%85%8B%E5%86%8D%E6%8E%80%E8%A9%B1%E9%A1%8C%E3%80%80%E7%99%BC%E6%96%87%E7%A8%B1%E5%B7%B2%E5%88%AA%E9%99%A4%E6%8E%A8%E7%89%B9%E5%B8%B3%E8%99%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-idMEiQFbJ9Suui_f_axjxQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.3612467297956037&gjid=0.4988748551747004&_r=1&a=8221&z=0.3879033627478785&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-type
application/javascript
content-length
211
expires
Mon, 21 Aug 2023 09:22:04 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-type
application/javascript
content-length
17440
expires
Sun, 21 Aug 2022 10:22:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
7aa5aed44c586034cb5f6807292dbb5b2a23a5d1c24c43383e2884e446c93fd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28491
x-xss-protection
0
server
sffe
etag
"1309 / 654 of 1000 / last-modified: 1660946906"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Aug 2022 09:22:04 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		0
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		0
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		0
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		0
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		0
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		0
0
cookie.js
partner.googleadservices.com/gampad/ Frame 09A5 		379 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
73d39859c7cd0f5a031e4530a0a9f0b8ad5170f50fa919221e4ff79e11c109ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 09A5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 09A5 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A945 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
ed0f520175b3c7bd82e9ff3b2ce4b7bf312f57a64241ed1ba1349c580cdbb451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10903
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:05 GMT
expires
Sun, 21 Aug 2022 09:22:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 79E9 		379 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
4873f1af4037d7fa5a5150c6dc4a9af05d7436c2e85f908e886336c9ee300385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 79E9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 79E9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 869F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1436
content-length
673
content-type
text/html
date
Sun, 21 Aug 2022 08:58:09 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 beabd6d4d869f3809233bc395642a58e.cloudfront.net (CloudFront)
x-amz-cf-id
b_Ja_2AJ_2Zoi8SBnmCfsXr-dkloLGU8MUgTeH8GiuUNx4C0ITi5xg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:05 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A684 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-27549019203291375241&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3114&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=9008221&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&ga_hid=8221&dt=1661073723605&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&bdt=2124&dtd=350&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:05 GMT
expires
Sun, 21 Aug 2022 09:22:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 21 Aug 2022 09:22:04 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1179
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220821
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad553c8914341fa2e36b85250a3e5d13ab0fa097791225eebb3cb524f66a7858
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22855
x-jsd-version
1.0.1438
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19171-FRA, cache-iad-kiad7000022-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"669-yug9y6LIrb5kxbwlPC5J+XxzUPI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ADYQaLhPmUa7%2B5%2B9yczxjCHQNfoy76zqdZPdVL4mwSS4P1LNO8thy3KMM66m4Xl6Z4I8ZoChTFX55%2BJkrWUhGoMYaSkqjDPcUf4L6amCwnWkg08O6fcFakjOd%2Bqd9uvlSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73e24d5b9e2a5ac0-MEL
access-control-expose-headers
*
json
gum.criteo.com/sid/ 		334 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
5792b4b79e75727b85159ca802c90876cdec67c054cfd0b3643cb6ccbdae6cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3133
strict-transport-security
max-age=31536000; preload;
expires
0
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 Aug 2022 09:22:05 GMT
adreq
ads.servenobid.com/ 		405 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5829
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 21 Aug 2022 09:22:04 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
3
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		94 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.219.40 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-219-40.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8c10396c8a95a902b6bbbc9e3f7576627dff1d27d3e0ce5a26e918d6da4ddb97
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
13680
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.123.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-123-46.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
0f188c53aefc1be7e574d4c8d0a2e5107a2381eea0d3558b57cce87463f89543

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.123.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-123-46.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7625582929e58467c1010bd042ea0359fa27e9ce530821428be745af852102fd

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.123.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-123-46.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
0c68f1fca1bf8f8f75606c189c6e78e74046307f4cc90e14ef50b4a7e3ebe7a8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=37bf3bdf-65a0-4368-8a8d-c5f45f861f5c%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&tk_flint=pbjs_lite_v4.43.0&x_source.tid=378ea5be-ed8a-4f43-9478-30d5fd427bbc%3B5ddc39a6-2284-42e5-9054-5828a9fdf000%3B05ff131c-6f6d-4c83-b0b5-151ef889c06a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.8199194113284369
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4ae4030323ae233382f7227369996929cf1ab6c3c8c5945e9c60adf3eb2a9a61

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:05 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2235001033a27ddb6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236bdb634a669232%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22388c707e407a033%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2240576dde15752c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2241959a2226a14fb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224341bb93929c8ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2245a95508185410f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2246fe406b67a309d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2236bdb634a669232%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224341bb93929c8ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e996bcadfd56d44d7d1e7875f53b0fa39e71db4aaffce98c4d896fc756c60fd1

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:22:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVmUNbW8o9M6ml8LZHWSpQp6tHRIJvJoaizhP78d2HvijJtN18Q2k4iFsYiV99oVsWdC0GfaXmfXdGn%2F3d5VYVCn9uYGWJjBFNylGbvfYLY%2BU0jPraFRqxLe34Ey8S677FvweUze"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73e24d5bee4b5ab0-MEL
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2235001033a27ddb6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224341bb93929c8ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2246fe406b67a309d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e996bcadfd56d44d7d1e7875f53b0fa39e71db4aaffce98c4d896fc756c60fd1

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:22:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRXchYrDQoTPia8a%2FGumd%2F4PN4TAevdgydhZB0PqvJHmVoH7iUsON1dhKmYpspPipWJHVYtqh0ybfo60eOecUdz2fuGsJyscKYkFHjb20S%2BPZmd6tnNZVuRtU%2Bd9WraJFYO%2FoMyf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73e24d5bee4d5ab0-MEL
expires
0
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
045d9f2d3c3ca2e3f613ad48cb3da62b4f29351f181acb9c1a381007556d2268
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:05 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8dbd3aa3-b3d3-49bc-b288-8bb6f35711ef
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		32 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
via
1.1 google
server
nginx
content-type
application/octet-stream
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
clear
content-length
32
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=83165377502
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=36c761d5-115a-4b80-9f24-e4bfd870adc2%2Ccc53a590-46ed-4957-bc7d-f321bee23da8%2Cd155b7f2-e696-44bf-97b4-c89db0d229b6&nocache=1661073724567&pubcid=37bf3bdf-65a0-4368-8a8d-c5f45f861f5c&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c036bfd3c10e02cffe3cbb368cb6b454d95aee03f82c72defb3fe85281afd5de

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7cb1616c-19b4-42c6-8277-f676cc14acf5&nocache=1661073724568&pubcid=37bf3bdf-65a0-4368-8a8d-c5f45f861f5c&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:04 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=44c5d688-fe18-44a9-911e-ac00e27d87fa&nocache=1661073724568&pubcid=37bf3bdf-65a0-4368-8a8d-c5f45f861f5c&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:04 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1bbdc3d8-229b-469f-9bac-5e5e2eb3f7f2&nocache=1661073724568&pubcid=37bf3bdf-65a0-4368-8a8d-c5f45f861f5c&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:04 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		59 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:06 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
etag
"gV5iHc/sd8Rde4C/i53H5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 28 Aug 2022 09:22:05 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 1AC9 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1AC9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1AC9 		498 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4372845257663323&correlator=3681516033822232&eid=44752585&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661073724757&lmt=1644386353&dlt=1661073723264&idt=1467&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=v3244tmqz1el&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1412956877.1661073725&ga_sid=1661073725&ga_hid=1646271569&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
f226f385bac548ae23f0e6e851126bfa62a823c582293a26acec5c57d62a9363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8c8641eaa5df0bc1d8f41b2ac9620311.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE4A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c8641eaa5df0bc1d8f41b2ac9620311.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:05 GMT
expires
Mon, 21 Aug 2023 09:22:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022081601.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133485
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 20 Aug 2023 04:15:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 21 Aug 2022 09:22:05 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 8DE0 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8DE0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8DE0 		492 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4413652817455341&correlator=542215193414148&eid=31068458%2C31068927%2C31060890&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661073724928&lmt=1644386353&dlt=1661073723274&idt=1644&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=k6559eyd99gd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1863211679.1661073725&ga_sid=1661073725&ga_hid=606380796&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
317b79a5d03cd485290b06141265e845858b4ac2500f048caaedef9df06ceeb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
14247d44765c4ef64af988c3254350b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 074C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://14247d44765c4ef64af988c3254350b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:05 GMT
expires
Mon, 21 Aug 2023 09:22:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-108.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:04:44 GMT
via
1.1 20bb709a751569d186bca51c132b4c86.cloudfront.net (CloudFront)
age
1042
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 28 Jul 2022 16:54:54 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
iu4bD3sqb48DLg7N0ESpdpkOzJvqLVFqPwX9vJrTSlj3IOy5ePTDIw==
adview
googleads.g.doubleclick.net/pagead/ Frame A945 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgEyYPPkBY7XLNM2DoQOEuZfoBpiZlI1cnZy51YoKwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAcX_nrkDyAEJqAMBqgScAk_QsmSH7QShQdKwywzT5cOzGCDFNnzBi9cgQqTwEe85ZshHUjAg5nsa8FpAgmn4fIey2J9BNzhK-rhK3j7WtMl4lyWNtkFo9ShrWL2NAIxGsWzym3hc7owFzahwulU3EywIdppEOVwhMyNsmKnmIew6DCnndm0ARkyKLh6i_2x4ky7MKertGbwvDrmfdPnTnEbg-4cveT9py9rE5UehQy5XgbwKuyLjR8XstpX6xcwuY8wHRlwvJhf9Ki0GlBiSKOsr5T0grw8XJ5XSvki5MkRpdvl0MHXrJdteOhTYibuhlVrXGqcFagDnAg-A97pscfpV1RUZkmMjSrPhmysk3sOeSTrXBpgVaByVNRc8YqYxJgMv1Rswx_yQEDTygAawr6iPo5LOtdoBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=56q5mPcRWHI&uach_m=[UACH]&cid=CAQSGwCsnQUxuhbdvsRQ5gIs-HhFeHLADlOmUG17dRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 21 Aug 2022 09:22:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 21 Aug 2022 09:22:05 GMT
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/b8baad8d-2132-11ed-af84-7228cbef15bb/YwH5PAANJbUKaEHNAAXchIiWEQDHHsxDvr0Znw/NMTMBRTLPUK4EF5VCVRWDMKCIRJXIXHSQOS3HR7E2Z3J4GPETDVZPNYSAEMDHVGOOD7T5C... Frame A945 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/b8baad8d-2132-11ed-af84-7228cbef15bb/YwH5PAANJbUKaEHNAAXchIiWEQDHHsxDvr0Znw/NMTMBRTLPUK4EF5VCVRWDMKCIRJXIXHSQOS3HR7E2Z3J4GPETDVZPNYSAEMDHVGOOD7T5CTCFA2VYGXM3QHGCGK2NZ3JJB3ZT6MPXQO27WYJO4ZW2MXEPRKSVUDIDGKAMKKJWH53LEQY6XSSAWU3TFO7RCN7YLLJQZ6Z7KAQO5B67UKTOEPVI5ZKP6FBPJLQUOLVYMRLKWPR6C5Y7NXPJP2SA7PU5227ZXVEGVIVJBR2DMBEZGGNZRKZIJXRBIQQOBHAGBPGLNOPCJ4SRQ5GFRZEM523457667NLRTNJVAALL5HH2IKWTG7QM5LMDBZ2GBUN2XRVZ5LXAQYQASCRREKCBKTM6ZMNLYCXGRN3GYPCG5M6GIFMFHHSMGFA75DHJO3CTYUW7FXWYX6N65ZZQZ7774PS7HOHXNEPFPTTGBP6XBQ3OZTDL4CY3FRF7RKSQS4F22PHKQMUDGW2NGYVOHPNN4TJW7TVYXE6J7N73PMZAGWU2I3Q/?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 21 Aug 2022 09:22:05 GMT
Content-Length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1AC9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
3c78e1f3c026d67b2e87f49275494c86bdb90b8418069434879f786dc5008965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10999
x-xss-protection
0
widget-336x280.js
widgets.zemanta.com/1659339319/ Frame A945 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.zemanta.com/1659339319/widget-336x280.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56e0b7751b461497ec69a113a3ab603d53085f7fc4a24aa8058fdc9b4fa3fc62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sSh1l422NmH3Q2qcUPPobXpyl55vzsLG
content-encoding
gzip
etag
"373e07ecbad1640931bef6ba655ad240"
age
1517
x-cache
HIT
content-length
4550
x-amz-id-2
Zc9rPohT1NdlHAiSMyNCH5HfMzd+eJYDVW+OTHMS6nrq5eWz2W5olVLCEvlRM86oKEPiu34vuTk=
x-served-by
cache-bne12522-BNE
last-modified
Mon, 01 Aug 2022 07:41:06 GMT
server
AmazonS3
x-timer
S1661073726.586328,VS0,VE0
date
Sun, 21 Aug 2022 09:22:05 GMT
vary
Accept-Encoding
x-amz-request-id
BWW0FVZXRGH76ECE
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
90
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame A945 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2114
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:46:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A945 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame A945 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:53:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:53:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8DE0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
22bda836176f4588d117df13e6917425045837d29fefe7eb2acc6d727f586afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10998
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI2NzY4MTBfMTY2MTA3MzcyNTU5NyIsInVzZXJJZCI6IjEwOTcyMV8xNjYxMDczNzI1NTk3Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNzg3NTQzXzE2NjEwNzM3MjU1OTciLCJwYWdlUGF0aCI6IiUyRmElMkZ0ZS1zaS1sYS1jaHVhbmctYmFuLXJlbi1tYS1zaS1rZS16YWkteGlhbi1odWEtdGktZmEtd2VuLWNoZW5nLXlpLXNoYW4tY2h1LXR1aS10ZS16aGFuZy1oYW8uaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZ0ZS1zaS1sYS1jaHVhbmctYmFuLXJlbi1tYS1zaS1rZS16YWkteGlhbi1odWEtdGktZmEtd2VuLWNoZW5nLXlpLXNoYW4tY2h1LXR1aS10ZS16aGFuZy1oYW8uaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjYxMDczNzI1NTk3fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvdGUtc2ktbGEtY2h1YW5nLWJhbi1yZW4tbWEtc2kta2UtemFpLXhpYW4taHVhLXRpLWZhLXdlbi1jaGVuZy15aS1zaGFuLWNodS10dWktdGUtemhhbmctaGFvLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvdGUtc2ktbGEtY2h1YW5nLWJhbi1yZW4tbWEtc2kta2UtemFpLXhpYW4taHVhLXRpLWZhLXdlbi1jaGVuZy15aS1zaGFuLWNodS10dWktdGUtemhhbmctaGFvLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 21 Aug 2022 09:22:05 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=6, origin; dur=220
content-type
text/html
content-length
555
expires
Sun, 21 Aug 2022 10:22:05 GMT
/
b1t-sindc1.zemanta.com/t/imp/impression/GJCXPK5KFKCL74KGQKFLHNS7W5VMEMC7K4V3TDD3WQVS5Z4GAYJUUV7MEVRCTSCS2AMG25SUJURNV6WOQ5TCDM43OUB7JAK5V4VDFKNXMC25EILB4INA5Z3R6EAZMRPMR7SQBTCPV6JXCBAIX56NNXVTSZ6HO... Frame A945 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sindc1.zemanta.com/t/imp/impression/GJCXPK5KFKCL74KGQKFLHNS7W5VMEMC7K4V3TDD3WQVS5Z4GAYJUUV7MEVRCTSCS2AMG25SUJURNV6WOQ5TCDM43OUB7JAK5V4VDFKNXMC25EILB4INA5Z3R6EAZMRPMR7SQBTCPV6JXCBAIX56NNXVTSZ6HOVWAHYFITV2JKNEDKHOZPCRSHISYKN4MDYPWS73M7T4L5YBHAMVA6ICPBNDUDP3FP3THVZAARMPGN4OV24RDDVSLIEC3IMMHBXKUNLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZKX3CD7GKYOIM4UFA2R5WBLH4ANWRJXJJD7AOLNZ7IXOATJ4OR2HPJIDZPGUSKOHEI/?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:06 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame A945 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.45.76 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Tue, 20 Sep 2022 09:22:06 GMT
3425d962adc6b1b195350064370ea84ee4.jpg
zem.outbrainimg.com/p/srv/sha/a2/17/17/ Frame A945 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/a2/17/17/3425d962adc6b1b195350064370ea84ee4.jpg?w=334&h=160&fit=crop&crop=faces&fm=jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073723802&bpp=14&bdt=1433&idt=604&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8032053264629&frm=23&ife=1&pv=2&ga_vid=1553592606.1661073724&ga_sid=1661073724&ga_hid=2029606577&ga_fc=0&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2117&biw=1600&bih=1200&isw=336&ish=280&ifk=3206092218&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068880%2C31069049%2C31064019&oid=2&pvsid=2106348698838500&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gbia2g1c5isy&btvi=1&fsb=1&dtd=623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
92e18194d466af008a538a06faab82d620ecb7ffa5a2986cc53fd8aaee8e7119
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
358731
x-cache
HIT, MISS, MISS
x-imgix-id
b873ff75f5c5f3ecfcf3de2042a99a2faf8e96ac
content-length
13238
x-served-by
cache-sjc10076-SJC, cache-qpg1278-QPG, cache-qpg1247-QPG
last-modified
Wed, 17 Aug 2022 05:43:15 GMT
server
imgix
x-timer
S1661073726.172851,VS0,VE189
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
x-cache-hits
0
pixel;r=1819368486;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html;uh=e51ed67dfb8d91dc24b15...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1819368486;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-176178162-1661073725705;pbc=37bf3bdf-65a0-4368-8a8d-c5f45f861f5c;ns=0;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1661073725705;tzo=0;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1AC9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8DE0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:06 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 869F 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
7b42b1c573fd6efc899a7c99ccb0c1f487892ed24687f22d60f93b52e8583227
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40300
x-xss-protection
0
server
cafe
etag
3272412517304561690
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:22:06 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
5bff20a5b35dde45e781a21efd388606d61ab121062ea006a17bdec608be850c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72445
x-xss-protection
0
expires
Sun, 21 Aug 2022 09:22:06 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS90ZS1zaS1sYS1jaHVhbmctYmFuLXJlbi1tYS1zaS1rZS16YWkteGlhbi1odWEtdGktZmEtd2VuLWNoZW5nLXlpLXNoYW4tY2h1LXR1aS10ZS16aGFuZy1oYW8uaHRtbCIsInRpbWUiOjE2NjEwNzM3MjU5OTd9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
server
nginx/1.14.0 (Ubuntu)
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ Frame 869F 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
f068ab743ca4ceb7679ed7cea8cb0de01b9e12040876589028c29b35062bee47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
15725865081568614885
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:22:06 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1393870145272595&correlator=1727163484731904&eid=31068457%2C31068985%2C31069030%2C31069046&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D83611e369a24aaf%26hb_ap_bidder%3Dtriplelift%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D8788d48243225b7%26hb_ap_bidder%3Dtriplelift%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D90023be74548c829-220ff182b8d50095%3AT%3D1661073724%3ART%3D1661073724%3AS%3DALNI_MYOj2Hx20QA6-8hcdim_q3dYVx3jQ&gpic=UID%3D000008d5c52495a3%3AT%3D1661073724%3ART%3D1661073724%3AS%3DALNI_MbsFIIzU854OQ649Yw15iZ9QhwnvQ&arp=1&abxe=1&dt=1661073726301&lmt=1661073726&dlt=1661073721481&idt=3598&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1267558297.1661073726&ga_sid=1661073726&ga_hid=8221&ga_fc=false&ga_cid=amp-idMEiQFbJ9Suui_f_axjxQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
c4c7dc5e73a3832bbce5e40db2be9bbccf4880d8234c4d58b904cf6ef89839a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23897
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7E08 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:06 GMT
expires
Mon, 21 Aug 2023 09:22:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 19D6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
242202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8E50 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
78064e1e2f596740c54673b4f62303f0596648c6308a02a94e8006ff724694bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lD7kCAGR1TpS_IQvYbvnhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-lD7kCAGR1TpS_IQvYbvnhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:06 GMT
expires
Sun, 21 Aug 2022 09:22:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78BA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
242202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8B07 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
81bbe82990797944af3bb75e9f2b19fea5e892d550c6407ac8ff6311b331959c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CwvYoCtLNoNHZXvEZfCYlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-CwvYoCtLNoNHZXvEZfCYlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:06 GMT
expires
Sun, 21 Aug 2022 09:22:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.com.au/adsid/ Frame 869F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 869F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 278E 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
f4ada8a2dc4840022f93ca85a833c8e135a32aa392ec006612a6ce40db4bb278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
15970
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 19D6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
402028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 17:41:38 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 78BA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
402028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 17:41:38 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8h0&_p=8221&cid=1267558297.1661073726&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661073726&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&dt=%E7%89%B9%E6%96%AF%E6%8B%89%E5%89%B5%E8%BE%A6%E4%BA%BA%E9%A6%AC%E6%96%AF%E5%85%8B%E5%86%8D%E6%8E%80%E8%A9%B1%E9%A1%8C%E3%80%80%E7%99%BC%E6%96%87%E7%A8%B1%E5%B7%B2%E5%88%AA%E9%99%A4%E6%8E%A8%E7%89%B9%E5%B8%B3%E8%99%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 19D6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Sz3Umg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 78BA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?w1z4uA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 3176 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CY6kqPvkBY5veHoWSssUP8NyX2Aes1_3wZLT2qJPiC8CNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoErgFP0CcjfdeEXGAiZSoPjzADARyTBCJ3C3Bi2aZ-3OlqCBjZVuaBS889chsi3NVZPhxUaLELepnp_NOuFplu5_9nX9Lkk5-o3b-QkTUuHGAYmXbZo5vOHyGOf2tBLnpUvCbY8fgUpBvilQaiyaQ9n-ywcdZKfuYZTmbgUyT0z5Kfubf63ljzyAzqFBBvzwIc7JF5r1ps0FcWofX6pLzbwNRx28ga3VMKE2Fuf84egQGABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=pokM3SQiefo&uach_m=[UACH]&cid=CAQSKQCsnQUx3SP9rBLi__KoyqPx2wAiwQ4afgWbfJRlikwgHrJpuaarlDe7GAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 21 Aug 2022 09:22:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 3176 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.9951692E-4&viewability=-1&device_id=4&cbdp=0.014&slotVisibility=2&dn=bg3.co&acid=72f6917fa1ad4dcc8726d469b58c78b6&ugd=4&size=250x250&pvid=4&csip=rtb-common-istio-7c75f56789-rzk2q.SG&ogbdp=0.02&prvReqId=37145514735832_2103959400_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1661073726575&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 21 Aug 2022 09:22:07 GMT
log
qsearch-a.akamaihd.net/ Frame 3176 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=0.0&adtyp=0&req_id=u4_xHlUMQYOeVMC95FypUw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=69.7987&exp=&fdbk_id=&second_bidder=*&search_res=41&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0136&ogcbdp=0.0200&dfpbd=0.0136&server=1&ogerpm_wd_bkt=0-1&model_version=202208210735_generic_adx_1-cid_1&viewability=-0.0100&dmm_r=0.0000&cut=32&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=AU-VIC&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=1.1500&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1661073726575&cc=AU&strg=harmony&ss=&current_hour=8&time_stamp=2022-08-21+09%3A22%3A06&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=Melbourne&akey=&mnckfl=0&bdp_bucket=0.00&algo=default&dc=apac_sg&splid=&dim4=ogerpm_multiplier_used&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=72f6917fa1ad4dcc8726d469b58c78b6&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=3&visibility=2&totalTime=3722519&dmm_m1=2022-08-21+09%3A22%3A06.577169484&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7c75f56789-rzk2q.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=4_BID_API&cliIP=1741815296&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-161.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:07 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 21 Aug 2022 09:22:07 GMT
nmedianet.js
contextual.media.net/ Frame 3176 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6717a0a1f8f403ffa64074e07cfa31ab2346dfecbba212cbc69b4481cf00a1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"342d730a9a231e5f31372a11fd0ad3fc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sun, 21 Aug 2022 09:22:07 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-34
expires
Sun, 21 Aug 2022 09:27:07 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 3176 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sun, 21 Aug 2022 09:22:07 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=70918
access-control-allow-credentials
true
content-length
62892
expires
Mon, 22 Aug 2022 05:04:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3176 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:46:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3176 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3176 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:53:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:53:45 GMT
l
www.google.com/ads/measurement/ Frame 3176 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxcf3yV9K60zfQqqF9IpBQAo2V58IiPcAMIuxZf80LU3TrMeP8CQtYFh7zvrNcQ4HXjbvlFgdepZaVfMPZJ9gGP9GCxA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8E50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=4372845257663323&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8B07 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=4413652817455341&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B610 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:07 GMT
expires
Mon, 21 Aug 2023 09:22:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D21B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:07 GMT
expires
Mon, 21 Aug 2023 09:22:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D23E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:07 GMT
expires
Mon, 21 Aug 2023 09:22:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame AD00 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNUHmGprNC-1aILpuIAfCW3evN6OWouda181_aFOo2hNa4kKXSrSuCD0Ir9ll2t4rYg5GT5WxF_mvVXBI20FXR2DZuIruQ
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B610 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0UaTm6PORdR_nTKB2wiT_7xE28tGnelbEf2y_TraBYWfAknHfgLmdIIPzo04j6ABWQz5iCE6ydsh0iZkWH98YCcFdbQ&cry=1&dbm_d=AKAmf-CPd5TNss5KGIVPrMaauhfxwPk7JazrnxdqECRgkeJwAmPhXVTPkxl69Qhdp-W3vmU1UVJ6ADWK1ZnQOqBGlkdnH2TbGAs_DD-BZY48c2stC7FXsb78YLXRe_7ZcrZIknsAeh3iV_zo0XtSxCKLsunQzoVx_Rda1dF7ki9KZC0bi5tcz1h6ge2UWRa8xSjprTmg0ZmWUwVTwz1E2ZpGRMsLpSpXGBNQPb65WRevfvaWoecp9awBrXaXle-QupDGu3RLaiDgmGXq1IxtPBCHv3SP9zb6zgnbb_0MLoVbo51YloAPjCc7oYDAlF4frKH6Xk5pKqz8g42Js0G--STa5T3y8Yhp-qUpuMj3rnwC65Iy25bP2olDWpi-ckuaNHLiekJau6m_AX6-dSmKmeo5IeByz3Q1Aetbks3U6kRzOg_2XG6zeAgPLIRZiNVharYt7TkoVJZN83a5xZ04rkXpq58dr-K-4fB1yHe84mYL87XTbfSDDFRTwGWjEnqE8AmHD2l5GCDDttpfdEGEo3KCD3bCzBx_bORNj16kJTjdjzN4qtNKYpqt1HxlM_Rp9S_fH5S2a7F5qBaeT05fpxNqYZki8zUG0NtNQJmWDEV6_zkHPd1j4tEZjI9jNdZ5PAdlkhGA7qPyXQ-eq2LolmTLwxJ4bXdMsS2ZZAd2j3FlL_Cf-b09d6p68bJF-MEY2NhKScSr82i8wG69CPYG_gk8zQMfFm1aAv0mIPTsLCjYaM0iPz1VJ6ib72u1TDZsrmWsaYgFqjQeJioRamRqihwc99YlmX1acWUIHfidcRKZrNT2Fe9JyFD8AVM6AjW4Nqwai_JX_dGrb_xaFMUfn5GcZ4eq7N7VHyvb0IQJKZ-IKtAC_7CrLbtmnV2FoTYcV0UC6_ykwRiq-Yv0J0P_49Vb0i9E-k99PEHF7e0clmtxCSSo7RUAuh-MxAerbc25t6o2_HFyVUFM_oeLGZcebMK79c1LlPraBLldHl3OHaQxCVd5eFXDX4pU-2KHWHaZ0NvJdCP2tNZjD74IYJtN0S18C4fmVigoiYE5fWX-nwv7tkRZvmyvlkX43eF7Cb1YEGcqICmIRWPAz2ItHX5John0_L8zlTUE6GNMl4-PTVdArt4B6sIDQtXQ4VvhAz_1M31S9SWj2OsNBRl92iJf5-U-fDUpPXU6GlSYAEPguP61zR-h1hRz3CnJKgedt5qLcCnt6mVIydP8EVGD4RmbsgXkxoLBwYPT12RKpaS68j-LJUl7GNFkNm6pI6PdBXgp2Fvr5OTp4SYQ6HT_mevzjiAj3y0q4mzmSAoWAFNJpubckJckm_tjM1G-LfxbDsj9Usck_tQdT-bKwVjLtTRRwibEOQhWDMCIb3yBWwm6r2EPySmXrz3mYUzrf1aWhvw5d3IHBcGyOTqSS54KJS4RnxKjoc_T-UIrbISQMneNKHqy-OWOTlrBO2LgGh3acSYdz6rAykDpBoqIMvAseSEIIRvRCcYP7VEwAgd5VMokEFqoDqwQFoE_ReGcnG31-9NEsTqh5kTvnBXPcLLibCb_stVn68z1NZl_Q3wSM_IWcEjS5406SEOP_PhihbTwvD-cela2g5ElKHnwySWXfmrnlrjA2y8wQrRKVyIIWeUiLCleKrh3cDP4MCDR2izVKgLp2Yi9SRguPDIiyLJVFzfix6znPshoFEv5s6PDvkxS-D6FGScXZtxN_DIkMY0-11B-l4qxtjR2M3QcAptsvg0QwYRs0S24Uq21zX-_nz4CM5v5fyi581KEGER9KVFVMf2ea1GShYp1YWtlPy6v6ft9VQgid1YR5QOZX-UZzSP6_ThqUzNaoGIleuCImQSbIsEShgpXy1waKqKKDO8ddn4P9IFh9tRLXNcumoQhaSAHpd_Vp8h38HpTpC0BIGZYOCZS86e7UZYxtgYc_dN6FG_jOyq6dny4XT8LfxK-QKtxy_s8GHHnBLBlzlqLVyPFFn45coxttgIdGTUR5u2JDGzDuJP7WrhmV9xUgGBXEK0YPrbJzFiYjflHntUEzUfcRUCtAFj0brlz48glor13Kark4ZXbSutLhKLZ24U2jSzXLFhMrm8eXlNmrP7xeEL-dj7y1fFOrVcxJsKu3RVnFH1shN3GqXMmsHrtHsdfTCN4kVLSEOvW-qqrmLQcDcYnuVCrz5tYDLNGx6qDiWYmICmt9eUwhDhgKMUvZWwSzkTf6CLtYXumnbwmkyxs8GmLjYIeYxci9LLDx3sEGGTRGQlhjw2Dgnv56qxubUAJ_VNqZ_qy3A9T3l8kpz2E5GOVUsxUtFLwGlI7he069UZqut2XWQrlcslMdkkhYuL0NKoze15yJn6ZLcyKTeO6Km2id8sNMpB6c2OIrkiDlxYsxD68ECjDMAnFVMx-l9Vgix0qbUAO3ZSIEd2gxnQmiz1997lQLAKkEANAJCGxeWFhJj21G9X6mtMxHCoF_kpdraVRnvEUAV2NfxKnJcvb5_BsFTgAMCCrBZCZEO8J53SHXyjkw3Zn8ntefYCwtmGiupKlnUisMRQ5LNCcX6IZ1iaFIZg36uh_RUuW4HNAo8jIC66qpqi80-7UGpXzX8KV2ararAkJ5rijdpyAxJ3_DzqVuQZTqS8r11V1qlzm4ThbWo_TmCUWstXN_r0PEnzMg3xq8M-0uTvto_FvPKEGvTQbtiKb70eshcaYj5J-yf8lT3IhPAha0xkZHAmKMTIoSga1ZgJGlmnTQI1t8l50jv37SjbwEA9RYxpGM_9_96f8vHn9j3pPQ1zUA_f_HBrtCgu5qELbbN_U2MOO6NrxQf5dlCcoWMe1s-4wl3ytAs2YdxkArBMZVtxS9DccNSayKViqqmHomo5JQrXOaPxOy6itCUI3j8c3dnAOqxtDhSgm5jpDI_tAnQE6qpCwKeIDFJSsXmaDP3d_OXEITtMJu7gGY4QHh8rO29mLpFva00Jj5ZAAGR6d3NIJqwdh-AWdCmpB6Ae6rGwC6s0vydZwe8U0zCBAIjGzrFQ_vnKqwlci_2kHtEtHonaWRobIc4N4yiyJD7HPj9z9IRIpkFRctOT8z3RoHNpEzWhRmMRfwwRGmLI8d8kFwB_8SVoR25ePqD-FRTCQj4ZYS2TFCoAnOjTZILgZmoKzUotKOj_0SDxwvdm1ZZ-gs_IaXrmYhPE0YRi-5FXYKRF7XEjhGHOMryTVUt57MlqbKIQCMN2NDWqxyecrFMMq_MldWv4VfUiU68hZXxDeDrRJ19_kIWBLpu3TOP_NJNuljU7s_yfm&cid=CAASJeRoXfjUalFUkBFwQeQ9kAyeQJhn1Gtb1QuWr1ozvdQ9aDGNEZ4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
effc34da09dad7e8945dcbf18d7de3aea9dc30088a6484a204798e680663522d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34458
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B610 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDSs1oxxS4S8Rw802-RLYq30OXyLsv64xpoBAxmfD8gn2Pzi1HyYXxWE7Yv_bh9hpA1Gk-SzjHrdykqS-1abxcTWEGjlxocuvDRDFKQM88zo4aJ54
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B610 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:46:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B610 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B610 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:53:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:53:45 GMT
l
www.google.com/ads/measurement/ Frame B610 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3jPdxM5nuAEnBjNLxdv0I0FAPABUPWbuNGW0ccFKzSdw6Tx-hNXmjTkt8PY_3VUo-ez-CE8vunTOP3chixnlBK6xcKw
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame AC62 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXWX-4JSbRko0bVicJxTU1_CzepeJQVUUUXyNZWQm-QIwFMugj48b2x1P3cToE7N4cxqsMl3xcIfwxQsg9X31hDJl0ohg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D21B 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVZWC2HKE7IfKPYlLXfE2iFf_NqjK2RkxILYq1XCd3EFtfPL57XApKCfkTl4sulApK0JI3m_e9fJeL9uCinBpbO4yBTw&cry=1&dbm_d=AKAmf-CL7H96k4MF7tx4nUWJ33tLVZz_EjYl4ipzSMFupp4ShmN3Crp2FMvCDU6FLYDLklkrsbA0UlKv3okzTBYo8YS4dfPZkq9bjXbx8l-fQwyd0qlFrYtJojMnorEdi1h8bX6exU1AW5S-zraCKK3jLyCeQJ7X9NOihdx1Mn2th8OU5D_oYwMpwkJrvv6vcxhNxlDmtTndEcMjlArdbhH3J-46ugM5Og-0RzQpLm08W4D07vUt1g-cE79Teuh0r6um4JWZoapbjNTpZmkNY5xJdmCDlAxIQnKfIpcXRJ65pKxsyrg68wh5p_Q1SjQFS-7Yt5Ez94552_hyn9fHlpcUMccmwy__mH7NSYEUyXX0JhOD-l35dYVxMavyUes0VCBfTgCvOl3X5a7yBHCk62E1DCwtaAl2UCkfIr3C_8DPqzWWNhdf2Q3mFpjcCS3rWdghD4WUWNN9I7YSdnu1gf4IolaoNWqeZo446mkHvETNJdvPf4D47liGdXwFJEH-fxybAf1PhQQ8BQnswvst6lf8Myp5kQ9gOJicLZKU54dfaZmyx4PtPkvKMWzt-5u1DouVikO6ND306YAYsYg12DaKV7M-QDNBn4-V4virFXYEeGtpbyTGY5zl5D3VNkO5RUK6fTHsoKdN953kgDF3R0QiXNnckX8l1UxC3N0bN7lkbf1IaysMnkySNAeMA17rfLc23nvLVNhcrJ4mQ6M1zNyqolc_vHTyfkNWz_immWTHotpdi6MDoBRVbBh3snGLqPhDi_BVuzm-Tp7quXsKwqwYhrhRqsIx1T-28OiPEbqdFPapPXm-YdWAKsRgJirrXCA7W2x--F2wjGdGE3-6JucPmfdWmg-nx7wDU0uy86xMpR0_clLwzc9g5_7Z7db8K5bPLXanIvlMlX4xtbZ-9N0WRDRSDWReKlLouc2EP8YUYiixHcx9bJTTp5xkHnRU95gEpleRauVNUKTNAfWJ8UCdJLFmkm6rgknc7X8tnFDtda6RzMt-Id6WH03z5OMGad-dDY-ICkdLmkMJOEqetRpSxkHsMgUdTyCfDDxeMJJelZTxbCu6HMoLdDoLEiKHCr4UwVrxXXYEpi9f16z_aqBwQIFlVZtDG7fYFLWNKfBVcm8PHrShwxDjjDodPv8KuVYiV52kqI2gDu2VoaOZm3BVBN9FiUczbSwTLIPBuOn9bbAu1312QGrSYANVCErDsBhF8XE5ILs6b6Vzr4P-olgrxyuVIVwuLJOtOO5tb14c498shUA-Aby-HDLBRRB8RBi6gE4DI_GnBrbY_FYvhTFONhaGVPxPoayST6xedNWEllceI1CpFUoe_QjW4NxR4aVLQ10LTQNz0iTNAC8sLjpkkevwO4sFM8bw_nY44RVMQM8HgoHtTfTN000YG1BXkBSFoS8yLkf0_Fz3xPMAI98C6ezkvx8E_gLsyBynHx1zDBIBQxZ9Kl9ZF_dDUdCqq9nNTyUMD2i15JduC0NfGwpoYvePqiP2O7tdBPgq-yCocDwWKpeLXrAkfq58pmTElsAhR1uiK2WjcVKt_1Eh6LrbFr4aff5QicdyxvKwrVrhIYpXR84DJmMYmPGZwMr1Ft14116JhNa_MnDZYT6h0dS-KtGr8UGt2AYez4Nl99L_WfEcFOup2kEyc0w5KsEuNkjK8lF9Scp1d3IY2gl0pHIXHjgiDhm4iOFGcBxMdijuUspsAXYIiCtegKTY1PRsaUKYRn2i_DqTwO-PwO2DBO8Tus450hlprTo3-zMYVgBOEkXPuRgfUnuNCttEWfFs10-0rKWNDJif7Cxi9HEaRovO5V68RjIBZ14TDPe0LF34XlzAP7IgUkv6BwNd2Bypzu6p_Y-NnYH8Pg_5ATD2tbWQ_Ext0acODsOvcvE8XTGiu7R7qxpb9hu9IXm2asYv4SC8xtL2XQMMSrVhuMSrws0L1KXKR9RrcVZ0AensIqcUyONJOpFdSLCigvDKU2kzI-Hhjlt42CRhFOQeOlolQ6C5ct4Drv1NwB9LZjPw5_sthUj1IOgfhDTFa-p-bp_EhkRAMG9B6clsOwSBYDBoM2sUWpiac5CQiVaHyGyy_eX9GCi1hUd9L27nPCBia5eN8viqQ17jYfkdfqx0BW1OADuI6hU4Hz1aK7UuYXCXuIOLKCCYSf5wqm8WsSAw2LzBtjOPIoe79m_rk4IYyTVeCHryS2s8lhcCW6VdKPMQ9kUuPSfMYkgGmr1Ad3vFJiTjVZykv-rnCHFjj25AyzhxkhecLp9hm354NQFMFOEytZR053CidTRTR-6c42iOChqEj8njU2UnJxKYZmOuCO9iLdJvEzIBaarmc4qIWHH0UZ4OAxfHnftVQXuvJ0IufHnDxFb4SOO8qOhRBWptcuZV4n3HgZUa2mWaM5GadkKpB2uueCjN1Ya-P-cZTKTKXzxOIA_HIolpSGvguUv3vyUVjrRt6XrS_oBzgh3Ge16lA-m3mEixGiqqaiHwhYnJk8z9iwoVq-YZIdVT-OC0JQ86HkqDoLk6PyiY1AaBNtE0VIAnwfvTjaWmXVv5tu-vjBw2kGkjeklp6rNRZ6ebTuCwhXxJuPRwlumSAUU4jI8iQWuaNVNvdm1PvZhxBJpNyQFX6am2Kdq1uM8GY7S7H-mdgRDo-wwto6D0-FdzycacwC9fZLme6W2Ei_OUmc1LAddheFs05gMgNhspVPbohsp6Mor2NA0HnfioByUcHRq4SYPkQmRatH4rtnH1odURWnek0N-2yazL3bv2KUfDi0upJ1Y97gPtYNvGHGEVse7G-d_elHWlr5ChnCNSfQjE_Sdx9flRLsy-NifUOrqMOR3hV_QSsFrwdNQL7kGsug-AhZ2OFXwl9lsXFquuli7Wz2v8qxNyJQ-dPoUqCZ5DfPr2_gJmVr_6knr9nkFr_bLyejzC7zR6mE0SCg7JYLBIY4uOt9f91GU3gdE3C5SyrGQbTuu7G18fgObDzPPtD6RyCTJQ7CibKP5jsPXSFvuTocGokljhZQHM5Wk64ropBC3wkQQifMX_c8LgSeZVmh1i-3pp8KLCEkUiI-ryJ7kUh5V80gKEe1ZTstTty9pTT4r7DzPJTvQIMyftjuo_1oVUiKDr2nAVh68k5dNTTTM0W2Tp0HhAqSbPS8PMYeVZMRVFcW3xxo6hRIY2vmnTHSLoxyjYimAyddFapY2lVA4VUfc_ZPQ03LqtlsJa4UgC7n0WOG9DL7G-uHGPRjPb11S5BTxjoxjVzCP7sH7HS2GlxQ-YV4gzJUDlJwGY&cid=CAASJeRoSENqqoXAY9-3MQ8f67n-fiXX33acBmCy67B8-YrIEwSXwFo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
83eb7cf112efa3bd3098d99307a8b8b7997af33a8e80f69bbf37da54530a4c6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D21B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dxn7YBWDE7VfKuiG7lphX0u2cyJFE59rYnhR_tXAGvt9JNZaZsXROev_i2gzvgmUj_WwNWfIapvfLSCzx4e6xXQZBcw8ktlAVGBGhqRRap4Hn6eS8
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D21B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:46:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D21B 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D21B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:53:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:53:45 GMT
l
www.google.com/ads/measurement/ Frame D21B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1zKVAaL4JKKORh3N-ziTqSl7hO-6b_Jy0zf1MGyv2OwiOWEdADTcw1KkGu0eGPgcC7QYKB4tKSnzfsb_A7qGj_BohDQ
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D23E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcWwnPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEvgJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7clKkVGttpAj5GEpw7KAQwoE722qj2vxBNh7bFu8QsMWnoleEAUjWzgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=vsEwzy453Gk&uach_m=[UACH]&cid=CAQSPACsnQUx8DlJX3nvA9e0HQm6KwoWlw6cQASYw6ZcaYrSwk-1KXY0y-e1gv-nqof_7rzzA-5WtTQp2ROkcRgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.sg1.as.criteo.com/google/auction/ Frame D23E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.sg1.as.criteo.com/google/auction/notify?profile=14&payload=kO7RDc7xBnjYBGL4LRICAAAA-ONZtFtuTcMQPvkBY52NQ32VG4WHEGC5ABIAAA&wp=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.141 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
server
Kestrel
server-processing-duration-in-ticks
207550
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame 338C 		125 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
04dd30be55e6d70ef1aa0830c31518005a23db403197cec2c5e7f55db8fab637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=WXV1rejV9mAYiezAQiPK1zGGF5F5xuQEIxrt8DYCcna1mU0J7fXuBZlHT-sy5GV08VjRJ3mN7XsT9MFb4LDS4yEaJoqplwptXgAidEjQRi7gm8el-RVMr32fyMCGv_DPWjWT2Lfp9hHimooKfSizGDZ0_L_SkOmjt-v4NmbyRRJSavhGOl1Js4Sq2oYd5bcwrG4uSUnENFfEfok_kcb8dt3t3qwt7en8DcRb55O7PBJPtWNsmCAQlPIGfGZDjNAn3p8BvA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
49251594
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D23E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:46:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 850C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
55211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 18:01:56 GMT
etag
48472445140208031
expires
Sun, 21 Aug 2022 18:01:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D23E 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D23E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:53:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:53:45 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D23E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 21:42:56 GMT
rum
dsum-sec.casalemedia.com/ Frame AD00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1&C=1
43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNUHmGprNC-1aILpuIAfCW3evN6OWouda181_aFOo2hNa4kKXSrSuCD0Ir9ll2t4rYg5GT5WxF_mvVXBI20FXR2DZuIruQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d6fbd825aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk5nWo7hOK6%2B6cQkgNzgr6XcmKTmQCEfszXkFiD5NrxpiOJp2vYcN%2F4Fmm%2BZrStpcu5CxMot0JU0cFTp6dZ%2FbpE3BAd41QLSeAbdcOEZYRBSOWJ2BllBhQZ58gLKsJKVpG4Ni7Q%2BhMrojw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FW4k1Z%2FPEp%2Fxh2vqfCr3RgFfwLJecyZfR3lRVSDGQQvwQkvp%2BVpBGTaQ4VoKQ5zWtKvxCwfFwSyhCFjgqNG8WftmBJW1R57gGpDMXGRmQFfD%2B3udvhmIzrGW579V%2BJrahq29vYQvY8N2cw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1&C=1
cache-control
no-cache
cf-ray
73e24d6d8dd35a8b-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame AD00
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwH5PzKTTT3-zI6sppD-cAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNUHmGprNC-1aILpuIAfCW3evN6OWouda181_aFOo2hNa4kKXSrSuCD0Ir9ll2t4rYg5GT5WxF_mvVXBI20FXR2DZuIruQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d730cf25aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWIRsvW7Q3ANZ9zJumVNx53Vbw5cvI4aoxd3yBEpSqBBqquLvz%2B6XOXQlzoD0ZOMyHjKHX6xoQrHPwluXN0m7alXLyY1VyVJIrC%2FwjLnmSb%2Fx9Ggevw1L%2FNTWsTlhYQU1OszaQS6Ot3c4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ_TUGTtQ8JV6PELJJJSxo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AD00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECsgNRZ7jSfovcQQqTC1HKc&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECsgNRZ7jSfovcQQqTC1HKc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNUHmGprNC-1aILpuIAfCW3evN6OWouda181_aFOo2hNa4kKXSrSuCD0Ir9ll2t4rYg5GT5WxF_mvVXBI20FXR2DZuIruQ
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:07 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
46b48217-c772-4ec2-8a03-9e3c54fb8e16
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECsgNRZ7jSfovcQQqTC1HKc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD00
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY4NTk4NjE3MjU4MTc1MjMwNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY4NTk4NjE3MjU4MTc1MjMwNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNUHmGprNC-1aILpuIAfCW3evN6OWouda181_aFOo2hNa4kKXSrSuCD0Ir9ll2t4rYg5GT5WxF_mvVXBI20FXR2DZuIruQ
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 21 Aug 2022 09:22:07 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8d65e723-67e2-4d5d-96fb-a8378f39bc72
Server
nginx/1.21.3
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY4NTk4NjE3MjU4MTc1MjMwNA%3D%3D
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AC62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENG2tg495b5wXJ881_pdMSk&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENG2tg495b5wXJ881_pdMSk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXWX-4JSbRko0bVicJxTU1_CzepeJQVUUUXyNZWQm-QIwFMugj48b2x1P3cToE7N4cxqsMl3xcIfwxQsg9X31hDJl0ohg
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENG2tg495b5wXJ881_pdMSk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AC62
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3Y2Q3NGMtMDU1MC0yMjNiLWM1YmItNTdhNWYxNDNlMmMx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3Y2Q3NGMtMDU1MC0yMjNiLWM1YmItNTdhNWYxNDNlMmMx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXWX-4JSbRko0bVicJxTU1_CzepeJQVUUUXyNZWQm-QIwFMugj48b2x1P3cToE7N4cxqsMl3xcIfwxQsg9X31hDJl0ohg
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Aug 2022 09:22:07 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3Y2Q3NGMtMDU1MC0yMjNiLWM1YmItNTdhNWYxNDNlMmMx
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame AC62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJxxG8Gm8-wzNzOZHaKj618&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJxxG8Gm8-wzNzOZHaKj618&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXWX-4JSbRko0bVicJxTU1_CzepeJQVUUUXyNZWQm-QIwFMugj48b2x1P3cToE7N4cxqsMl3xcIfwxQsg9X31hDJl0ohg
Protocol
H2
Server
23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-160-138.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 21 Aug 2022 09:22:08 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEJxxG8Gm8-wzNzOZHaKj618&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AC62
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTU0NzhiNjktYzU1Yy00MmNkLTgzYTEtZDMzOWUxZjIzNzZl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTU0NzhiNjktYzU1Yy00MmNkLTgzYTEtZDMzOWUxZjIzNzZl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXWX-4JSbRko0bVicJxTU1_CzepeJQVUUUXyNZWQm-QIwFMugj48b2x1P3cToE7N4cxqsMl3xcIfwxQsg9X31hDJl0ohg
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTU0NzhiNjktYzU1Yy00MmNkLTgzYTEtZDMzOWUxZjIzNzZl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 21 Aug 2022 09:22:08 GMT
pixel
cm.g.doubleclick.net/ Frame 850C
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEARQya_16WVDZYtCQS5PSVM&google_cver=1&google_push=AehlK4BYgCAYqRe2c-yeqfMD3NfVi5xr-HR-CDVdSaa3Fk_NZslMyeQ_9PTZAL9HC7zwLvZXim_Ky...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4BYgCAYqRe2c-yeqfMD3NfVi5xr-HR-CDVdSaa3Fk_NZslMyeQ_9PTZAL9HC7zwLvZXim_Ky5oVBcvCr0qtFngBUXvyDFnvEIl3SWm9GAdWUb6xAzhCBkmdXucjt4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4BYgCAYqRe2c-yeqfMD3NfVi5xr-HR-CDVdSaa3Fk_NZslMyeQ_9PTZAL9HC7zwLvZXim_Ky5oVBcvCr0qtFngBUXvyDFnvEIl3SWm9GAdWUb6xAzhCBkmdXucjt4ChX0_BqEzi9if3SzdH0k9wCw
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Aug 2022 09:22:07 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 64B8990EF5864E67AE5DE94743100F0A Ref B: MEL01EDGE1517 Ref C: 2022-08-21T09:22:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4BYgCAYqRe2c-yeqfMD3NfVi5xr-HR-CDVdSaa3Fk_NZslMyeQ_9PTZAL9HC7zwLvZXim_Ky5oVBcvCr0qtFngBUXvyDFnvEIl3SWm9GAdWUb6xAzhCBkmdXucjt4ChX0_BqEzi9if3SzdH0k9wCw
x-li-proto
http/2
content-length
0
x-li-uuid
AAXmvN180psVVPhKwuqZRw==
pixel
cm.g.doubleclick.net/ Frame 850C
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTU5MWE1MjctZWE4MS00Mzg4LThiMzgtMmRlYzBlM2Y2ZDZh&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4Bt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTU5MWE1MjctZWE4MS00Mzg4LThiMzgtMmRlYzBlM2Y2ZDZh&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4Btq7njdA1Wct3t1gpW3aouYuNOxlnoc9qPQCAvsB3V6nTCV53cpyUMmiwTzuS8wtYEKlXLxsiipZryZBj3ihPgYiMdG-N4KOYBqSDMYha-xYACfCbKTaKNdMDutcH4cswFTNMkAcDafA9APnHdpS0
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTU5MWE1MjctZWE4MS00Mzg4LThiMzgtMmRlYzBlM2Y2ZDZh&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4Btq7njdA1Wct3t1gpW3aouYuNOxlnoc9qPQCAvsB3V6nTCV53cpyUMmiwTzuS8wtYEKlXLxsiipZryZBj3ihPgYiMdG-N4KOYBqSDMYha-xYACfCbKTaKNdMDutcH4cswFTNMkAcDafA9APnHdpS0
date
Sun, 21 Aug 2022 09:22:08 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 850C
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEDal4BfW8te-ZMYKrnUWYPo&google_cver=1&google_push=AehlK4BG7lvlLuNguYjmEeX6dT-Zb4Je9KyrpuCgzGVb6ylSfxUfDUFXYg9W7BMVloXhSQtydAZVnztGn7L9SyhIKvvZaz2bpQ3NjM9ex...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4BG7lvlLuNguYjmEeX6dT-Zb4Je9KyrpuCgzGVb6ylSfxUfDUFXYg9W7BMVloXhSQtydAZVnztGn7L9SyhIKvvZaz2bpQ3NjM9exO6_HD7V8W-t8qgNX7UH2GhCoAKNAL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4BG7lvlLuNguYjmEeX6dT-Zb4Je9KyrpuCgzGVb6ylSfxUfDUFXYg9W7BMVloXhSQtydAZVnztGn7L9SyhIKvvZaz2bpQ3NjM9exO6_HD7V8W-t8qgNX7UH2GhCoAKNALSalrO_Be7RTXx_-qO4fA&google_hm=NTA1OU04MDBXQkRBWTAwODBHOHI
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Sun, 21 Aug 2022 09:22:08 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4BG7lvlLuNguYjmEeX6dT-Zb4Je9KyrpuCgzGVb6ylSfxUfDUFXYg9W7BMVloXhSQtydAZVnztGn7L9SyhIKvvZaz2bpQ3NjM9exO6_HD7V8W-t8qgNX7UH2GhCoAKNALSalrO_Be7RTXx_-qO4fA&google_hm=NTA1OU04MDBXQkRBWTAwODBHOHI
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
dot.gif
s0.2mdn.net/ Frame 850C 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESELIUyK5-tNVgeIxnYWNQiqc&google_cver=1&google_push=AehlK4Ar9OY_xsHGKCxZPp7tyGJQQRYHLBWCITi8u1qVvnYdfs8mY9oRuanQtSU2ZjfOCB6vGjz-UfLLjnbXG6tuRApez-MHrHeBfuuOm8tKxKOsvaiOrWTbS0S7bdqWdLaXfBuN6P93TAt6hYYKEB4b938
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Aug 2022 09:22:07 GMT
pixel
cm.g.doubleclick.net/ Frame 850C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAz3tAN06qUK1Ib_gDtnEJQ&google_cver=1&google_push=AehlK4AFp-iCpQzTOmUeNWdo7ImTPoeqDYCcWlK3DSXJyeHeFnjGfqZQBHERbco5ktpWepV7g8iSMBcZo9fEm4k...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Y1raay6HRExpCvZ3mSNRG2fR_gU&google_push=AehlK4AFp-iCpQzTOmUeNWdo7ImTPoeqDYCcWlK3DSXJyeHeFnjGfqZQBHERbco5ktpWepV7g8iSMBcZo9fEm4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Y1raay6HRExpCvZ3mSNRG2fR_gU&google_push=AehlK4AFp-iCpQzTOmUeNWdo7ImTPoeqDYCcWlK3DSXJyeHeFnjGfqZQBHERbco5ktpWepV7g8iSMBcZo9fEm4kjb3U1nUKgpz5cbMEM9_YY7ECwEXBfK32a2wuOBfK4wCi2hgPm3UHMIafPXvxfeRhWeFE
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Y1raay6HRExpCvZ3mSNRG2fR_gU&google_push=AehlK4AFp-iCpQzTOmUeNWdo7ImTPoeqDYCcWlK3DSXJyeHeFnjGfqZQBHERbco5ktpWepV7g8iSMBcZo9fEm4kjb3U1nUKgpz5cbMEM9_YY7ECwEXBfK32a2wuOBfK4wCi2hgPm3UHMIafPXvxfeRhWeFE
Date
Sun, 21 Aug 2022 09:22:08 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 850C
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEMBEthfDFsiGpw_sJ5igdHQ&google_cver=1&google_push=AehlK4DvDcSU4soV90hg_8fpodIyRJjdNa-S10wgRxzfahGf-JldvrrXUvj0b78FdhjGyoHY4PrZ7onjkkKhLRx-_...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4DvDcSU4soV90hg_8fpodIyRJjdNa-S10wgRxzfahGf-JldvrrXUvj0b78FdhjGyoHY4PrZ7onjkkKhLRx-__zMXWfaALffclb7Fqc6MyeQGt-RswG9S4De1P145RB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4DvDcSU4soV90hg_8fpodIyRJjdNa-S10wgRxzfahGf-JldvrrXUvj0b78FdhjGyoHY4PrZ7onjkkKhLRx-__zMXWfaALffclb7Fqc6MyeQGt-RswG9S4De1P145RBtJng1K9rXDG-4H3UPUw3rxRQ&google_hm=AfC7zHv3gEZToSFvAfo8HW0
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4DvDcSU4soV90hg_8fpodIyRJjdNa-S10wgRxzfahGf-JldvrrXUvj0b78FdhjGyoHY4PrZ7onjkkKhLRx-__zMXWfaALffclb7Fqc6MyeQGt-RswG9S4De1P145RBtJng1K9rXDG-4H3UPUw3rxRQ&google_hm=AfC7zHv3gEZToSFvAfo8HW0
Date
Sun, 21 Aug 2022 09:22:08 GMT
Server
Apache
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 850C
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHQin8Gdp9CF7ScVRcX64Q0&google_cver=1&google_push=AehlK4AcpzNns4mOwnJIZhZ6fDrwQ3w6uHqiiD8ZLHkU-xolQEEllD7Zugh46dIiDs2optXXTvYthvegdgC95O02C...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDNlNWYzNjctMDE2ZS00NWNmLTllODctY2IzZWE2NjBlNzU3&google_push=AehlK4AcpzNns4mOwnJIZhZ6fDrwQ3w6uHqiiD8ZLHkU-xolQEEllD7Zugh46dIi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDNlNWYzNjctMDE2ZS00NWNmLTllODctY2IzZWE2NjBlNzU3&google_push=AehlK4AcpzNns4mOwnJIZhZ6fDrwQ3w6uHqiiD8ZLHkU-xolQEEllD7Zugh46dIiDs2optXXTvYthvegdgC95O02CyhXmkvsMREYYkUoCbsSSu7fb5XKa7QwnKwdsx06Hm3F8iu_Joo27q1KFu5eJvhGvM0D
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDNlNWYzNjctMDE2ZS00NWNmLTllODctY2IzZWE2NjBlNzU3&google_push=AehlK4AcpzNns4mOwnJIZhZ6fDrwQ3w6uHqiiD8ZLHkU-xolQEEllD7Zugh46dIiDs2optXXTvYthvegdgC95O02CyhXmkvsMREYYkUoCbsSSu7fb5XKa7QwnKwdsx06Hm3F8iu_Joo27q1KFu5eJvhGvM0D
date
Sun, 21 Aug 2022 09:22:07 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 850C 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxwAoZuB1_A4if93o-HwJj1R-9totzLqRvFQj5ckBBbsGVmgDqqHp_tIlf3h7Oege2O_spxA
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 1AC9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=4372845257663323&bg=!5-Sl5KDNAAYUOm8VNDo7ACkAdvg8Wv1Fy8gE79ob3sbHrpRhhDaoXNe7F-vBL44Z7VD2xFsAvbncwwIAAAC2UgAAAAJoAQeZArLrOoTGv1qTf98WjJD6_o15XOpYTZzmpBuNtqxrDRqydbvLDAj1rxlclHUJh7toyLT1cjE_wTwei5B54kWK-VkPq-aJ1yGHuL4xSQ8VULnbdEKMv6IPUKS9kv53IghGBhBClX9eKW1fQash7txrDgahUe0L9lMPYBphnWJpWB-KpAYYX4f8LzkqVlDjCeTxF_3az32OPLI-s5mna0ZZMvpzJAb9vuOtsORJ6jW7-zWQjtdUYTA73UHiprGxj2n4ZrR_O4mbWU2KUsHSA_ziovNuHs1M3fLd2_zaxZdkI7voUpq68_78Z9fRUpUN9o523MqITqe_-4nZW1gU_5_N0z9LQgxR2CwOuunbx1S6H_JhNwQ7BeVmGrE8wK5bf3C8vuua1rHkh9wOKNB8WUpljQrxuDYdF57cKaVkjpZZ-brnG3R3nBMDCBXXv9EhGgvLOwv_v9Gb3akcesPgnxwIJ275VJ7uxpJzPe5DOeYxScGLTpfLsn0DuChbV3q7Hb0KIsNJsrbh3q8XG5bI5LCU2nh71Nrr_cZoOTC-oQG1hggn8YjvVNqeo6LVQ7IxLMsqRAYgj0n8ybk_qHLRHT-5QDm6hm5EsId0UsgWjF1O7zLAVRq-HFUzP_HPyLMJG4O1ymsLlp0tPOy2BweFcFmZ9uCeUx6hJh27b8d-MQVPiVAf0DdXn1LpRKbq2lscI1e3CdyO38xhQUBs_bkT7fKkqcNIYIU6N3w8KXXTfzt9IDnzJCsn-Mb_FO6IGfmpRjWApRGLTizpze77u_aW8xMFTSPUS6gAFtT-RgxsSSmoN9neRFa3bcLCaMGOd3lTxrsSv23siHmTKV8xb5EvuzBgZrjXv8qHufUnu-_Br_Seaj2g9C49ujKiXQibO8HjX7kdRTaqzfjgZXvnn_M5FOUpMYx5Fjg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=4413652817455341&bg=!Pj2lPXnNAAYUOm8VNDo7ACkAdvg8WsjBY0hyqZDqfff5qwOIDP8QVaWGVw8nHm5ahpGrZ9TSvwv-LgIAAACvUgAAAAJoAQcKALvkHXgR-hLZwQAIkjbH6vI3ZRiNw105oS8i1HPSN6ZpoCfRPqcG12blaXaUyQ6C3zmT7vkI1bV8v1RDsp4yxSe5hpVdYFavRhpgVNwxfauOOlyB33UFqART6BO-fxyN7FD5VHjzTUczLr9eO0QrNU-e2-zqBCksFf5y7TJPEeMeF4uvvd13D6JAkuVcJFHt01_ng9S2DDZo49NzPToGqQvizkFlIuq9my5BJ2Lcp4Y708CShD-f3TmPfauamQK_trtPux9dUhZdALcH055mc8W2BcILdfEefN6vpbAEWgeynV7YmHg0Vw439H3pBZAUq6YD2keWETy4F-beKNxH3fHR4dT8l6vi1hFYMBCFGWsSIDnnG1zl_cb6qcHEh_c6olanP8djj73hqvyM8D9ok2MbtN4_zKhhFjir73wZpBPKl09XzLBmnDuuYNt7363aZgEmQLFe9HO-cVJf2FrKyfNKq-4YbmIKK9gbe5NJCJXz8eubqL8ET3X4ScOCoZ667U3T3zvGx5e3BPiYXShhDqBSMIb5yb6bYX5tljGCHMa6MqALVPSwHa2BagWm1v04XmeKQmcqXQb_3AL7mYsiEn55oa9TveKSgQpfoZC1KmebyxCnTJJYn7sFQnYNUgmGdQgZGoCnFNqo1jRqacgjSfu4NmT5w3ERAiiWYmMniHz5sImuroAbLibqbMW_Q0VVU1yIudO-YKgvvSy97BJrg6zYZfazlEMSZnAnlk1NHmxJ1UxEIVmv_-WDyMS04AnvBWWgiku6NcQfE91TykCUquJ48KmGEsbWDxLpr95fq4Sx7lu1qHMncoVzYQUdxUS2Yt9Sf4z73dh7mCUhOWp6bZ618LkZCHD4s1_RAQFL9J-qx3H2NT3_wav_oYGQXYJ9buQMBVqzXPbLYYJPEkwsMQjd-w0uD_BO9iD8tpjDT4cWrlqOVxX4Yprgc8wO-Z1OMLd9gVxdG2dT7z7-mulZB-CkAJUdOtlMyu2JEXqtcSnyMGBWaDhhhLIMRQQAmjpJFxzJh5fFZrQlw7OGvzj4OoS3Dg2Uot-_Mmv9JNOFg8HbQr_5-NMZtZJmhey31W7ZBNypJGqU0jRRMfT5Rmehex71aT7uff4cNvyWURvdVwVlh6yEjq9_Vg2ZxjacS_trpPKX_uUa1gcKi0kUwnB_GRfWkwixQyZVh9JVoZ1xjA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 22 Aug 2022 09:22:07 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B610 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Origin
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 11:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 11:50:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame B610 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0UaTm6PORdR_nTKB2wiT_7xE28tGnelbEf2y_TraBYWfAknHfgLmdIIPzo04j6ABWQz5iCE6ydsh0iZkWH98YCcFdbQ&cry=1&dbm_d=AKAmf-CPd5TNss5KGIVPrMaauhfxwPk7JazrnxdqECRgkeJwAmPhXVTPkxl69Qhdp-W3vmU1UVJ6ADWK1ZnQOqBGlkdnH2TbGAs_DD-BZY48c2stC7FXsb78YLXRe_7ZcrZIknsAeh3iV_zo0XtSxCKLsunQzoVx_Rda1dF7ki9KZC0bi5tcz1h6ge2UWRa8xSjprTmg0ZmWUwVTwz1E2ZpGRMsLpSpXGBNQPb65WRevfvaWoecp9awBrXaXle-QupDGu3RLaiDgmGXq1IxtPBCHv3SP9zb6zgnbb_0MLoVbo51YloAPjCc7oYDAlF4frKH6Xk5pKqz8g42Js0G--STa5T3y8Yhp-qUpuMj3rnwC65Iy25bP2olDWpi-ckuaNHLiekJau6m_AX6-dSmKmeo5IeByz3Q1Aetbks3U6kRzOg_2XG6zeAgPLIRZiNVharYt7TkoVJZN83a5xZ04rkXpq58dr-K-4fB1yHe84mYL87XTbfSDDFRTwGWjEnqE8AmHD2l5GCDDttpfdEGEo3KCD3bCzBx_bORNj16kJTjdjzN4qtNKYpqt1HxlM_Rp9S_fH5S2a7F5qBaeT05fpxNqYZki8zUG0NtNQJmWDEV6_zkHPd1j4tEZjI9jNdZ5PAdlkhGA7qPyXQ-eq2LolmTLwxJ4bXdMsS2ZZAd2j3FlL_Cf-b09d6p68bJF-MEY2NhKScSr82i8wG69CPYG_gk8zQMfFm1aAv0mIPTsLCjYaM0iPz1VJ6ib72u1TDZsrmWsaYgFqjQeJioRamRqihwc99YlmX1acWUIHfidcRKZrNT2Fe9JyFD8AVM6AjW4Nqwai_JX_dGrb_xaFMUfn5GcZ4eq7N7VHyvb0IQJKZ-IKtAC_7CrLbtmnV2FoTYcV0UC6_ykwRiq-Yv0J0P_49Vb0i9E-k99PEHF7e0clmtxCSSo7RUAuh-MxAerbc25t6o2_HFyVUFM_oeLGZcebMK79c1LlPraBLldHl3OHaQxCVd5eFXDX4pU-2KHWHaZ0NvJdCP2tNZjD74IYJtN0S18C4fmVigoiYE5fWX-nwv7tkRZvmyvlkX43eF7Cb1YEGcqICmIRWPAz2ItHX5John0_L8zlTUE6GNMl4-PTVdArt4B6sIDQtXQ4VvhAz_1M31S9SWj2OsNBRl92iJf5-U-fDUpPXU6GlSYAEPguP61zR-h1hRz3CnJKgedt5qLcCnt6mVIydP8EVGD4RmbsgXkxoLBwYPT12RKpaS68j-LJUl7GNFkNm6pI6PdBXgp2Fvr5OTp4SYQ6HT_mevzjiAj3y0q4mzmSAoWAFNJpubckJckm_tjM1G-LfxbDsj9Usck_tQdT-bKwVjLtTRRwibEOQhWDMCIb3yBWwm6r2EPySmXrz3mYUzrf1aWhvw5d3IHBcGyOTqSS54KJS4RnxKjoc_T-UIrbISQMneNKHqy-OWOTlrBO2LgGh3acSYdz6rAykDpBoqIMvAseSEIIRvRCcYP7VEwAgd5VMokEFqoDqwQFoE_ReGcnG31-9NEsTqh5kTvnBXPcLLibCb_stVn68z1NZl_Q3wSM_IWcEjS5406SEOP_PhihbTwvD-cela2g5ElKHnwySWXfmrnlrjA2y8wQrRKVyIIWeUiLCleKrh3cDP4MCDR2izVKgLp2Yi9SRguPDIiyLJVFzfix6znPshoFEv5s6PDvkxS-D6FGScXZtxN_DIkMY0-11B-l4qxtjR2M3QcAptsvg0QwYRs0S24Uq21zX-_nz4CM5v5fyi581KEGER9KVFVMf2ea1GShYp1YWtlPy6v6ft9VQgid1YR5QOZX-UZzSP6_ThqUzNaoGIleuCImQSbIsEShgpXy1waKqKKDO8ddn4P9IFh9tRLXNcumoQhaSAHpd_Vp8h38HpTpC0BIGZYOCZS86e7UZYxtgYc_dN6FG_jOyq6dny4XT8LfxK-QKtxy_s8GHHnBLBlzlqLVyPFFn45coxttgIdGTUR5u2JDGzDuJP7WrhmV9xUgGBXEK0YPrbJzFiYjflHntUEzUfcRUCtAFj0brlz48glor13Kark4ZXbSutLhKLZ24U2jSzXLFhMrm8eXlNmrP7xeEL-dj7y1fFOrVcxJsKu3RVnFH1shN3GqXMmsHrtHsdfTCN4kVLSEOvW-qqrmLQcDcYnuVCrz5tYDLNGx6qDiWYmICmt9eUwhDhgKMUvZWwSzkTf6CLtYXumnbwmkyxs8GmLjYIeYxci9LLDx3sEGGTRGQlhjw2Dgnv56qxubUAJ_VNqZ_qy3A9T3l8kpz2E5GOVUsxUtFLwGlI7he069UZqut2XWQrlcslMdkkhYuL0NKoze15yJn6ZLcyKTeO6Km2id8sNMpB6c2OIrkiDlxYsxD68ECjDMAnFVMx-l9Vgix0qbUAO3ZSIEd2gxnQmiz1997lQLAKkEANAJCGxeWFhJj21G9X6mtMxHCoF_kpdraVRnvEUAV2NfxKnJcvb5_BsFTgAMCCrBZCZEO8J53SHXyjkw3Zn8ntefYCwtmGiupKlnUisMRQ5LNCcX6IZ1iaFIZg36uh_RUuW4HNAo8jIC66qpqi80-7UGpXzX8KV2ararAkJ5rijdpyAxJ3_DzqVuQZTqS8r11V1qlzm4ThbWo_TmCUWstXN_r0PEnzMg3xq8M-0uTvto_FvPKEGvTQbtiKb70eshcaYj5J-yf8lT3IhPAha0xkZHAmKMTIoSga1ZgJGlmnTQI1t8l50jv37SjbwEA9RYxpGM_9_96f8vHn9j3pPQ1zUA_f_HBrtCgu5qELbbN_U2MOO6NrxQf5dlCcoWMe1s-4wl3ytAs2YdxkArBMZVtxS9DccNSayKViqqmHomo5JQrXOaPxOy6itCUI3j8c3dnAOqxtDhSgm5jpDI_tAnQE6qpCwKeIDFJSsXmaDP3d_OXEITtMJu7gGY4QHh8rO29mLpFva00Jj5ZAAGR6d3NIJqwdh-AWdCmpB6Ae6rGwC6s0vydZwe8U0zCBAIjGzrFQ_vnKqwlci_2kHtEtHonaWRobIc4N4yiyJD7HPj9z9IRIpkFRctOT8z3RoHNpEzWhRmMRfwwRGmLI8d8kFwB_8SVoR25ePqD-FRTCQj4ZYS2TFCoAnOjTZILgZmoKzUotKOj_0SDxwvdm1ZZ-gs_IaXrmYhPE0YRi-5FXYKRF7XEjhGHOMryTVUt57MlqbKIQCMN2NDWqxyecrFMMq_MldWv4VfUiU68hZXxDeDrRJ19_kIWBLpu3TOP_NJNuljU7s_yfm&cid=CAASJeRoXfjUalFUkBFwQeQ9kAyeQJhn1Gtb1QuWr1ozvdQ9aDGNEZ4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2989
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:32:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame B610 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0UaTm6PORdR_nTKB2wiT_7xE28tGnelbEf2y_TraBYWfAknHfgLmdIIPzo04j6ABWQz5iCE6ydsh0iZkWH98YCcFdbQ&cry=1&dbm_d=AKAmf-CPd5TNss5KGIVPrMaauhfxwPk7JazrnxdqECRgkeJwAmPhXVTPkxl69Qhdp-W3vmU1UVJ6ADWK1ZnQOqBGlkdnH2TbGAs_DD-BZY48c2stC7FXsb78YLXRe_7ZcrZIknsAeh3iV_zo0XtSxCKLsunQzoVx_Rda1dF7ki9KZC0bi5tcz1h6ge2UWRa8xSjprTmg0ZmWUwVTwz1E2ZpGRMsLpSpXGBNQPb65WRevfvaWoecp9awBrXaXle-QupDGu3RLaiDgmGXq1IxtPBCHv3SP9zb6zgnbb_0MLoVbo51YloAPjCc7oYDAlF4frKH6Xk5pKqz8g42Js0G--STa5T3y8Yhp-qUpuMj3rnwC65Iy25bP2olDWpi-ckuaNHLiekJau6m_AX6-dSmKmeo5IeByz3Q1Aetbks3U6kRzOg_2XG6zeAgPLIRZiNVharYt7TkoVJZN83a5xZ04rkXpq58dr-K-4fB1yHe84mYL87XTbfSDDFRTwGWjEnqE8AmHD2l5GCDDttpfdEGEo3KCD3bCzBx_bORNj16kJTjdjzN4qtNKYpqt1HxlM_Rp9S_fH5S2a7F5qBaeT05fpxNqYZki8zUG0NtNQJmWDEV6_zkHPd1j4tEZjI9jNdZ5PAdlkhGA7qPyXQ-eq2LolmTLwxJ4bXdMsS2ZZAd2j3FlL_Cf-b09d6p68bJF-MEY2NhKScSr82i8wG69CPYG_gk8zQMfFm1aAv0mIPTsLCjYaM0iPz1VJ6ib72u1TDZsrmWsaYgFqjQeJioRamRqihwc99YlmX1acWUIHfidcRKZrNT2Fe9JyFD8AVM6AjW4Nqwai_JX_dGrb_xaFMUfn5GcZ4eq7N7VHyvb0IQJKZ-IKtAC_7CrLbtmnV2FoTYcV0UC6_ykwRiq-Yv0J0P_49Vb0i9E-k99PEHF7e0clmtxCSSo7RUAuh-MxAerbc25t6o2_HFyVUFM_oeLGZcebMK79c1LlPraBLldHl3OHaQxCVd5eFXDX4pU-2KHWHaZ0NvJdCP2tNZjD74IYJtN0S18C4fmVigoiYE5fWX-nwv7tkRZvmyvlkX43eF7Cb1YEGcqICmIRWPAz2ItHX5John0_L8zlTUE6GNMl4-PTVdArt4B6sIDQtXQ4VvhAz_1M31S9SWj2OsNBRl92iJf5-U-fDUpPXU6GlSYAEPguP61zR-h1hRz3CnJKgedt5qLcCnt6mVIydP8EVGD4RmbsgXkxoLBwYPT12RKpaS68j-LJUl7GNFkNm6pI6PdBXgp2Fvr5OTp4SYQ6HT_mevzjiAj3y0q4mzmSAoWAFNJpubckJckm_tjM1G-LfxbDsj9Usck_tQdT-bKwVjLtTRRwibEOQhWDMCIb3yBWwm6r2EPySmXrz3mYUzrf1aWhvw5d3IHBcGyOTqSS54KJS4RnxKjoc_T-UIrbISQMneNKHqy-OWOTlrBO2LgGh3acSYdz6rAykDpBoqIMvAseSEIIRvRCcYP7VEwAgd5VMokEFqoDqwQFoE_ReGcnG31-9NEsTqh5kTvnBXPcLLibCb_stVn68z1NZl_Q3wSM_IWcEjS5406SEOP_PhihbTwvD-cela2g5ElKHnwySWXfmrnlrjA2y8wQrRKVyIIWeUiLCleKrh3cDP4MCDR2izVKgLp2Yi9SRguPDIiyLJVFzfix6znPshoFEv5s6PDvkxS-D6FGScXZtxN_DIkMY0-11B-l4qxtjR2M3QcAptsvg0QwYRs0S24Uq21zX-_nz4CM5v5fyi581KEGER9KVFVMf2ea1GShYp1YWtlPy6v6ft9VQgid1YR5QOZX-UZzSP6_ThqUzNaoGIleuCImQSbIsEShgpXy1waKqKKDO8ddn4P9IFh9tRLXNcumoQhaSAHpd_Vp8h38HpTpC0BIGZYOCZS86e7UZYxtgYc_dN6FG_jOyq6dny4XT8LfxK-QKtxy_s8GHHnBLBlzlqLVyPFFn45coxttgIdGTUR5u2JDGzDuJP7WrhmV9xUgGBXEK0YPrbJzFiYjflHntUEzUfcRUCtAFj0brlz48glor13Kark4ZXbSutLhKLZ24U2jSzXLFhMrm8eXlNmrP7xeEL-dj7y1fFOrVcxJsKu3RVnFH1shN3GqXMmsHrtHsdfTCN4kVLSEOvW-qqrmLQcDcYnuVCrz5tYDLNGx6qDiWYmICmt9eUwhDhgKMUvZWwSzkTf6CLtYXumnbwmkyxs8GmLjYIeYxci9LLDx3sEGGTRGQlhjw2Dgnv56qxubUAJ_VNqZ_qy3A9T3l8kpz2E5GOVUsxUtFLwGlI7he069UZqut2XWQrlcslMdkkhYuL0NKoze15yJn6ZLcyKTeO6Km2id8sNMpB6c2OIrkiDlxYsxD68ECjDMAnFVMx-l9Vgix0qbUAO3ZSIEd2gxnQmiz1997lQLAKkEANAJCGxeWFhJj21G9X6mtMxHCoF_kpdraVRnvEUAV2NfxKnJcvb5_BsFTgAMCCrBZCZEO8J53SHXyjkw3Zn8ntefYCwtmGiupKlnUisMRQ5LNCcX6IZ1iaFIZg36uh_RUuW4HNAo8jIC66qpqi80-7UGpXzX8KV2ararAkJ5rijdpyAxJ3_DzqVuQZTqS8r11V1qlzm4ThbWo_TmCUWstXN_r0PEnzMg3xq8M-0uTvto_FvPKEGvTQbtiKb70eshcaYj5J-yf8lT3IhPAha0xkZHAmKMTIoSga1ZgJGlmnTQI1t8l50jv37SjbwEA9RYxpGM_9_96f8vHn9j3pPQ1zUA_f_HBrtCgu5qELbbN_U2MOO6NrxQf5dlCcoWMe1s-4wl3ytAs2YdxkArBMZVtxS9DccNSayKViqqmHomo5JQrXOaPxOy6itCUI3j8c3dnAOqxtDhSgm5jpDI_tAnQE6qpCwKeIDFJSsXmaDP3d_OXEITtMJu7gGY4QHh8rO29mLpFva00Jj5ZAAGR6d3NIJqwdh-AWdCmpB6Ae6rGwC6s0vydZwe8U0zCBAIjGzrFQ_vnKqwlci_2kHtEtHonaWRobIc4N4yiyJD7HPj9z9IRIpkFRctOT8z3RoHNpEzWhRmMRfwwRGmLI8d8kFwB_8SVoR25ePqD-FRTCQj4ZYS2TFCoAnOjTZILgZmoKzUotKOj_0SDxwvdm1ZZ-gs_IaXrmYhPE0YRi-5FXYKRF7XEjhGHOMryTVUt57MlqbKIQCMN2NDWqxyecrFMMq_MldWv4VfUiU68hZXxDeDrRJ19_kIWBLpu3TOP_NJNuljU7s_yfm&cid=CAASJeRoXfjUalFUkBFwQeQ9kAyeQJhn1Gtb1QuWr1ozvdQ9aDGNEZ4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:49:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:49:57 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D21B 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Origin
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 11:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 11:50:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame D21B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVZWC2HKE7IfKPYlLXfE2iFf_NqjK2RkxILYq1XCd3EFtfPL57XApKCfkTl4sulApK0JI3m_e9fJeL9uCinBpbO4yBTw&cry=1&dbm_d=AKAmf-CL7H96k4MF7tx4nUWJ33tLVZz_EjYl4ipzSMFupp4ShmN3Crp2FMvCDU6FLYDLklkrsbA0UlKv3okzTBYo8YS4dfPZkq9bjXbx8l-fQwyd0qlFrYtJojMnorEdi1h8bX6exU1AW5S-zraCKK3jLyCeQJ7X9NOihdx1Mn2th8OU5D_oYwMpwkJrvv6vcxhNxlDmtTndEcMjlArdbhH3J-46ugM5Og-0RzQpLm08W4D07vUt1g-cE79Teuh0r6um4JWZoapbjNTpZmkNY5xJdmCDlAxIQnKfIpcXRJ65pKxsyrg68wh5p_Q1SjQFS-7Yt5Ez94552_hyn9fHlpcUMccmwy__mH7NSYEUyXX0JhOD-l35dYVxMavyUes0VCBfTgCvOl3X5a7yBHCk62E1DCwtaAl2UCkfIr3C_8DPqzWWNhdf2Q3mFpjcCS3rWdghD4WUWNN9I7YSdnu1gf4IolaoNWqeZo446mkHvETNJdvPf4D47liGdXwFJEH-fxybAf1PhQQ8BQnswvst6lf8Myp5kQ9gOJicLZKU54dfaZmyx4PtPkvKMWzt-5u1DouVikO6ND306YAYsYg12DaKV7M-QDNBn4-V4virFXYEeGtpbyTGY5zl5D3VNkO5RUK6fTHsoKdN953kgDF3R0QiXNnckX8l1UxC3N0bN7lkbf1IaysMnkySNAeMA17rfLc23nvLVNhcrJ4mQ6M1zNyqolc_vHTyfkNWz_immWTHotpdi6MDoBRVbBh3snGLqPhDi_BVuzm-Tp7quXsKwqwYhrhRqsIx1T-28OiPEbqdFPapPXm-YdWAKsRgJirrXCA7W2x--F2wjGdGE3-6JucPmfdWmg-nx7wDU0uy86xMpR0_clLwzc9g5_7Z7db8K5bPLXanIvlMlX4xtbZ-9N0WRDRSDWReKlLouc2EP8YUYiixHcx9bJTTp5xkHnRU95gEpleRauVNUKTNAfWJ8UCdJLFmkm6rgknc7X8tnFDtda6RzMt-Id6WH03z5OMGad-dDY-ICkdLmkMJOEqetRpSxkHsMgUdTyCfDDxeMJJelZTxbCu6HMoLdDoLEiKHCr4UwVrxXXYEpi9f16z_aqBwQIFlVZtDG7fYFLWNKfBVcm8PHrShwxDjjDodPv8KuVYiV52kqI2gDu2VoaOZm3BVBN9FiUczbSwTLIPBuOn9bbAu1312QGrSYANVCErDsBhF8XE5ILs6b6Vzr4P-olgrxyuVIVwuLJOtOO5tb14c498shUA-Aby-HDLBRRB8RBi6gE4DI_GnBrbY_FYvhTFONhaGVPxPoayST6xedNWEllceI1CpFUoe_QjW4NxR4aVLQ10LTQNz0iTNAC8sLjpkkevwO4sFM8bw_nY44RVMQM8HgoHtTfTN000YG1BXkBSFoS8yLkf0_Fz3xPMAI98C6ezkvx8E_gLsyBynHx1zDBIBQxZ9Kl9ZF_dDUdCqq9nNTyUMD2i15JduC0NfGwpoYvePqiP2O7tdBPgq-yCocDwWKpeLXrAkfq58pmTElsAhR1uiK2WjcVKt_1Eh6LrbFr4aff5QicdyxvKwrVrhIYpXR84DJmMYmPGZwMr1Ft14116JhNa_MnDZYT6h0dS-KtGr8UGt2AYez4Nl99L_WfEcFOup2kEyc0w5KsEuNkjK8lF9Scp1d3IY2gl0pHIXHjgiDhm4iOFGcBxMdijuUspsAXYIiCtegKTY1PRsaUKYRn2i_DqTwO-PwO2DBO8Tus450hlprTo3-zMYVgBOEkXPuRgfUnuNCttEWfFs10-0rKWNDJif7Cxi9HEaRovO5V68RjIBZ14TDPe0LF34XlzAP7IgUkv6BwNd2Bypzu6p_Y-NnYH8Pg_5ATD2tbWQ_Ext0acODsOvcvE8XTGiu7R7qxpb9hu9IXm2asYv4SC8xtL2XQMMSrVhuMSrws0L1KXKR9RrcVZ0AensIqcUyONJOpFdSLCigvDKU2kzI-Hhjlt42CRhFOQeOlolQ6C5ct4Drv1NwB9LZjPw5_sthUj1IOgfhDTFa-p-bp_EhkRAMG9B6clsOwSBYDBoM2sUWpiac5CQiVaHyGyy_eX9GCi1hUd9L27nPCBia5eN8viqQ17jYfkdfqx0BW1OADuI6hU4Hz1aK7UuYXCXuIOLKCCYSf5wqm8WsSAw2LzBtjOPIoe79m_rk4IYyTVeCHryS2s8lhcCW6VdKPMQ9kUuPSfMYkgGmr1Ad3vFJiTjVZykv-rnCHFjj25AyzhxkhecLp9hm354NQFMFOEytZR053CidTRTR-6c42iOChqEj8njU2UnJxKYZmOuCO9iLdJvEzIBaarmc4qIWHH0UZ4OAxfHnftVQXuvJ0IufHnDxFb4SOO8qOhRBWptcuZV4n3HgZUa2mWaM5GadkKpB2uueCjN1Ya-P-cZTKTKXzxOIA_HIolpSGvguUv3vyUVjrRt6XrS_oBzgh3Ge16lA-m3mEixGiqqaiHwhYnJk8z9iwoVq-YZIdVT-OC0JQ86HkqDoLk6PyiY1AaBNtE0VIAnwfvTjaWmXVv5tu-vjBw2kGkjeklp6rNRZ6ebTuCwhXxJuPRwlumSAUU4jI8iQWuaNVNvdm1PvZhxBJpNyQFX6am2Kdq1uM8GY7S7H-mdgRDo-wwto6D0-FdzycacwC9fZLme6W2Ei_OUmc1LAddheFs05gMgNhspVPbohsp6Mor2NA0HnfioByUcHRq4SYPkQmRatH4rtnH1odURWnek0N-2yazL3bv2KUfDi0upJ1Y97gPtYNvGHGEVse7G-d_elHWlr5ChnCNSfQjE_Sdx9flRLsy-NifUOrqMOR3hV_QSsFrwdNQL7kGsug-AhZ2OFXwl9lsXFquuli7Wz2v8qxNyJQ-dPoUqCZ5DfPr2_gJmVr_6knr9nkFr_bLyejzC7zR6mE0SCg7JYLBIY4uOt9f91GU3gdE3C5SyrGQbTuu7G18fgObDzPPtD6RyCTJQ7CibKP5jsPXSFvuTocGokljhZQHM5Wk64ropBC3wkQQifMX_c8LgSeZVmh1i-3pp8KLCEkUiI-ryJ7kUh5V80gKEe1ZTstTty9pTT4r7DzPJTvQIMyftjuo_1oVUiKDr2nAVh68k5dNTTTM0W2Tp0HhAqSbPS8PMYeVZMRVFcW3xxo6hRIY2vmnTHSLoxyjYimAyddFapY2lVA4VUfc_ZPQ03LqtlsJa4UgC7n0WOG9DL7G-uHGPRjPb11S5BTxjoxjVzCP7sH7HS2GlxQ-YV4gzJUDlJwGY&cid=CAASJeRoSENqqoXAY9-3MQ8f67n-fiXX33acBmCy67B8-YrIEwSXwFo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2989
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:32:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame D21B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVZWC2HKE7IfKPYlLXfE2iFf_NqjK2RkxILYq1XCd3EFtfPL57XApKCfkTl4sulApK0JI3m_e9fJeL9uCinBpbO4yBTw&cry=1&dbm_d=AKAmf-CL7H96k4MF7tx4nUWJ33tLVZz_EjYl4ipzSMFupp4ShmN3Crp2FMvCDU6FLYDLklkrsbA0UlKv3okzTBYo8YS4dfPZkq9bjXbx8l-fQwyd0qlFrYtJojMnorEdi1h8bX6exU1AW5S-zraCKK3jLyCeQJ7X9NOihdx1Mn2th8OU5D_oYwMpwkJrvv6vcxhNxlDmtTndEcMjlArdbhH3J-46ugM5Og-0RzQpLm08W4D07vUt1g-cE79Teuh0r6um4JWZoapbjNTpZmkNY5xJdmCDlAxIQnKfIpcXRJ65pKxsyrg68wh5p_Q1SjQFS-7Yt5Ez94552_hyn9fHlpcUMccmwy__mH7NSYEUyXX0JhOD-l35dYVxMavyUes0VCBfTgCvOl3X5a7yBHCk62E1DCwtaAl2UCkfIr3C_8DPqzWWNhdf2Q3mFpjcCS3rWdghD4WUWNN9I7YSdnu1gf4IolaoNWqeZo446mkHvETNJdvPf4D47liGdXwFJEH-fxybAf1PhQQ8BQnswvst6lf8Myp5kQ9gOJicLZKU54dfaZmyx4PtPkvKMWzt-5u1DouVikO6ND306YAYsYg12DaKV7M-QDNBn4-V4virFXYEeGtpbyTGY5zl5D3VNkO5RUK6fTHsoKdN953kgDF3R0QiXNnckX8l1UxC3N0bN7lkbf1IaysMnkySNAeMA17rfLc23nvLVNhcrJ4mQ6M1zNyqolc_vHTyfkNWz_immWTHotpdi6MDoBRVbBh3snGLqPhDi_BVuzm-Tp7quXsKwqwYhrhRqsIx1T-28OiPEbqdFPapPXm-YdWAKsRgJirrXCA7W2x--F2wjGdGE3-6JucPmfdWmg-nx7wDU0uy86xMpR0_clLwzc9g5_7Z7db8K5bPLXanIvlMlX4xtbZ-9N0WRDRSDWReKlLouc2EP8YUYiixHcx9bJTTp5xkHnRU95gEpleRauVNUKTNAfWJ8UCdJLFmkm6rgknc7X8tnFDtda6RzMt-Id6WH03z5OMGad-dDY-ICkdLmkMJOEqetRpSxkHsMgUdTyCfDDxeMJJelZTxbCu6HMoLdDoLEiKHCr4UwVrxXXYEpi9f16z_aqBwQIFlVZtDG7fYFLWNKfBVcm8PHrShwxDjjDodPv8KuVYiV52kqI2gDu2VoaOZm3BVBN9FiUczbSwTLIPBuOn9bbAu1312QGrSYANVCErDsBhF8XE5ILs6b6Vzr4P-olgrxyuVIVwuLJOtOO5tb14c498shUA-Aby-HDLBRRB8RBi6gE4DI_GnBrbY_FYvhTFONhaGVPxPoayST6xedNWEllceI1CpFUoe_QjW4NxR4aVLQ10LTQNz0iTNAC8sLjpkkevwO4sFM8bw_nY44RVMQM8HgoHtTfTN000YG1BXkBSFoS8yLkf0_Fz3xPMAI98C6ezkvx8E_gLsyBynHx1zDBIBQxZ9Kl9ZF_dDUdCqq9nNTyUMD2i15JduC0NfGwpoYvePqiP2O7tdBPgq-yCocDwWKpeLXrAkfq58pmTElsAhR1uiK2WjcVKt_1Eh6LrbFr4aff5QicdyxvKwrVrhIYpXR84DJmMYmPGZwMr1Ft14116JhNa_MnDZYT6h0dS-KtGr8UGt2AYez4Nl99L_WfEcFOup2kEyc0w5KsEuNkjK8lF9Scp1d3IY2gl0pHIXHjgiDhm4iOFGcBxMdijuUspsAXYIiCtegKTY1PRsaUKYRn2i_DqTwO-PwO2DBO8Tus450hlprTo3-zMYVgBOEkXPuRgfUnuNCttEWfFs10-0rKWNDJif7Cxi9HEaRovO5V68RjIBZ14TDPe0LF34XlzAP7IgUkv6BwNd2Bypzu6p_Y-NnYH8Pg_5ATD2tbWQ_Ext0acODsOvcvE8XTGiu7R7qxpb9hu9IXm2asYv4SC8xtL2XQMMSrVhuMSrws0L1KXKR9RrcVZ0AensIqcUyONJOpFdSLCigvDKU2kzI-Hhjlt42CRhFOQeOlolQ6C5ct4Drv1NwB9LZjPw5_sthUj1IOgfhDTFa-p-bp_EhkRAMG9B6clsOwSBYDBoM2sUWpiac5CQiVaHyGyy_eX9GCi1hUd9L27nPCBia5eN8viqQ17jYfkdfqx0BW1OADuI6hU4Hz1aK7UuYXCXuIOLKCCYSf5wqm8WsSAw2LzBtjOPIoe79m_rk4IYyTVeCHryS2s8lhcCW6VdKPMQ9kUuPSfMYkgGmr1Ad3vFJiTjVZykv-rnCHFjj25AyzhxkhecLp9hm354NQFMFOEytZR053CidTRTR-6c42iOChqEj8njU2UnJxKYZmOuCO9iLdJvEzIBaarmc4qIWHH0UZ4OAxfHnftVQXuvJ0IufHnDxFb4SOO8qOhRBWptcuZV4n3HgZUa2mWaM5GadkKpB2uueCjN1Ya-P-cZTKTKXzxOIA_HIolpSGvguUv3vyUVjrRt6XrS_oBzgh3Ge16lA-m3mEixGiqqaiHwhYnJk8z9iwoVq-YZIdVT-OC0JQ86HkqDoLk6PyiY1AaBNtE0VIAnwfvTjaWmXVv5tu-vjBw2kGkjeklp6rNRZ6ebTuCwhXxJuPRwlumSAUU4jI8iQWuaNVNvdm1PvZhxBJpNyQFX6am2Kdq1uM8GY7S7H-mdgRDo-wwto6D0-FdzycacwC9fZLme6W2Ei_OUmc1LAddheFs05gMgNhspVPbohsp6Mor2NA0HnfioByUcHRq4SYPkQmRatH4rtnH1odURWnek0N-2yazL3bv2KUfDi0upJ1Y97gPtYNvGHGEVse7G-d_elHWlr5ChnCNSfQjE_Sdx9flRLsy-NifUOrqMOR3hV_QSsFrwdNQL7kGsug-AhZ2OFXwl9lsXFquuli7Wz2v8qxNyJQ-dPoUqCZ5DfPr2_gJmVr_6knr9nkFr_bLyejzC7zR6mE0SCg7JYLBIY4uOt9f91GU3gdE3C5SyrGQbTuu7G18fgObDzPPtD6RyCTJQ7CibKP5jsPXSFvuTocGokljhZQHM5Wk64ropBC3wkQQifMX_c8LgSeZVmh1i-3pp8KLCEkUiI-ryJ7kUh5V80gKEe1ZTstTty9pTT4r7DzPJTvQIMyftjuo_1oVUiKDr2nAVh68k5dNTTTM0W2Tp0HhAqSbPS8PMYeVZMRVFcW3xxo6hRIY2vmnTHSLoxyjYimAyddFapY2lVA4VUfc_ZPQ03LqtlsJa4UgC7n0WOG9DL7G-uHGPRjPb11S5BTxjoxjVzCP7sH7HS2GlxQ-YV4gzJUDlJwGY&cid=CAASJeRoSENqqoXAY9-3MQ8f67n-fiXX33acBmCy67B8-YrIEwSXwFo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:49:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:49:57 GMT
smtr
contextual.media.net/ Frame 3176 		89 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=HARMONY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&kwrf=https%3A%2F%2Fadx.holmesmind.com&nse=5&vi=1661073727527117685&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44BexN/g4&bcpf=8fOnRrolnfOur8B44BexN%2Fg4&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0652265294t202208210922&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=VIC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c62b7ba635a97ceda7194355e506b35c7ad88bd1dc7e981d973d6fc8659e5ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sun, 21 Aug 2022 09:22:08 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-q742
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33543
x-sc-w
21-fx15
bping.php
lg3.media.net/ Frame 3176 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=557&&vgd_cdv=781&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1661073727527117685&ugd=4&lf=6&kwrf=https%3A%2F%2Fadx.holmesmind.com&cc=AU&sc=VIC&lper=100&wsip=2886994965&r=1661073727774&requrl=https%3A%2F%2Fwww.bg3.co&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=140952&vgd_rakh=1661073727176305376&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0652265294t202208210922&vgd_pgids=1&vgd_uspa=0&hvsid=00001661073727771017418153016934&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sun, 21 Aug 2022 09:22:07 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=30038
content-length
15
checksync.php
contextual.media.net/ Frame C7FD 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d9e838e11e53e28982fab39b9239fd02223517740e15a36d80cc781c2d2cfcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=94472
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:22:07 GMT
expires
Mon, 22 Aug 2022 11:36:39 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 3176 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4449&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=u4_xHlUMQYOeVMC95FypUw&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.9951692E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=20.0&adj0=0.0&tmax=300&s_ip=74.125.190.134&adj2=0.0&adj1=0.0&feedback_id=u4_xHlUMQYOeVMC95FypUw&adtypes=0&mx_aabpc=0&reqid=u4_xHlUMQYOeVMC95FypUw&sc=AU-VIC&sd=1&mowxReqId=72f6917fa1ad4dcc8726d469b58c78b6_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1661073726575&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-357234536-35-25&coppa_enf=true&bdp=0.020&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=72f6917fa1ad4dcc8726d469b58c78b6&actltime=26&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.014&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEEy_xJdbkgGFJpG4-KS78Iw&chnl=HARMONY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1661074326829&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.014&pvdTmax=255&ltime=26.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=37145514735832_2103959400_52982010441&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=31&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-7br45&currsrc_date=2022-08-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-21+09%3A22%3A06&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET7Ay8pXmFMbDevGumLLjgbutC8ZMKsa9BJFQjVPpR1uE6EJO07DKrbfLmyNO0GrjUz9&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-rzk2q.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D508~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022082103~iurl_b%3D63775.51~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.15~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D40~riipua%3D104%2C104~et%3D18~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082104~vis_b%3D148.63~url_b%3D0.02~url_tvi%3D2095~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw3BuYdREPsnhiCr~btd%3D15749759548019670152535502477589427031368148274129145121892978737794773771681796~d2p_l%3D70~3pcf%3D1~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.89~ogd2p_b%3D0.89~vurl_b%3D0.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D20.5~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dmelbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.61~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.92~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.014%7Edmm%3Dharmony%7Esuid%3DCAESEEy_xJdbkgGFJpG4-KS78Iw%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.9951692E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=1197&sf=0&cpr=0.23446276206459915
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 21 Aug 2022 09:22:07 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 21 Aug 2022 15:22:07 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B610 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 22:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299815
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 22:05:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1FBF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
55211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 18:01:56 GMT
etag
48472445140208031
expires
Sun, 21 Aug 2022 18:01:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 338C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 09:22:07 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 338C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 09:22:07 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 338C 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 16 Aug 2023 09:22:07 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 338C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 16 Aug 2023 09:22:07 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 338C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Qmf-ecX2B55t9KTpvr6QgZprK9TLM8R9Xk0U5tqRBswB7P6RGJMvX0VuYs14g7ovUd5FqGQsTpkgmdPg8DdiUYO1Ijg0o1tFUw0kII2SOkU8f0KtMEUYQtxAB2U7k5Z-ZEmqDdpRmulsti39xznN7yzoKAmBIaKHKAfU9hOo_guvQsV1lwdJAALrdw_VELjpmwnCynfEWgfZrPyKmJqmTM1XuLbc6xXNoRGbxk4OcJ4WYHKgMbmEursTxnQBKbKgWqu0yciR0INHRpxTyVyB0ErhhrSOvTuwPLrbqbUqxHBUYcjRIC4hDWELUlqE2NBKaxnmDE7VynE-JxVvRWdT7aDnElIBCItT3FZVWaf9cq64wl0_Q9CkgZgOT0UMbFSsUEv0ffBgd8y_FnYnxU3YGV185dJDqbM-V4H-riGyKW81yelW
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:07 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2801200
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D21B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 22:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299815
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 22:05:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B9D3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
55211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 18:01:56 GMT
etag
48472445140208031
expires
Sun, 21 Aug 2022 18:01:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DC62 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
55211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 18:01:56 GMT
etag
48472445140208031
expires
Sun, 21 Aug 2022 18:01:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 338C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2113184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apE%2FhROHT5OfEMJus6qWUf1EnXNV7v5HRb2bYX%2Bgfczz6PDumEd7v8oB77t943noG8xhfZI8kbBB2c5C1yu9t8Qh8WXdgPsCQwYytua%2B7n1BwGHesiG%2BJnfSMneLORhmyGGiUC1C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73e24d70de675a73-MEL
expires
Fri, 11 Aug 2023 09:22:08 GMT
pixel
cm.g.doubleclick.net/ Frame 1FBF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENHlO3NWGwMzBY5uH8CUWEU&google_cver=1&google_push=AehlK4Bo4jJk-ucA7G6r6ZiaddCMizfNxQYK6EE5lM9TifmqYlP8wFGimYP8o5rlqoNZH9m7QOYURiGiTxSfc09p...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4Bo4jJk-ucA7G6r6ZiaddCMizfNxQYK6EE5lM9TifmqYlP8wFGimYP8o5rlqoNZH9m7QOYURiGiTxSfc09phPoFbDMYZ1XbaGZFdmV3ciqzlC_e39...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4Bo4jJk-ucA7G6r6ZiaddCMizfNxQYK6EE5lM9TifmqYlP8wFGimYP8o5rlqoNZH9m7QOYURiGiTxSfc09phPoFbDMYZ1XbaGZFdmV3ciqzlC_e395hR-rInoIC9kwrZNQSAu6_IxrCyw
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 21 Aug 2022 09:22:08 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4Bo4jJk-ucA7G6r6ZiaddCMizfNxQYK6EE5lM9TifmqYlP8wFGimYP8o5rlqoNZH9m7QOYURiGiTxSfc09phPoFbDMYZ1XbaGZFdmV3ciqzlC_e395hR-rInoIC9kwrZNQSAu6_IxrCyw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Aug 2022 09:22:07 GMT
i.match
s.tribalfusion.com/z/ Frame 1FBF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEACr7teCQr33uss478j7A7M&google_cver=1&google_push=AehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9Z...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEACr7teCQr33uss478j7A7M&google_cver=1&google_push=AehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO...
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEACr7teCQr33uss478j7A7M&google_cver=1&google_push=AehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9ZPgxPPS1l31gzK5XNd3IuGYfll5WnQRtED9GEtkQa5IVqg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9ZPgxPPS1l31gzK5XNd3IuGYfll5WnQRtED9GEtkQa5IVqg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73e24d7308c1df2c-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
12207
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73e24d714e87df2c-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEACr7teCQr33uss478j7A7M&google_cver=1&google_push=AehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9ZPgxPPS1l31gzK5XNd3IuGYfll5WnQRtED9GEtkQa5IVqg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AoUDs-afCFUB7AgAtg6bfWJaKVSOqZ3x3b3jZaTZTnntSpuH-bIiQKHvCSSQh2ZIFgf5jplPpDKHIVOYMiqb_OwQlvvnO9ZPgxPPS1l31gzK5XNd3IuGYfll5WnQRtED9GEtkQa5IVqg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
gdn.socdm.com/rtb/ Frame 1FBF
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEAKdXbFui3cITjkJ_Su8eWE&google_cver=1&google_push=AehlK4BLi29ajVnomWc5tur3gyEeeUFs_KwzYdpK5s8y0y8hygxNqcATvN5v1mUxYk83C...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXdINVFNQ284WVVBQU9WaUFsQUFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEAKdXbFui3cITjkJ_Su8eWE&google_cver=1
43 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEAKdXbFui3cITjkJ_Su8eWE&google_cver=1
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
124.146.215.3 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEAKdXbFui3cITjkJ_Su8eWE&google_cver=1","cluster_id":21,"gdpr":false,"ipv4":"103.209.254.5","key":"YwH5QMCo8YUAAOViAlAAAAAA","privacy_sensitive":false,"uid":"YwH5QMCo8YUAAOViAlAAAAAA","upstream_id":"a-ad40195"}
X-SO-Key
YwH5QMCo8YUAAOViAlAAAAAA
X-SO-Upstream-ID
a-ad40195
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40195.dc2p.scaleout.jp
X-SO-UID
YwH5QMCo8YUAAOViAlAAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
103.209.254.5
X-SO-Cluster-ID
21
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
10
X-SO-LB-Hostname
m-ng7.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEAKdXbFui3cITjkJ_Su8eWE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adx_sync
ad.audience73.com/ Frame 1FBF 		0
0
pixel
cm.g.doubleclick.net/ Frame 1FBF
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEBS3aZLPNqSVlcR4g7E4rRw&c_param1=AehlK4DEFnTHlp56EAhZSLSeUaFRAz4dPFsHojT8jaLAQVBGAKFHpGICGGN2HOkCavQyRLLbxSa1wzvrOISOXj5LhD8RbH4mWDoysTl6uDtJLTcE3rK...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4DEFnTHlp56EAhZSLSeUaFRAz4dPFsHojT8jaLAQVBGAKFHpGICGGN2HOkCavQyRLLbxSa1wzvrOISOXj5LhD8RbH4mWDoysTl6uDtJLTcE3rKa9Cfu6EV1ABNjqod_U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4DEFnTHlp56EAhZSLSeUaFRAz4dPFsHojT8jaLAQVBGAKFHpGICGGN2HOkCavQyRLLbxSa1wzvrOISOXj5LhD8RbH4mWDoysTl6uDtJLTcE3rKa9Cfu6EV1ABNjqod_Uv6XWkZc5Y5_
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4DEFnTHlp56EAhZSLSeUaFRAz4dPFsHojT8jaLAQVBGAKFHpGICGGN2HOkCavQyRLLbxSa1wzvrOISOXj5LhD8RbH4mWDoysTl6uDtJLTcE3rKa9Cfu6EV1ABNjqod_Uv6XWkZc5Y5_
date
Sun, 21 Aug 2022 09:22:08 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1FBF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&google_nid=index&google_push=AehlK4DwgocZIlt7pLpwVripbJKAKw9KInJHd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&google_nid=index&google_push=AehlK4DwgocZIlt7pLpwVripbJKAKw9KInJHdqRhfrlPIaHrlFu_wBwHy6NXWIAWKNK-Y4aDhIdaoiy3aXRNY4RQY9iKYyffqBAgxnRkyzJrijMKB650WWgVgQpNmPQJJKjq8NhorA4IDmX9
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FsciZeESMdk8dEmtJftkTmHNyeD7gVhmzTrQZBgGGew8aQLJODQ973tY7J1RbtmRRxRMeSCuUFfR0S7w38pv5himJ%2FY%2Fc7I52Ajp0IwvBatjphx31NnqYMXikQy753jUwtpVYIFOAoL0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&google_nid=index&google_push=AehlK4DwgocZIlt7pLpwVripbJKAKw9KInJHdqRhfrlPIaHrlFu_wBwHy6NXWIAWKNK-Y4aDhIdaoiy3aXRNY4RQY9iKYyffqBAgxnRkyzJrijMKB650WWgVgQpNmPQJJKjq8NhorA4IDmX9
cache-control
no-cache
cf-ray
73e24d714ed3df28-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 1FBF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAxj_5jtuW259E4iZKpCHP0&google_cver=1&google_push=AehlK4DSFF-oO1XH0bCVAgU5vUaPCVgHqtj6JECAM1D-2_0xOrh-OEVub4BV8q1SdliXnThjxJrWm444_xx6...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1j9WPg3QCRCdtNoLEK8RsLcYjWtCouw&google_push=AehlK4DSFF-oO1XH0bCVAgU5vUaPCVgHqtj6JECAM1D-2_0xOrh-OEVub4BV8q1SdliXnThjxJrWm444_x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1j9WPg3QCRCdtNoLEK8RsLcYjWtCouw&google_push=AehlK4DSFF-oO1XH0bCVAgU5vUaPCVgHqtj6JECAM1D-2_0xOrh-OEVub4BV8q1SdliXnThjxJrWm444_xx6C_3ZR3ThV63yn0_EaZVYYcJHbmEOs1VnGsVDXgt0NqJuWQsFN-CmC-eA3GBtlw
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1j9WPg3QCRCdtNoLEK8RsLcYjWtCouw&google_push=AehlK4DSFF-oO1XH0bCVAgU5vUaPCVgHqtj6JECAM1D-2_0xOrh-OEVub4BV8q1SdliXnThjxJrWm444_xx6C_3ZR3ThV63yn0_EaZVYYcJHbmEOs1VnGsVDXgt0NqJuWQsFN-CmC-eA3GBtlw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 1FBF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1A7kPjb9f-42Lz05wqabmeECmu7yNwH1H7lIxk_DCV63fGU8_Zu38Z9Ch98Z_bKQuhT3B
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 844F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
243567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 13:42:41 GMT
expires
Fri, 18 Aug 2023 13:42:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cksync
cs.media.net/ Frame C7FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK1WgSDhf9lojynpKcTu7BQ&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK1WgSDhf9lojynpKcTu7BQ&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 21 Aug 2022 09:22:08 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK1WgSDhf9lojynpKcTu7BQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame C7FD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 21 Aug 2022 09:22:08 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
animejs.js
static.criteo.net/animejs/ Frame 338C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 09:22:08 GMT
dpixel
cms.quantserve.com/ Frame B9D3 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAgB71NMikQaMh9AEIJ_NDw&google_cver=1&google_push=AehlK4DSYtHDazA0gCgz0llXdm5JyYHT0OdJG5UG4Kav_iMypYA8E7IksxAJ_LH4rtVoqVKcszW14MJcAwyIQraK2WIkxWZjnxRD9uFrXEgKh4h7X-TxYsgHsJEJ8oX0YC-MlYp5QbdjBKyC0oWDC-40zIo
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B9D3
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=N2M2ZmQ5ZTUtYmJkMy00NjU2LTgwYjYtMGZmZWM0M2NiMWRh&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4Cx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=N2M2ZmQ5ZTUtYmJkMy00NjU2LTgwYjYtMGZmZWM0M2NiMWRh&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4CxdYsXt_i4FGxVtoJmxI_SrJpUVp5vKbWTRrnoSrb0Y2uWT0ZFzDJaKONgIp3bp-2-DFLLm3JXDcqPzo-9PSJrws10E92jTjN6iUUOCeRolkPNu-2h0GIQUQIOza-wYZmTKVOWgLOB94QE4aYTcw
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=N2M2ZmQ5ZTUtYmJkMy00NjU2LTgwYjYtMGZmZWM0M2NiMWRh&google_gid=CAESEFhfihHzXHPDQPVzBhSI0BE&google_cver=1&google_push=AehlK4CxdYsXt_i4FGxVtoJmxI_SrJpUVp5vKbWTRrnoSrb0Y2uWT0ZFzDJaKONgIp3bp-2-DFLLm3JXDcqPzo-9PSJrws10E92jTjN6iUUOCeRolkPNu-2h0GIQUQIOza-wYZmTKVOWgLOB94QE4aYTcw
date
Sun, 21 Aug 2022 09:22:08 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B9D3
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEDal4BfW8te-ZMYKrnUWYPo&google_cver=1&google_push=AehlK4CAHnB2LWPG9WhZBCfiEyntC7rv0AU1Wce5st5M2K8l4iFdIHJqPssJ6jrCT1urTrKNRJw1h0f047WguDK-7cBBE6R6OKBpBPWTv...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CAHnB2LWPG9WhZBCfiEyntC7rv0AU1Wce5st5M2K8l4iFdIHJqPssJ6jrCT1urTrKNRJw1h0f047WguDK-7cBBE6R6OKBpBPWTvgYNp5_a0mrRKRY6ImVyOXEWUH0o6T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CAHnB2LWPG9WhZBCfiEyntC7rv0AU1Wce5st5M2K8l4iFdIHJqPssJ6jrCT1urTrKNRJw1h0f047WguDK-7cBBE6R6OKBpBPWTvgYNp5_a0mrRKRY6ImVyOXEWUH0o6Tfj7-XxbptOGF6RFtlLgQ&google_hm=NTA1OU04MDBzQkRHYTAwN0JtVU4
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Sun, 21 Aug 2022 09:22:08 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4CAHnB2LWPG9WhZBCfiEyntC7rv0AU1Wce5st5M2K8l4iFdIHJqPssJ6jrCT1urTrKNRJw1h0f047WguDK-7cBBE6R6OKBpBPWTvgYNp5_a0mrRKRY6ImVyOXEWUH0o6Tfj7-XxbptOGF6RFtlLgQ&google_hm=NTA1OU04MDBzQkRHYTAwN0JtVU4
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame B9D3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&google_nid=index&google_push=AehlK4DYpE7D9S0Dqk9yL1yzWh7QPlL2wPQim...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&google_nid=index&google_push=AehlK4DYpE7D9S0Dqk9yL1yzWh7QPlL2wPQimORjOirlKpjzwYW39Z5edc55rN44C0jMHxH-nucvz44VOvEZrB30v9ezzJpdYbnaFmphEd6dTSBD20wmyEVMTzy0vC-gcN475tB5O1Wwa0WqjXaEKuHoZXU
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uierYwY7K4gbpp5ZFCIBsq%2FnDkUWDM6yUu3fIIYMgVzY%2BKAYBzYrsNgVx5m0tMmeoUCO%2BpQp29XO13SoDbgQGSB3FqIcPu8H%2FHz072pYRHM%2FhoiHWHKPyd9PFqPsterCs3j9AYndp0Oq4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&google_nid=index&google_push=AehlK4DYpE7D9S0Dqk9yL1yzWh7QPlL2wPQimORjOirlKpjzwYW39Z5edc55rN44C0jMHxH-nucvz44VOvEZrB30v9ezzJpdYbnaFmphEd6dTSBD20wmyEVMTzy0vC-gcN475tB5O1Wwa0WqjXaEKuHoZXU
cache-control
no-cache
cf-ray
73e24d714ed4df28-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame B9D3
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEMBEthfDFsiGpw_sJ5igdHQ&google_cver=1&google_push=AehlK4DorID-fFHFGa223QEFsaAFtfyhwIdXnRVHKK7snr8GApBxkHYJT_wda3lZSewGaKELbU2C5cBxznspwjZpU...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4DorID-fFHFGa223QEFsaAFtfyhwIdXnRVHKK7snr8GApBxkHYJT_wda3lZSewGaKELbU2C5cBxznspwjZpUUeV02OZfj8pifhFuldcLmL_oZaGoVSOJBv_hECEDJw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4DorID-fFHFGa223QEFsaAFtfyhwIdXnRVHKK7snr8GApBxkHYJT_wda3lZSewGaKELbU2C5cBxznspwjZpUUeV02OZfj8pifhFuldcLmL_oZaGoVSOJBv_hECEDJw2xyXIQcc5mc35wBmRhoYRM0Q&google_hm=AcZQlW1s1UmKjdA62i43OB4
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4DorID-fFHFGa223QEFsaAFtfyhwIdXnRVHKK7snr8GApBxkHYJT_wda3lZSewGaKELbU2C5cBxznspwjZpUUeV02OZfj8pifhFuldcLmL_oZaGoVSOJBv_hECEDJw2xyXIQcc5mc35wBmRhoYRM0Q&google_hm=AcZQlW1s1UmKjdA62i43OB4
Date
Sun, 21 Aug 2022 09:22:08 GMT
Server
Apache
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame B9D3
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEK1WgSDhf9lojynpKcTu7BQ&google_cver=1&google_push=AehlK4CGJYjNek65bvktFZyFZacH_TQi0CJDV3tOPpMJR_-dl92NoqnWzqINUhrKyKvzzVkO6gXU3B50AoWeu2vgTgbKxVxXW...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3d%3d&mn_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4CGJYjNek65bvktFZyFZacH_TQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3d%3d&mn_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4CGJYjNek65bvktFZyFZacH_TQi0CJDV3tOPpMJR_-dl92NoqnWzqINUhrKyKvzzVkO6gXU3B50AoWeu2vgTgbKxVxXWSnp1WV8E4mQkVmofgZUC537irpmGTfaxgYTRQdi55BUbdYaLVBQuuZEEw&gdpr=&gdpr_consent=
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3d%3d&mn_hm=MzA0MDc1MzI3MTUzMDExMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4CGJYjNek65bvktFZyFZacH_TQi0CJDV3tOPpMJR_-dl92NoqnWzqINUhrKyKvzzVkO6gXU3B50AoWeu2vgTgbKxVxXWSnp1WV8E4mQkVmofgZUC537irpmGTfaxgYTRQdi55BUbdYaLVBQuuZEEw&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Sun, 21 Aug 2022 09:22:08 GMT
dot.gif
s0.2mdn.net/ Frame B9D3 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEJilhmmjVTAHpvblPC1j9Ic&google_cver=1&google_push=AehlK4AuEdaTAtpLVmyz_pkv3fAb40YpGSyQWGN_exO1CJHhUIOMuiNvT5_tIJQNljgVTX8MsGNbIcUI8rcZ_V3nyexKDdlfxzyZgjWSQ9Zkf4YAYgap7r6w4KTRK_ldBMOCvD0Hmqd2J04b-qmvTWcgM-w
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Aug 2022 09:22:08 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B9D3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LvMv-bFTA5bTpullUQpPjySTBN9ssO1dbVwaxhXFxyLUziJix_uUUHizkLMA1bLl1sb-iwlg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
img
pix.as.criteo.net/img/ Frame 338C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=72012&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F72012%2F200720%2Fa10594f6ee2a4bc0be2e555e8359e1a3_logo_n_square.png&v=3&w=236&s=GNp9mzgMW1yvFagMIUv2bVrT
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a187a330f0cc465b995180b65ef92a7bc481149aa186e83e8099fd10acc1cfe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26594282
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11078
expires
Sun, 25 Jun 2023 04:40:11 GMT
img
pix.as.criteo.net/img/ Frame 338C 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=72012&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F72012%2F220111%2Fe0667fb3f7054c05ae123f64ab9a665e_img_vertical_1.jpg&v=3&w=1200&s=hcJMXAFQCKcuSus98x8vzN6e
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
afb64c0ac0ff75a8ede1c6c9d9cd7065b3bbf7f98b7bc25ab4079aa04354414f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28777588
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
154694
expires
Thu, 20 Jul 2023 11:08:36 GMT
img
pix.as.criteo.net/img/ Frame 338C 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72012&q=80&r=0&u=https%3A%2F%2Fchefgood.com.au%2Fwp-content%2Fuploads%2F2022%2F08%2FGoogle-Shopping_meal-plans_052022_600px_EW_NG2.jpg&v=3&w=400&s=G-yq5C4U8IZ6nB_dpQ8pIuG8&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
81bece4632174e64919595df99efe1e9dd950304aefd12fd3eb08fce68f4760f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=265486
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
41964
expires
Wed, 24 Aug 2022 11:06:54 GMT
img
pix.as.criteo.net/img/ Frame 338C 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72012&q=80&r=0&u=https%3A%2F%2Fchefgood.com.au%2Fwp-content%2Fuploads%2F2022%2F08%2FGoogle-Shopping_meal-plans_072022_600px_EW_HP2.jpg&v=3&w=400&s=01vLQHQo4ni89_MKFsk80ij0&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
aacced85d906dbfbb18f27313386349b928fff5490e123037ee24f83d312363c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=265507
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
36718
expires
Wed, 24 Aug 2022 11:07:16 GMT
all
csm.as.criteo.net/ Frame 338C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=WXV1rejV9mAYiezAQiPK1zGGF5F5xuQEIxrt8DYCcna1mU0J7fXuBZlHT-sy5GV08VjRJ3mN7XsT9MFb4LDS4yEaJoqplwptXgAidEjQRi7gm8el-RVMr32fyMCGv_DPWjWT2Lfp9hHimooKfSizGDZ0_L_SkOmjt-v4NmbyRRJSavhGOl1Js4Sq2oYd5bcwrG4uSUnENFfEfok_kcb8dt3t3qwt7en8DcRb55O7PBJPtWNsmCAQlPIGfGZDjNAn3p8BvA&sds=2&rev=82471&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 09:22:07 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 338C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 09:22:08 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 338C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 09:22:08 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 64EF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
243567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 13:42:41 GMT
expires
Fri, 18 Aug 2023 13:42:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame DC62
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEPUbN_RykOwwp1GiH6h8Qsk&google_cver=1&google_push=AehlK4DG4VSPgwpUegbeGXD56Uas1X60wSJWxfiKLmrCfA8JTlyUWbAAzl7w6GieMXj3FYeyNfPA1TtSiYerhHlQwl3G38K4...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4DG4VSPgwpUegbeGXD56Uas1X60wSJWxfiKLmrCfA8JTlyUWbAAzl7w6GieMXj3FYeyNfPA1TtSiYerhHlQwl3G38K4H_U8UpWKDQYMR3Up9R4Yf1ZHVUnZ2ZRUtLPS0S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4DG4VSPgwpUegbeGXD56Uas1X60wSJWxfiKLmrCfA8JTlyUWbAAzl7w6GieMXj3FYeyNfPA1TtSiYerhHlQwl3G38K4H_U8UpWKDQYMR3Up9R4Yf1ZHVUnZ2ZRUtLPS0SdajjRrkkz91Q63YfM8aA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4DG4VSPgwpUegbeGXD56Uas1X60wSJWxfiKLmrCfA8JTlyUWbAAzl7w6GieMXj3FYeyNfPA1TtSiYerhHlQwl3G38K4H_U8UpWKDQYMR3Up9R4Yf1ZHVUnZ2ZRUtLPS0SdajjRrkkz91Q63YfM8aA
Date
Sun, 21 Aug 2022 09:22:08 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame DC62
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEAG0y5qwPTnV8T2GIpBbZM4&google_cver=1&google_push=AehlK4B3R1_zEN-yejLY80fue68FOjhlKMTSUBfF751YwBXjLfjzEf3fld3BX4aavNiwhtDagJcw-...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4B3R1_zEN-yejLY80fue68FOjhlKMTSUBfF751YwBXjLfjzEf3fld3BX4aavNiwhtDagJcw-kk7SmmuNbTEht9JkvNMRyvuNIiTFOmNpiAa0IJZOHmNDmvzDpUn2p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4B3R1_zEN-yejLY80fue68FOjhlKMTSUBfF751YwBXjLfjzEf3fld3BX4aavNiwhtDagJcw-kk7SmmuNbTEht9JkvNMRyvuNIiTFOmNpiAa0IJZOHmNDmvzDpUn2pTxQz4ebl93mBYGpF4zZ7s0zew&google_hm=SWhxQWRPSG5idGdNQlFzZ2tsalRIZVZNclQ0&from_google=sp1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:08 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4B3R1_zEN-yejLY80fue68FOjhlKMTSUBfF751YwBXjLfjzEf3fld3BX4aavNiwhtDagJcw-kk7SmmuNbTEht9JkvNMRyvuNIiTFOmNpiAa0IJZOHmNDmvzDpUn2pTxQz4ebl93mBYGpF4zZ7s0zew&google_hm=SWhxQWRPSG5idGdNQlFzZ2tsalRIZVZNclQ0&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame DC62
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIN33tDtydpIxJifAXnJC54&google_cver=1&google_push=AehlK4BnvHmHCIWyPQ7J4WRwWgHPkWaeCJ-GadpSc0ftlLdzRC9GpZ36Kx5Bfao16nokz8Q3V5kgJ1XPYrdytd8US2cLGYA...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BnvHmHCIWyPQ7J4WRwWgHPkWaeCJ-GadpSc0ftlLdzRC9GpZ36Kx5Bfao16nokz8Q3V5kgJ1XPYrdytd8US2cLGYAp1ciFnhXJ1pc54V3JPwihkSjvS0XutqxMn4E0z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BnvHmHCIWyPQ7J4WRwWgHPkWaeCJ-GadpSc0ftlLdzRC9GpZ36Kx5Bfao16nokz8Q3V5kgJ1XPYrdytd8US2cLGYAp1ciFnhXJ1pc54V3JPwihkSjvS0XutqxMn4E0zlbRNGr0BKAbwmzs_-uUMw&google_hm=MjE2Nzk0MjgxMzgzNTgzNjg0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Aug 2022 09:22:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BnvHmHCIWyPQ7J4WRwWgHPkWaeCJ-GadpSc0ftlLdzRC9GpZ36Kx5Bfao16nokz8Q3V5kgJ1XPYrdytd8US2cLGYAp1ciFnhXJ1pc54V3JPwihkSjvS0XutqxMn4E0zlbRNGr0BKAbwmzs_-uUMw&google_hm=MjE2Nzk0MjgxMzgzNTgzNjg0Mg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame DC62
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENha-KOU19oZNpsboZLtmMA&google_cver=1&google_push=AehlK4Ag3qRkL34S9XjBCli170M0vTwC-N4vnV6K_NOfLEZL_T1yANAnDgpNS35GuzIsv-oy4XPlr6fqyZ8rIqo8mu...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE5MDgyNDAzOTY3NjAyMzU3MTI&google_push=AehlK4Ag3qRkL34S9XjBCli170M0vTwC-N4vnV6K_NOfLEZL_T1yANAnDgpNS35GuzIsv-oy4XPlr6fqyZ8rIqo8mu9c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE5MDgyNDAzOTY3NjAyMzU3MTI&google_push=AehlK4Ag3qRkL34S9XjBCli170M0vTwC-N4vnV6K_NOfLEZL_T1yANAnDgpNS35GuzIsv-oy4XPlr6fqyZ8rIqo8mu9cumKw4CDlEC1SXXlyG-W8pziXg36zs6rlZ6Ap0fa6gUZrb8vVqtO4d1Afmqj87A0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE5MDgyNDAzOTY3NjAyMzU3MTI&google_push=AehlK4Ag3qRkL34S9XjBCli170M0vTwC-N4vnV6K_NOfLEZL_T1yANAnDgpNS35GuzIsv-oy4XPlr6fqyZ8rIqo8mu9cumKw4CDlEC1SXXlyG-W8pziXg36zs6rlZ6Ap0fa6gUZrb8vVqtO4d1Afmqj87A0
Date
Sun, 21 Aug 2022 09:22:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame DC62
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJK3yuSmshtoq8nSpU-7eng&google_cver=1&google_push=AehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERNTIkrmMGxijeq70dOx9OrmlQB8PqT...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJK3yuSmshtoq8nSpU-7eng%26google_cver%3D1%26google_push%3DAehlK4C9iPR38ZALGZXzW-...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1908240396760235712&exchange=193&google_gid=CAESEJK3yuSmshtoq8nSpU-7eng&google_cver=1&google_push=AehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERN...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE5MDgyNDAzOTY3NjAyMzU3MTI&google_push=AehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERNTIkrmMGxijeq70dOx9OrmlQB8Pq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE5MDgyNDAzOTY3NjAyMzU3MTI&google_push=AehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERNTIkrmMGxijeq70dOx9OrmlQB8PqTGGbrHQPFtffZMEkmOfFnfVdrJP-qLW2IHF3ilzSGcUWFdAJAGnUIdr4j1ASx40FQxPq6gI-VHnI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE5MDgyNDAzOTY3NjAyMzU3MTI&google_push=AehlK4C9iPR38ZALGZXzW-FCH-1iO-fcIhWGuxdeOJzOrH9NTERNTIkrmMGxijeq70dOx9OrmlQB8PqTGGbrHQPFtffZMEkmOfFnfVdrJP-qLW2IHF3ilzSGcUWFdAJAGnUIdr4j1ASx40FQxPq6gI-VHnI
Date
Sun, 21 Aug 2022 09:22:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame DC62
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEFTdbD5L__aSo01KjQMvF_A&google_cver=1&google_push=AehlK4BnB36gpFGikCBh5fMnWD5FZQhkyShIb8YHCqOg9MaP5yBgIsRYwIzAcfSx...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEFTdbD5L__aSo01KjQMvF_A&google_cver=1&google_push=AehlK4BnB36gpFGikCBh5fMnWD5FZQhkyShIb8YHCqOg9MaP5yBgIsRYwIzAcfSx...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4BnB36gpFGikCBh5fMnWD5FZQhkyShIb8YHCqOg9MaP5yBgIsRYwIzAcfSxXJ7rATAZZQUVX2jynJ2TPzpMwvqG2bUNsOx-UnccMZwRCFzUAF29URvakLR1jM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4BnB36gpFGikCBh5fMnWD5FZQhkyShIb8YHCqOg9MaP5yBgIsRYwIzAcfSxXJ7rATAZZQUVX2jynJ2TPzpMwvqG2bUNsOx-UnccMZwRCFzUAF29URvakLR1jMg1F7OClX0JiOEXotky2zbiDl0vjGo&google_hm=OE4xcEpFNkFKT3k=&suid-set=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:09 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4BnB36gpFGikCBh5fMnWD5FZQhkyShIb8YHCqOg9MaP5yBgIsRYwIzAcfSxXJ7rATAZZQUVX2jynJ2TPzpMwvqG2bUNsOx-UnccMZwRCFzUAF29URvakLR1jMg1F7OClX0JiOEXotky2zbiDl0vjGo&google_hm=OE4xcEpFNkFKT3k=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
/
onetag-sys.com/match/ Frame DC62
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAxj_5jtuW259E4iZKpCHP0&google_cver=1&google_push=AehlK4AALU4rikSLJ49tBdzWgsKf2Nh899aXEQ0GkvJ0U_W_-rJcnR73WuCo436qUXxG8Gvtcf7lPlNeJq4...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1j9Sr7X2wFshs2awltfyWlgd5QkEVxQ&google_push=AehlK4AALU4rikSLJ49tBdzWgsKf2Nh899aXEQ0GkvJ0U_W_-rJcnR73WuCo436qUXxG8Gvtcf7lPlNeJq...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DC62 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J21ADkGOhw1mrSNAsefj1zabEGQEzx-qETFsaFDeiDEte3havBff_-zbuWMmIioHDbpBwiA0c_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 844F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
402030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 17:41:38 GMT
css
fonts.googleapis.com/ Frame 338C 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
ESF /
Resource Hash
76c183c04077fce70fc2db1992cb7c178c323d5a9ba54300fa3d773b50e2a1af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 09:22:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 09:22:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 09:22:08 GMT
truncated
/ Frame 8FCC 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8FCC 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8FCC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 8FCC 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5308&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7Q12zzQUMhJ9Ad5NcSq0H4QANFJ-9iKylkvIFO3OR_D7dMEAPP7otv1VU8mFKcobUYrPUjUOg_n_6wsEKZFgw1NnDj1LpNQYam&cme=kjIvkcxpcoRdQCdVY2q6hqPQE30BOeNrssg_I7BtYP6udBJ05ipDMBRDnsvcLdDjLxlUGZ5QFIkmVDTNh775h1ze69sb4A8isR3krGaoUSWNr0V3gs-IxaMV01HOUuHA8UiEegGYI70A5CnJNG_AHqAS7cjaITxyCMu5FXJt2cBEsLomTKqJm4MOo-ZUXG8gZU7tOzGEyomfqTuOJ8z86drD-_LLXaE5%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7Cxrl5Md8q4--Fy0OUtnqyq87TUqV3eBzav9_8O2wUo_jlgFwn8JB2Og%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CUxNqWO2f2BNCaGtN-XP5CRQASumm8AibQ0IHXja4TSIgKEQQlRyOvH7Uq9dCbCnJC29hLG8eZtFFAzTnBX0dmvR_AHZ_B7qUwLvvv3da-UeY4hJbUKUGBn_NS9rP-6_VCxxJ_Gx7tvJwebSDbliYcb0vXmeoZ_R8QFPYSbmZ7fQ5d32NMivQucvBoX-bLrtUjC127y9bYTJR3eEXTdg396xT2T9_UwCiTotZRMNrg-8%3D%7C&v=1&geo=-37.81%7C144.96&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721327&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=30111142&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.50%7C63%3D0.32%7C66%3D0.23%7C60%3D0.29%7C62%3D1.74%7C10%3D3.98%7C1%3D0.46%7Cps%3D0.971%7C3%3D0.08%7C4%3D4.55&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.60%7C63%3D0.32%7C66%3D0.82%7C60%3D0.36%7C62%3D1.22%7C10%3D3.98%7C1%3D0.37%7Cps%3D0.971%7C3%3D0.39%7C4%3D5.00&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=340189069&kbc2[]=1%3D0.26%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.35%7C63%3D0.32%7C66%3D0.98%7C60%3D0.26%7C62%3D1.07%7C10%3D3.98%7Cps%3D0.562%7C3%3D0.25%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Website+Maker+App&kwd[]=Stocks+To+Invest+In&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=27190006&kbc2[]=1%3D0.69%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.27%7C63%3D0.32%7C66%3D0.82%7C60%3D0.69%7C62%3D1.34%7C10%3D3.98%7Cps%3D0.562%7C3%3D0.57%7C4%3D5.00&ktd[]=1126174818435328&ktrkt[]=Stocks+To+Invest+In&kwd[]=Best+Bank+for+a+Savings+Account&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=324879789&kbc2[]=1%3D0.43%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.62%7C63%3D0.32%7C66%3D0.82%7C60%3D0.36%7C62%3D0.72%7C10%3D3.98%7Cps%3D0.562%7C3%3D0.15%7C4%3D5.00&ktd[]=1126174818435328&ktrkt[]=Best+Bank+for+a+Savings+Account&cid=8CUABW64L&vwid=1661073727527117685&vi=1661073727527117685&tdAdd[]=ib%3D0&vsid=3040753271530168&tdAdd[]=asnum%3D140952&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=781&vgd_l3_sc=VIC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=holmesmind.com&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721327&vgd_nrrv=1219&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=melbourne&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1661073727176305376&sttm=1661073727771&upk=1661073728.23647&hvsid=00001661073727771017418153016934&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D140952&&vgd_vstrid=3040753271530168&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvX9W~ONfvu~QNOve8N~eM1QzvuH9iXf~ejfLMQOvf9ff9Wfu9A~8xLjMGvFAhhX.Xu~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.uX~8Evu_b76F~kGGv9~e8QMxLjMjvH9~L88Ex1vu9H%2Cu9H~J7vuW~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9Wfu9H~e8QMGvuHW.FA~xLjMGv9.9f~xLjM7e8vf9iX~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBARx3OD40Qzw8%3DL~G7OvuXhHihXiXHW9uiFh9uXfXAXX9fHhhXWiHfh9AuAFWuHWfhHufiuHXufuWifihWhAhhiHhhAhhuFWuhiF~OfEMjvh9~AENkvu~x8Yv9~myMYQwv9.9u~OYYMQ7Lyvw1LYmz5~OfEMGv9.Wi~myOfEMGv9.Wi~exLjMGv9.9i~QQvIK~x8Bvou~NJv9~LEQMGvf9.X~exLjMjvX9~%3DVvfhfA~z7QvA~7Gvou~N7vYJjGmxLzJ~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu9.Fu~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.if~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9uH~OYYvw1LYmz5~Qx8Ov%3DK4b445M-6OGUyZs6EZHoCbhWVB~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvOJk1xj7~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.iiXuFif4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXX&vgd_optout=0&vgd_cfud=220331&vgd_scsver=289&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=VIC&vgd_l1rhst=contextual.media.net&hvsid=00001661073727771017418153016934&subBdr=186&bdrid=4&rc=0&rand=1661073728241&acid=72f6917fa1ad4dcc8726d469b58c78b6&matm=1661073728241&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=1352&vgd_rtime=1348&vgd_etm=13&vgd_l1hcsd=A12%7C5535&vgd_l1ch=1&vgd_lhl=2795&vgd_pgid=p0652265294t202208210922&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7c75f56789-rzk2q.SG&vgd_sbSup=1&vgd_nrrs=1219&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fadx.holmesmind.com%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sun, 21 Aug 2022 09:22:08 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=31601
content-length
15
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 64EF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
402030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 17:41:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 22 Aug 2022 09:22:08 GMT
index.html
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 26B2 		86 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
0a05de643ac8c608138f3eda57b0efb0d59285892f4e2f26840f50abdc26fd8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
301023
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20029
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 21:45:05 GMT
expires
Thu, 17 Aug 2023 21:45:05 GMT
last-modified
Fri, 13 May 2022 01:12:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B610 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssg7-wpeR0l6ou1T4sThU5IuL7znJBdDHW5sO4ZXLCKbK1n-GvieYBA6SwwlG8wFJrojjT-fhzFh29uNaOjeYzQd81Oe2GlKKO_xK3spqvmkY4Hy7g1BVlo9S25mwd-Nlg_fLCOb5dzu4Jc7e__e0s0Mo8Jv02UiQwnD51wkQhPrM0CJQGWiRBxWo_fnTYNACJOvhoYD5MdD3XWlDrogO377YynEH4VzfWjnuT1Bx-30Ls1OXlRlaqyMyX7dlfabe_n1PfHDZ1ET8Wtr77UCljZ_9HiXLs65PozsJkluxhGsXu6vlit1zm45zN3OTFFVajf_Bj3S6zTnFNh6N-Ff3PTvDF-R5AUGqHoFkE8TfYWILAQcQL22_ehhE04dY3PRaOSkQCN3UrHlljogzTLpkFS59jCivh6OvxYIZTkUTzSc8vXZDPsnLDEyRG_bUbxu2KZlJJAsvFdQ1UDhHzq5BP4M8nwk29U1Cq1HffMCAexF5kn35_v2e6CA9sl9N2nqhK_FZWp4FWTz8ivQDgk8CLfyP2HgGZRBzpYZPBzHSNOne8UkUH8b8ALmWV1KTgDFgkzc4SYL8oDdGcGs_BbiGgvLqoOirtGqDcVF1oPgZergTuUV2-QyKBr4D3hGcav9NRk4NZFJ3Oc1UadFIdLyzyBgJ80HKVfqJoozbtKlNif0fJ3QXK_P9Vl1mgQg-Vo6lmZ1gCxqiNqWm2r1vrCCASpYqTOyxuJd5tgJP_triluTC2QMWkExmOcDZQVG0JbxUQCB6yeefrehXTBDcod5fPw2s9Pfko4raxJ4QtpODCdcYfmnUS-eSDB-5Mfg8JesUMqL6es66AfX5HT_YeIX2c5S3UsIRYtwDMv2RYcNhedCnCxidbvpdayZJwzohCQ9_OQz-9M5WY-Ezj_BCA4pv-9s0mnLllN2TAawy1nBoPQ1aS7RRxyF08PK4Clw0fAqvfqvibG3DfyD9J8SvSS_vX1kbbG48OZWPo2bTjH-V-_lYo8kfcKTcR3OWxUYto7YU3N3NlVXoMIkFv_eDLjixHMmYl45gfZDajvdMkVBriOiAAMaGTjvCcx_AZ55f1qD2dPKEJBV37Y5CbQ1-Ey_AhHwhf90YqmWJuRSFwvHZ70fcxrGW9C6U2znu_zr3Z-8mDTC00w60FdRGc6qThDBqjbr56tuJhptcmdvAm4A3bFQdZ7rv3LxNoLZ2KpVNxWNeAVVX2DM446nBo0jO6ymo_tERgMDqZDYUW5BnCHQuI29TR6uBRP&sai=AMfl-YQdSY3QhIEOwlhDTiRkcsvzBQSLeGK8fn6EV23hkVLIsO6l1md9Jw5-LLW-Nqy067-ggQDhwj1B1ZReW-WKWGEOA_BLZEx1p3jgIKPe-Q7Bcajc_tOw7ohn6S-_kTy-wwGalKQWPVIELI7UCs4T5ZLWPuNNQKEOrWJN0IizmCKQfVVas0Gssh2IOIg6SeZO3iobg7jdjYscx8e22t83zwfx&sig=Cg0ArKJSzMrSOBsjJ7DaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=743&cbvp=1&cstd=739&cisv=r20220817.36707&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 21 Aug 2022 09:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame B610 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.241 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.361.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:09 GMT
Server
MMBD/3.361.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x73, hkg-bidder-x98
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 21 Aug 2022 09:22:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 844F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bnt-jP_kBY9iSEs-avwSOk6KQDAAAAAA4AeAEAg&bg=!RkWlRQHNAAYUOm8VNDo7ACkAdvg8Wjkc9A2w6JpvH6nzGJw1bN1oHYOwRB_UUaTrGMJmj_x3hkRDngIAAABVUgAAAAFoAQcKAEAX5ppPaSN0GeeCwMCLiDQrlqBOVk2VRVuX1XfObqFq1XXtv12H8ks0ffWN1U-T5A1hZ8em9qm8qJIeW1rGGFuEmQLnKSzvogjBtSkkn0vf8NhzSnYS9LziHTvbrbHmEe7R4P9BXerPoonwbFPTNacxyUgvpDPRg0-NuS8yxJxRCE0HuMQRKaUpHa18WuhU3c6Mq4OdlRnZrXBW3-H1khGBY5H-Vix-UeLCFJ7A8ay5bu9_clUOM-RS5Dq_kZ2A2oYQ8OgVWtrxMStWSVYrStO2U-HI1NzMjM5Em1llsPqcC8emuqLGtMLGSLYVq5y9UBGnM0T19ASeKpGcnbgeNVGNhejsP8wEy0Bg0LUNDT1OszQ-ILdDytYspPpEyDkLui8ruEiGFpGxT12eBH0MLpqGFM3dEa3HoMB0NVy6APEuAgpwMdxQzLrJ49sa771HEEYhBR-0s_AJ43ferbIj-wm1qAuZ4fJxuKSY7rizup0JETGXn_v2btJ6HE87L-6fCbXKt7rFrDIXtkVXZ9YS1FIrk4aywtkLH5YX0jLMeOQ5tQDW0aY-3o-_FJyRBbMWCovyzOTaswqRp28MIXPmNbs9uuruer5Gj78ORsJxwHzXh_ItUBiPypjWAWKC_dVrnjKLWzzg0RwmPdIjQ5rTyV2nrwxakM5hZckMbjt18mzdvjq5mg986zgKZYjAxqAi9TKa5ZIo6kHIK_K4A-ASu4fIPxxyudjFNHVk8_n5oeaA9-qrsdTECtjwJlxp17jVas_1Qg7aomXl01Xr6aOFwSWUsfuugVG21pdgQLOOiGfWe8GSnmlflP7BqcGsOwDU1gtuBItcpMVi29hJi0m-sE1eEquiTlP8lCTqzJELe33vO9jZVq0ce54njs7RtKECAqALumyk3Obij09AaHy7Zj8IYZ434ANDYVAXWg5NkaxdwFdHWZUWGfAPZImpbdMqMzfCqMPZai3vgmfW-rs8HicMtMftljVJaNyy7jAelygCm3fPyqfil9OvhyuzqnQTzzeFlZ-HO5t0ef86yZtm_rpoyW9Sxpm6u5DOyeVqH2HS-3mqkczsYX32t2o
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/11589256862032369085/ Frame A40D 		85 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
09fe3a339dce9f0599a961a0562139acac9160b7617f912704f9a9d794263c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
291231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20005
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 00:28:17 GMT
expires
Fri, 18 Aug 2023 00:28:17 GMT
last-modified
Fri, 13 May 2022 01:13:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D21B 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDUb_VaQEFBr3e593FykgrLeb8SJ4CtOoMh4vvi_yJ_UPJzsXZdGAIGBMItDpp_WQoRT2pqm5q3z67-ozRtYaiDe2Zqgb5EzlEMyZPBihLTToP51lV9k2rayPjBPQSAijz-JjnOOLDkHO_JhIBveGjW2bneJjRTJoKPbYQGyrnXZ9gQ1jTbUt4ngFQwzbnK4_po1e_Ws6Ju5dq2H-tSSIluqNRr6w3jC5yZxsRE0td08Ke2Gbh7Btt6TniX_nXXjWACElsLhrnuzu2qv4xmFjofZzh2UyjvMLZGrfoU9fIStCfpjEi_Qi3QI6u4UMBROCib0G3lBc66bechFihszguK6XZCrUiBc0FVUtmAfSiqAz6L4BD72iV5tauYjuuCo0MR8Vb2XafuKdfvd6n9bFwQZyrwLy9BeUJdWvqDH5WxmTuVVEAImfVt4LHbclAlfXlnqVo4Hhmo6y0BxTHdZysCKK27hHnq1Sf5Ccl5IzhsHGnPFe8ue7SgB5TiVWmCaXd2jzov9usUlvHc-z-27X2Gp-kduizb2oXSjyGMZVPlFuO1lXfPYGsFAw3tNIt0R3BfFqGLKUcw7iN9alXlDQAAqjfdHnwTRJ-GNd8W3JaazvgYSg31bgpClsoRycZMCrK7hn6AaOAiUe_LHjcR0yRxb-FsxDLwlMNe_upuXWAjZkNvzueQp2tdWSILxmoahnjPi3j7BHyQ-u-QKpa6Ocy2Wkc_ctfDF3axdHFvSChK9IHGLWxZBvSKPrVxC91BAFPWI8newQJtNxRy5hNLgxh3zbnjXE08a5coDjrPhcihE6LGkC8DAHFEVKNgWcBATqh8K0B2r6EGq5z2eivrdXgl7-S95Gu3oTKi_QFQCxb9AlrFPhJulsyvvvJ_bYRVDB4pa4pOMQDQKv2yw_HVGKR_QFxHaB8KR1DEz9MivHEvLo5abpYVddbUJhym9nnTu2j2bm3CYCIjBDMfKAmged-3chqUk6U3zd1TaRR2ki55GlXKuoLd9FvS5xTQeh65zgb-AG45_5YW-BHbtxdn3FJftQt0ck57ALnFZbOtL3awR4FRB7G27jWiNKkBYt7PJokliBvplP4pEcuWsuvxmZrY7Afo8uP4Qzfr887-XC3VB1jJXP6hFtE_S7OW-BPantVOJBv1smhOXAPhB5pG7pahcnQCr6kaU_4ZgJ53ZMIEeZAK8kswPN8njCTd04_StlAh1AsbiDM_BRCjhaGRh7hPdTiCMWmQ7XDYg6RrL1tnnQh_mhCgnk&sai=AMfl-YSxpPImvhXPmSRmq6P97_3tj1buR6PO3PY4aClGs39QWxg12XFCTaRHL36x6PuFl0bSz0NaAnEdMHLF4aIPsrzn1QDT1oAGUjCBjiJNeXtYu88hai-ar4U30z9LD0UhCgDyAdhmb6pPW_Q1IGsPUqkjjWgU4C_ZOjlApEeaihHPC6rRDVRuzNWoVsyLqIOkgZR-EwkCfrIIl_B4ATmw7mqG&sig=Cg0ArKJSzE8Jo32vYuHBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=818&cbvp=1&cstd=816&cisv=r20220817.26439&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 21 Aug 2022 09:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame D21B 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.241 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.361.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:09 GMT
Server
MMBD/3.361.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x77, hkg-bidder-x120
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 21 Aug 2022 09:22:08 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 26B2 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 16:08:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64EF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpChsP_kBY5HzEoLyvASClZ_oCwAAAAA4AeAEAg&bg=!6-il6KzNAAYUOm8VNDo7ACkAdvg8Wv3TqUXmTzxAuVriYy1xvJsEwpwaAvHgAYU-g8iIACuNqkRiKQIAAAB5UgAAAANoAQeZAuVeNc6ajqIsnWZyvMMX_dOk9tCiFMYVepQCudacogPN1FqPpeAepkX-YOOhv-uMefT49_3BXHrhmH4k6eZNmuBcJCuKn3W6M0qytXWA8cmXROSXCPqdEmr4SVzAfPR7e8Fbou99UwnfSBjonEg47qYh_R1Nnr6m1JfR662rPhlIDuER_kHPiuu13GqsI5-YIp3jw0s93eq8nCsE8OZQCKN35aFaDwlamvyKelhdnPnzDDP8JDPbJf35W7v8izJxGW8zjUAeDlDyra4ahHJet4XbUq-VoFlcesdGzW0ijGuSgCxwqipfu1tTuMHtY7ERaZCwjaDQwzvTVzNpHxG0k2GkRVohdJBYhdkeeFlD298AsJGmUPknWwQeYWzfjS1_WAeo_UXNxHKbQFVVDUTDyZhxgCg_qJ-e-9O8oMizRlPFbmGh1uF0S_-vk8MBz73Zq1XZxRoe3_KWHIRRJvMpZjIP5irUlT10inEAhs7pXJp1xQ8Raj9PLGsB5BJF_Fx2_eY_mNI6FI63f-dpEqn-NiDe02GpMA2k_MJURbPVJ7y0b1we1kBT1OccNgRpd7Bd3wOgvKNnUxUqQQKpCC21Q485KWEDIkj9nFEWHMDN-oWLUueTpA2XK4SLLH2i3n-WdD4wUke1Ny3cE_Yyuo6WJ0l8KN-oBJGHE8d-t8Z0_PlaS0CRPQ4GEybn0lt98NOkfTIJUbs35_9cSMN_3hewMSa3NP7BX7Slc1uw9rF7_uKTGiVN3EKCnN7pg6Qa0B3voeUNLOA-UeV-zXKMZpvSwJg_wzoPBHS1k2axNYh1icIKRfre79vicEA-vDmJ0b3eAtq95jtlGjej-u1t8DcAwYjefoP94svgm30Nd0_ymZv8nzyv3SrRKXKUs0Sk6_AUjTbG7lGAUQu2au1s5VmbI-3s1ql5Mb-rQDAnMswuaq6yeJebU1safYjvGtoh_LXfN8eWf5nQOx1WlF5DpxfLsf4xlYIAepc
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame A40D 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 16:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 16:08:16 GMT
truncated
/ Frame A945 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88c986111a2c9a7d3c850c287bfed80bc469d593de7769fc6cd8eaf698a4220c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 09A5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
4cad284af8a652ca54f297d9301d7aaf0f4d9516bfe07b50ec195cd69f89f96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11101
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 338C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 09:29:28 GMT
x-content-type-options
nosniff
age
258761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 09:29:28 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 338C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 20:43:02 GMT
x-content-type-options
nosniff
age
304747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 20:43:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 338C 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:04:42 GMT
x-content-type-options
nosniff
age
235047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 16:04:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B610 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssg7-wpeR0l6ou1T4sThU5IuL7znJBdDHW5sO4ZXLCKbK1n-GvieYBA6SwwlG8wFJrojjT-fhzFh29uNaOjeYzQd81Oe2GlKKO_xK3spqvmkY4Hy7g1BVlo9S25mwd-Nlg_fLCOb5dzu4Jc7e__e0s0Mo8Jv02UiQwnD51wkQhPrM0CJQGWiRBxWo_fnTYNACJOvhoYD5MdD3XWlDrogO377YynEH4VzfWjnuT1Bx-30Ls1OXlRlaqyMyX7dlfabe_n1PfHDZ1ET8Wtr77UCljZ_9HiXLs65PozsJkluxhGsXu6vlit1zm45zN3OTFFVajf_Bj3S6zTnFNh6N-Ff3PTvDF-R5AUGqHoFkE8TfYWILAQcQL22_ehhE04dY3PRaOSkQCN3UrHlljogzTLpkFS59jCivh6OvxYIZTkUTzSc8vXZDPsnLDEyRG_bUbxu2KZlJJAsvFdQ1UDhHzq5BP4M8nwk29U1Cq1HffMCAexF5kn35_v2e6CA9sl9N2nqhK_FZWp4FWTz8ivQDgk8CLfyP2HgGZRBzpYZPBzHSNOne8UkUH8b8ALmWV1KTgDFgkzc4SYL8oDdGcGs_BbiGgvLqoOirtGqDcVF1oPgZergTuUV2-QyKBr4D3hGcav9NRk4NZFJ3Oc1UadFIdLyzyBgJ80HKVfqJoozbtKlNif0fJ3QXK_P9Vl1mgQg-Vo6lmZ1gCxqiNqWm2r1vrCCASpYqTOyxuJd5tgJP_triluTC2QMWkExmOcDZQVG0JbxUQCB6yeefrehXTBDcod5fPw2s9Pfko4raxJ4QtpODCdcYfmnUS-eSDB-5Mfg8JesUMqL6es66AfX5HT_YeIX2c5S3UsIRYtwDMv2RYcNhedCnCxidbvpdayZJwzohCQ9_OQz-9M5WY-Ezj_BCA4pv-9s0mnLllN2TAawy1nBoPQ1aS7RRxyF08PK4Clw0fAqvfqvibG3DfyD9J8SvSS_vX1kbbG48OZWPo2bTjH-V-_lYo8kfcKTcR3OWxUYto7YU3N3NlVXoMIkFv_eDLjixHMmYl45gfZDajvdMkVBriOiAAMaGTjvCcx_AZ55f1qD2dPKEJBV37Y5CbQ1-Ey_AhHwhf90YqmWJuRSFwvHZ70fcxrGW9C6U2znu_zr3Z-8mDTC00w60FdRGc6qThDBqjbr56tuJhptcmdvAm4A3bFQdZ7rv3LxNoLZ2KpVNxWNeAVVX2DM446nBo0jO6ymo_tERgMDqZDYUW5BnCHQuI29TR6uBRP&sai=AMfl-YQdSY3QhIEOwlhDTiRkcsvzBQSLeGK8fn6EV23hkVLIsO6l1md9Jw5-LLW-Nqy067-ggQDhwj1B1ZReW-WKWGEOA_BLZEx1p3jgIKPe-Q7Bcajc_tOw7ohn6S-_kTy-wwGalKQWPVIELI7UCs4T5ZLWPuNNQKEOrWJN0IizmCKQfVVas0Gssh2IOIg6SeZO3iobg7jdjYscx8e22t83zwfx&sig=Cg0ArKJSzMrSOBsjJ7DaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1200&vt=11&dtpt=457&dett=3&cstd=739&cisv=r20220817.36707&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Disclaimer.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 26B2 		225 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Disclaimer.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 18:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225531
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29254
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 18:43:17 GMT
sam_img1.png
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 26B2 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/sam_img1.png
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
11e824e773da306f35ebfbc341f1437af0eed1167dbe4053c6e68dfc0bbf1beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 01:03:45 GMT
x-content-type-options
nosniff
age
289103
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49740
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 01:03:45 GMT
sam_img2.png
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 26B2 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/sam_img2.png
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
5f8947828d20f8ab59e7c5e277ded685a0b701d5578ef9a969baeba8ed66415a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 06:58:12 GMT
x-content-type-options
nosniff
age
267836
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52382
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 06:58:12 GMT
Samuel_1.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 26B2 		44 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Samuel_1.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e218093a3e8d994d337993a3f5243d26eaecbce21b7aaed2a8eb10c88b309e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 04:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277448
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12052
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 04:18:00 GMT
Samuel2.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 26B2 		40 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Samuel2.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
344e02c0e49e58ad7c4726c954b00243760f2301e49f004d008f494a89510710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:00:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 11:00:13 GMT
CTA.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 26B2 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/CTA.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 18:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225531
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3171
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 18:43:17 GMT
Frame3.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 26B2 		34 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Frame3.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 23:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296175
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10826
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 23:05:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 09A5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D21B 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDUb_VaQEFBr3e593FykgrLeb8SJ4CtOoMh4vvi_yJ_UPJzsXZdGAIGBMItDpp_WQoRT2pqm5q3z67-ozRtYaiDe2Zqgb5EzlEMyZPBihLTToP51lV9k2rayPjBPQSAijz-JjnOOLDkHO_JhIBveGjW2bneJjRTJoKPbYQGyrnXZ9gQ1jTbUt4ngFQwzbnK4_po1e_Ws6Ju5dq2H-tSSIluqNRr6w3jC5yZxsRE0td08Ke2Gbh7Btt6TniX_nXXjWACElsLhrnuzu2qv4xmFjofZzh2UyjvMLZGrfoU9fIStCfpjEi_Qi3QI6u4UMBROCib0G3lBc66bechFihszguK6XZCrUiBc0FVUtmAfSiqAz6L4BD72iV5tauYjuuCo0MR8Vb2XafuKdfvd6n9bFwQZyrwLy9BeUJdWvqDH5WxmTuVVEAImfVt4LHbclAlfXlnqVo4Hhmo6y0BxTHdZysCKK27hHnq1Sf5Ccl5IzhsHGnPFe8ue7SgB5TiVWmCaXd2jzov9usUlvHc-z-27X2Gp-kduizb2oXSjyGMZVPlFuO1lXfPYGsFAw3tNIt0R3BfFqGLKUcw7iN9alXlDQAAqjfdHnwTRJ-GNd8W3JaazvgYSg31bgpClsoRycZMCrK7hn6AaOAiUe_LHjcR0yRxb-FsxDLwlMNe_upuXWAjZkNvzueQp2tdWSILxmoahnjPi3j7BHyQ-u-QKpa6Ocy2Wkc_ctfDF3axdHFvSChK9IHGLWxZBvSKPrVxC91BAFPWI8newQJtNxRy5hNLgxh3zbnjXE08a5coDjrPhcihE6LGkC8DAHFEVKNgWcBATqh8K0B2r6EGq5z2eivrdXgl7-S95Gu3oTKi_QFQCxb9AlrFPhJulsyvvvJ_bYRVDB4pa4pOMQDQKv2yw_HVGKR_QFxHaB8KR1DEz9MivHEvLo5abpYVddbUJhym9nnTu2j2bm3CYCIjBDMfKAmged-3chqUk6U3zd1TaRR2ki55GlXKuoLd9FvS5xTQeh65zgb-AG45_5YW-BHbtxdn3FJftQt0ck57ALnFZbOtL3awR4FRB7G27jWiNKkBYt7PJokliBvplP4pEcuWsuvxmZrY7Afo8uP4Qzfr887-XC3VB1jJXP6hFtE_S7OW-BPantVOJBv1smhOXAPhB5pG7pahcnQCr6kaU_4ZgJ53ZMIEeZAK8kswPN8njCTd04_StlAh1AsbiDM_BRCjhaGRh7hPdTiCMWmQ7XDYg6RrL1tnnQh_mhCgnk&sai=AMfl-YSxpPImvhXPmSRmq6P97_3tj1buR6PO3PY4aClGs39QWxg12XFCTaRHL36x6PuFl0bSz0NaAnEdMHLF4aIPsrzn1QDT1oAGUjCBjiJNeXtYu88hai-ar4U30z9LD0UhCgDyAdhmb6pPW_Q1IGsPUqkjjWgU4C_ZOjlApEeaihHPC6rRDVRuzNWoVsyLqIOkgZR-EwkCfrIIl_B4ATmw7mqG&sig=Cg0ArKJSzE8Jo32vYuHBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1251&vt=11&dtpt=433&dett=3&cstd=816&cisv=r20220817.26439&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
log
hblg.media.net/ Frame 3176 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=u4_xHlUMQYOeVMC95FypUw&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.9951692E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=20.0&adj0=0.0&tmax=300&s_ip=74.125.190.134&adj2=0.0&adj1=0.0&feedback_id=u4_xHlUMQYOeVMC95FypUw&adtypes=0&mx_aabpc=0&reqid=u4_xHlUMQYOeVMC95FypUw&sc=AU-VIC&sd=1&mowxReqId=72f6917fa1ad4dcc8726d469b58c78b6_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1661073726575&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-357234536-35-25&coppa_enf=true&bdp=0.020&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=72f6917fa1ad4dcc8726d469b58c78b6&actltime=26&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.014&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEEy_xJdbkgGFJpG4-KS78Iw&chnl=HARMONY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1661074326829&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.014&pvdTmax=255&ltime=26.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=37145514735832_2103959400_52982010441&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=31&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-7br45&currsrc_date=2022-08-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-21+09%3A22%3A06&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET7Ay8pXmFMbDevGumLLjgbutC8ZMKsa9BJFQjVPpR1uE6EJO07DKrbfLmyNO0GrjUz9&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-rzk2q.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D508~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022082103~iurl_b%3D63775.51~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.15~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D40~riipua%3D104%2C104~et%3D18~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082104~vis_b%3D148.63~url_b%3D0.02~url_tvi%3D2095~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw3BuYdREPsnhiCr~btd%3D15749759548019670152535502477589427031368148274129145121892978737794773771681796~d2p_l%3D70~3pcf%3D1~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.89~ogd2p_b%3D0.89~vurl_b%3D0.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D20.5~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dmelbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.61~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.92~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.014%7Edmm%3Dharmony%7Esuid%3DCAESEEy_xJdbkgGFJpG4-KS78Iw%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.9951692E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=1197&sf=0&cpr=0.23446276206459915&evttyp=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073726109&bpp=12&bdt=204&idt=281&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2046385784113&frm=8&ife=1&pv=2&ga_vid=634845367.1661073726&ga_sid=1661073726&ga_hid=1233797374&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911&oid=2&pvsid=3639896759784101&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.phs3nki1tki&fsb=1&dtd=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 21 Aug 2022 09:22:09 GMT
disclaimer_common.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame A40D 		224 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/disclaimer_common.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36700
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 00:28:17 GMT
sam_img1.png
s0.2mdn.net/sadbundle/11589256862032369085/ Frame A40D 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/sam_img1.png
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
4afac04c5fd0b8d418ba0f07626755756e3d1808cbd0f1d436a103ddfaf444ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 18:41:45 GMT
x-content-type-options
nosniff
age
225624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25436
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 18:41:45 GMT
sam_img2.png
s0.2mdn.net/sadbundle/11589256862032369085/ Frame A40D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/sam_img2.png
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
42406888614f5578e2585d3a467f266f367f688782c680b0f50c71c13639707c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:28:17 GMT
x-content-type-options
nosniff
age
291232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26812
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 00:28:17 GMT
sam1.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame A40D 		44 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/sam1.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
bfbe4083cd7f48a312e81db70959942348412dea1900bb643fc715e5c04d09df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253285
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11539
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 11:00:44 GMT
sam2.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame A40D 		40 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/sam2.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
dd98325b703df4f13c3a2ebcb93a7726270304b854afc75f4d5dfe5f27852937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13263
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 04:02:52 GMT
cta_common.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame A40D 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/cta_common.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3188
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 00:28:17 GMT
frame3_common.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame A40D 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/frame3_common.svg
Requested by
Host: 27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 01:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285868
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10443
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 01:57:41 GMT
truncated
/ Frame D23E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b467d542a2d8664e6eef3a76d86d61d96b5af84fcb50e8a23b474521d8afd877

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3176 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d9fe5d575b54eb27c1d32effb8b2c365bd4006c0c032d24bfcbe232e3ea5bef

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
all
csm.as.criteo.net/ Frame 338C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=WXV1rejV9mAYiezAQiPK1zGGF5F5xuQEIxrt8DYCcna1mU0J7fXuBZlHT-sy5GV08VjRJ3mN7XsT9MFb4LDS4yEaJoqplwptXgAidEjQRi7gm8el-RVMr32fyMCGv_DPWjWT2Lfp9hHimooKfSizGDZ0_L_SkOmjt-v4NmbyRRJSavhGOl1Js4Sq2oYd5bcwrG4uSUnENFfEfok_kcb8dt3t3qwt7en8DcRb55O7PBJPtWNsmCAQlPIGfGZDjNAn3p8BvA&sds=2&rev=82471&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwH5PgAGxr8K5o9lAA82kTo6Dpw12O6cMTl5kA&u=%7CFe2Vx2bztVzXlzSIn9m3n17ynLuVFDpWT9nt7BB6GME%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40c-193E3wX-pcVRzcfIsTGQbdF-hxoGuDL2ilpHlAAJqHI0ECBx7vZHJZFIxbq9usiOn3iwU-0nb_x23Qi-33eKvjL_XAcdArLd4rDHAHi_66d3Txo_0ngwWo3gf0lI8W1g3GMWfz7E3HzquCEYpem6qufj88Jm0mhlN5_mamU29f-T5ZyJmCw5nKACO9_IWMbRVSgJdtOv0wCO7jHdaFVIoRAE1hon7r7jdVgdIw15-sC7d-k_xa50IsJMXeSsNDxroRdsWIQ0GQTYqnd1mQh-VlWAiSL3qO5ShUWeAPlocwqG7vSE7jofbik_GpF3pz6AHfMDpioNRky1oIoJ45a7qyEY8FColna3WRy9gidJHhwss-jpXA71dx0thFa4nMlSLO6ByfUFIbq_HOJuevD7CrJTDKhwsn-oBJiRHSFBw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2RgqPvkBY7-NG-WemgeR7byAA5j80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQIAnYTDjxGnPuACAKgDAaoEwQJP0NRLwfTAKgWYH_jn4WjzKiPWbd5-8N3gqTzhVYOGBfBBiEiqrCLeprBZnbf1wMCXMr6AlYhuLn1UERQzcKLoqZPL_gkOnVwBLLIMZ6n08Oy_-ZZyWa_QXBP-ZGn6cIIzHYhOE14qA-RZ4FnYNYR18ASG1HG3HyK-Fp2CcNMCmqj7m9vXyHama6CsDnd0E4vNLR75qIjPiuVT8piJb2quyC40gZD8hyeFYd85X44SykDw2MLPdC8jlxhIDoEwj7LK3hYQcR-Mnq3LtWxHCObGRM3YxmqWY3y8e1SOpGumGDfaH0ZaNwwM3kRwTEDf78WH5vEBD22LWKytxaalWAagcsUvbLVUNUkbnBirgTXgDfUT2Ddpy7claEdnJD-OBu97Ln9U6lqy0JSioKql6guJZUI4a8KyRFY9n6uF85M1e8rgBAGABsCXwuu2pP35XaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Df0OOukAmlikeFmZe4z2KC0t2Rg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 09:22:08 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
truncated
/ Frame B610 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662b8225c47e6ce0cb4ab692c754a26260e9d08a02332b21acf2dcf4b11ae609

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D21B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55ccd4abe0459936a0f89490d62446ecb39a77d0a5670ba9be301a3f0bc558ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 869F 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
1a6217dcc2afc2b07536c722a693916c87397b741db6f23e1c399f607127be3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11106
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 79E9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e4004d6bddd788c79d1798b01706a2b54dd5f9afbf279619a4fe6c3a003e3ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11075
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5BF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
242205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0E67 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
b5bb2c8d3f7d0320bda5e2d820442bcc4144a2daa48cdbb498696410dbd558c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6MV_z8DqBq80Yg39TF-VnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-6MV_z8DqBq80Yg39TF-VnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:09 GMT
expires
Sun, 21 Aug 2022 09:22:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bqi.php
lg3.media.net/ Frame 3176 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3027&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8PO15GP54&katbid=-103&katen=1&cme=kjIvkcxpcoRdQCdVY2q6hqPQE30BOeNrssg_I7BtYP6udBJ05ipDMBRDnsvcLdDjLxlUGZ5QFIkmVDTNh775h1ze69sb4A8isR3krGaoUSWNr0V3gs-IxaMV01HOUuHA8UiEegGYI70A5CnJNG_AHqAS7cjaITxyCMu5FXJt2cBEsLomTKqJm4MOo-ZUXG8gZU7tOzGEyomfqTuOJ8z86drD-_LLXaE5||u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|a0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo=|xrl5Md8q4--Fy0OUtnqyq87TUqV3eBzav9_8O2wUo_jlgFwn8JB2Og==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|UxNqWO2f2BNCaGtN-XP5CRQASumm8AibQ0IHXja4TSIgKEQQlRyOvH7Uq9dCbCnJC29hLG8eZtFFAzTnBX0dmvR_AHZ_B7qUwLvvv3da-UeY4hJbUKUGBn_NS9rP-6_VCxxJ_Gx7tvJwebSDbliYcb0vXmeoZ_R8QFPYSbmZ7fQ5d32NMivQucvBoX-bLrtUjC127y9bYTJR3eEXTdg396xT2T9_UwCiTotZRMNrg-8=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&requrl=https%3A%2F%2Fwww.bg3.co&vi=1661073727527117685&ugd=4&cc=AU&sc=VIC&bdrid=4&subBdr=186&vgd_kwrf=https%3A%2F%2Fadx.holmesmind.com&startTime=1661073727763&l2type=sca&vgd_l1rakh=1661073727176305376&l1ch=1&cref=https%3A%2F%2Fadx.holmesmind.com%2F&sttm=1661073727771&upk=1661073728.23647&hvsid=00001661073727771017418153016934&acid=72f6917fa1ad4dcc8726d469b58c78b6&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D508~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022082103~iurl_b%3D63775.51~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.15~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D40~riipua%3D104%2C104~et%3D18~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082104~vis_b%3D148.63~url_b%3D0.02~url_tvi%3D2095~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw3BuYdREPsnhiCr~btd%3D15749759548019670152535502477589427031368148274129145121892978737794773771681796~d2p_l%3D70~3pcf%3D1~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.89~ogd2p_b%3D0.89~vurl_b%3D0.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D20.5~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dmelbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.61~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.92~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.014%7Edmm%3Dharmony%7Esuid%3DCAESEEy_xJdbkgGFJpG4-KS78Iw%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.9951692E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_sc=VIC&infr=1&twna=1&stime=1661073726907&vgd_ecrid=1700080812610100250025000000500&l1hcsd=l1!A12|5535&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p0652265294t202208210922&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sun, 21 Aug 2022 09:22:09 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=29744
content-length
15
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 869F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:09 GMT
rid
match.adsrvr.org/track/ 		108 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
71180d5890635db2b00f1c9716e29f45d6b71d0897ecce57083d717abe12344f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:22:09 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 20 Sep 2022 09:22:09 GMT
pd
u.openx.net/w/1.0/ Frame A5AC 		532 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
82ef5d0df1b613c45aebf7285049a4b72e5fc48d19145a6318fe5f70d25a8443

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
325
content-type
text/html
date
Sun, 21 Aug 2022 09:22:09 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 7922 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 09:22:09 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7E9D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.200.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-196.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:22:09 GMT
ETag
"623de86a-cf34"
Expires
Mon, 22 Aug 2022 09:22:11 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 93DE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-84.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
35873
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 20 Aug 2022 23:24:18 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
x-amz-cf-id
hZrd6PZd4oAtlWPz8O3WpEV40hXeCuySiS4gsyTRI-7vBtGQADdcAg==
x-amz-cf-pop
MUC50-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 3E61 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.201.3 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-201-3.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 09:22:09 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 16A9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1661073725391
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
7702f4f6e539dd4050266261a23c34d40f406f96bde4912d9668d8ebc224f61f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1375
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 6E5B
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1021 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
7ead6e6f4bab8ffec6ff2977b511fa6d74ea5092687e73a62aecf5c2941eed8a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
455
content-type
text/html; charset=utf-8
date
Sun, 21 Aug 2022 09:22:09 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 21 Aug 2022 09:22:09 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c1f3ab44-b55a-43a0-bc86-e25039be30dc&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 21 Aug 2022 09:22:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 79E9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:22:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0E67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=2106348698838500&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame A5BF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
402031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 17:41:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA36 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
242205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CE8F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
e22106f370b5a68ae458629159ccfc7b6c0a6c8d76b272c8130df1c689b03632
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V30l5tp4g2vmdZ7XIPziCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-V30l5tp4g2vmdZ7XIPziCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:09 GMT
expires
Sun, 21 Aug 2022 09:22:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sd
us-u.openx.net/w/1.0/ Frame A5AC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3418254032047919557&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3418254032047919557&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3418254032047919557&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame A5AC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e4130486-cc27-7c9f-d05b-0d1c3ba12ca1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttd_puid=e4130486-cc27-7c9f-d05b-0d1c3ba12ca1&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttd_puid=e4130486-cc27-7c9f-d05b-0d1c3ba12ca1&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttd_puid=e4130486-cc27-7c9f-d05b-0d1c3ba12ca1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame A5AC
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwH5QMCo8YUAAOViAlAAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwH5QMCo8YUAAOViAlAAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 21 Aug 2022 09:22:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":21,"gdpr":false,"ipv4":"103.209.254.5","key":"YwH5QMCo8YUAAOViAlAAAAAA","privacy_sensitive":false,"uid":"YwH5QMCo8YUAAOViAlAAAAAA","upstream_id":"a-ad40195"}
X-SO-Key
YwH5QMCo8YUAAOViAlAAAAAA
X-SO-Upstream-ID
a-ad40195
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40195.dc2p.scaleout.jp
X-SO-UID
YwH5QMCo8YUAAOViAlAAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
103.209.254.5
X-SO-Cluster-ID
21
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwH5QMCo8YUAAOViAlAAAAAA
Cache-Control
private
X-SO-Ads-Time
1
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame A5AC
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZdXErv9jx90ks8ADsWuCIhCu88AAAGCv7WtBA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZdXErv9jx90ks8ADsWuCIhCu88AAAGCv7WtBA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZdXErv9jx90ks8ADsWuCIhCu88AAAGCv7WtBA
cache-control
no-cache
content-length
0
x-amz-cf-id
Z6pAaH1gfTC5XeA0uK45W2ZW_TyO5x2kXpM2RrmxWmUGru7EVwYnFg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame A5AC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3Y2Q3NGMtMDU1MC0yMjNiLWM1YmItNTdhNWYxNDNlMmMx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A5AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENG2tg495b5wXJ881_pdMSk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENG2tg495b5wXJ881_pdMSk&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENG2tg495b5wXJ881_pdMSk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2015 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
242205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EE38 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
7f171095c097d81c123f18d59fd2519fcfc7272b81bb62bd4535a3c19b5bb5e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HYV2fG0eJicH1TeT-PrT5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-HYV2fG0eJicH1TeT-PrT5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:09 GMT
expires
Sun, 21 Aug 2022 09:22:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame A5BF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RICsqg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
onetag-sys.com/match/ Frame 16A9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 21 Aug 2022 09:22:09 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Aug 2022 09:22:08 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 16A9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 16A9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7685986172581752304
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7685986172581752304
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:09 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2cf34a09-7b98-4d02-9210-a7073d7f4828
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7685986172581752304
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 16A9 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=0_pMdk9WQN4i5bia6eBwVKCyHAv1_JAit7JSJRqbMX0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 16A9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1qRwrvHsCI4YmStpqC8eB9n4cYdCoqg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1qRwrvHsCI4YmStpqC8eB9n4cYdCoqg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1qRwrvHsCI4YmStpqC8eB9n4cYdCoqg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 16A9 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
content-length
0
/
onetag-sys.com/match/ Frame 16A9
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCMHyh5gGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Sun, 21 Aug 2022 09:22:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 16A9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=el3vdkUyYKMTzK2MpbORVdwb8qO8ZxDEWGwcEY5MdsI
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=el3vdkUyYKMTzK2MpbORVdwb8qO8ZxDEWGwcEY5MdsI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZKXNVPZ4E0KQ330Q2QGS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=el3vdkUyYKMTzK2MpbORVdwb8qO8ZxDEWGwcEY5MdsI
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 16A9 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
content-length
0
/
onetag-sys.com/match/ Frame 16A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAxj_5jtuW259E4iZKpCHP0&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAxj_5jtuW259E4iZKpCHP0&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAxj_5jtuW259E4iZKpCHP0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 16A9 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 16A9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
sync
x.bidswitch.net/ Frame 16A9 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661073725391
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame CE8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=3639896759784101&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame EA36 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
402031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 17:41:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EE38 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=2089749623384575&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 2015 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
402031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 17:41:38 GMT
usync.js
eus.rubiconproject.com/ Frame 7922 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80647
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Mon, 22 Aug 2022 07:46:16 GMT
generate_204
tpc.googlesyndication.com/ Frame EA36 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?G7aplw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D23E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOAErsroTneJuOltHILXQ4x0nt--XbEYAWVwT9h_42Jb3LrDJsP0erXZOTMW-KCe94Mo1v43kS6FOVnDD4RyBQJajc&sig=Cg0ArKJSzAQq_QejIH1dEAE&cid=CAASFeRoLct_zdvqy3SL-n4LbAOym1RDiA&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661073727019&rpt=1952&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6E5B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 6E5B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQyMTQ1NDYwNTIxODI2MDQ4NDA1
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6E5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBUJio1VzebS9MGp1XKBzlM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBUJio1VzebS9MGp1XKBzlM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBUJio1VzebS9MGp1XKBzlM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6E5B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQyMTQ1NDYwNTIxODI2MDQ4NDA1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQyMTQ1NDYwNTIxODI2MDQ4NDA1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQyMTQ1NDYwNTIxODI2MDQ4NDA1
date
Sun, 21 Aug 2022 09:22:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 6E5B
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=442145460521826048405&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=442145460521826048405&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=df6a7ade-e186-45b8-9d30-d1c75021f4a3&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=df6a7ade-e186-45b8-9d30-d1c75021f4a3&_noobservation=1&_expected_cookie=c196330...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=df6a7ade-e186-45b8-9d30-d1c75021f4a3&_noobservation=1&_expected_cookie=c196330926a7ee2fb3d08c5188d440d1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73e24d839c52df9d-MEL
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=df6a7ade-e186-45b8-9d30-d1c75021f4a3&_noobservation=1&_expected_cookie=c196330926a7ee2fb3d08c5188d440d1
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73e24d820a4edf9d-MEL
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
sync
x.bidswitch.net/ Frame 6E5B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=442145460521826048405&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 6E5B 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=442145460521826048405&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A21561A470B04BEEB599AEAA8FF657A5 Ref B: MEL01EDGE1817 Ref C: 2022-08-21T09:22:10Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 6E5B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/442145460521826048405?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-UMcf9dlE2oQM04ylySUDVUKWcby2M.OV3GnKhZiNig--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-UMcf9dlE2oQM04ylySUDVUKWcby2M.OV3GnKhZiNig--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 21 Aug 2022 09:22:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-UMcf9dlE2oQM04ylySUDVUKWcby2M.OV3GnKhZiNig--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 6E5B
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=442145460521826048405
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=442145460521826048405&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=442145460521826048405&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9RT2HYTC2FWTXF7QRB30
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=442145460521826048405&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6E5B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=FuFg1ugg92Qp6DkxsGln&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IZ2UMZZROVTWO...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=FuFg1ugg92Qp6DkxsGln
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=FuFg1ugg92Qp6DkxsGln
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=FuFg1ugg92Qp6DkxsGln
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2015 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fa-cXQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 901A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0959d4af53e9f0f9a2d691de7c67c70a6b2a53fd8f6daaa67cd8ffb23e3405d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e24d7d9ace5aa0-MEL
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 09:22:10 GMT
dropped-udsids
241|39|230|73|218|206|3|24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNTbOggrndYZG9lQkqd1HGEngT69u3JkcaH9auAlfXcCayY5ZZZGsAl2DpVv7S8MvtSXR2JqdhFDq6tbT5qFjsV96IApIVWBVdywwoPTFl2nSvJZOIwew0cDSH91WbIF1WI85pIdukZELA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 3176 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaELPxfezOuP0Vn6-rV5fCyPvj0rPTIb-AuYJHeqXH7VikCDkMEiY4u6sra_JsF5q06oPRnITY8dOJOCtG4Y-Oi7NZ&sig=Cg0ArKJSzLJv1-OMlldGEAE&cid=CAASFeRo6y9iFH8r3Fa0HAoI7yFIXELMqQ&id=lidar2&mcvt=1016&p=0,0,254,250&mtos=0,1016,1016,1016,1016&tos=0,1016,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661073726897&rpt=2129&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D21B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKv8aHREOIdmhQu-0_T307MjtUQJ-EO7IN9AuuNFiYzq9DsoCLykk7i4u-gLK-RFzfDvMfnQAK50eI1oxi3SPFTzRkkSzVTMYV7MVDVOyHChZAC_hq6D7fcpKBbaBmud9aB5bx_JDGgA&sai=AMfl-YQAzbC_pKgMIurJdUbDF83vOIlLIQF1FxhwMyqP2sAr6ReymOls7bMEHNE0nbFYtmU11Ujh4Ex-2D2kQZrDqV54fnpGKtqNBXq58rq5yIV4GvJ2-zQlb25i5B7t&sig=Cg0ArKJSzK9_cFz6_8AgEAE&cid=CAASJeRoSENqqoXAY9-3MQ8f67n-fiXX33acBmCy67B8-YrIEwSXwFo&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661073727015&rpt=2030&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B610 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsup5lvg4Cug2Z79jPxkNzrM-riOGLLfJDhlDMIo21-OJIVze4BZB9G95pzsqxf9hZC34DNMEXNYr1bW4P6RfP5iOuCEaZhlBPCDKYQzvzDKSdrH2HlHDc9-Tof_NAxqkr2A8A71SrmMBg&sai=AMfl-YTZ6FTG0i_XbV7_khjQAidOnVbcTizEW-E0s8E-BKrDYDlw-v7KVaIJBic7ke0vEozMdj4tvBn59xMDpS9e09AwcVVKd59qpjtHn2ys_Lp7lhddrABnYPDsAhr5&sig=Cg0ArKJSzHyAgRFJda6IEAE&cid=CAASJeRoXfjUalFUkBFwQeQ9kAyeQJhn1Gtb1QuWr1ozvdQ9aDGNEZ4&id=lidar2&mcvt=1002&p=60,450,310,750&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661073727006&rpt=2055&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7E9D 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:10 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
02721dcf-dc86-4405-a9de-454b69d9e994
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 09A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=2106348698838500&bg=!Dg2lDUnNAAYUOm8VNDo7ACkAdvg8Wklpr_GAaEQOO6ByR7c6kazIf32aPcAPBjt20BJZ_zmHNsEF0QIAAABhUgAAAAJoAQcKANNwP6pd8HGCyzb-gmCjl4JEW-OX7hcojWSqSPlasKfrhInrWhsJ78iydSHj0kAmGS4U-VRDpD7nrMJDsbCE7mpboOPnFyzaEmS1zKxd3Zza1rRoZl11LiSARA0xnj7Ql45UwHb4L25RXtLeMU7cP41AhTbkd3LNTMg0btruUr5bFWgS5p-PrZ18nGSOEJc_PWdCMe2qnLF_C-wpEhaxCo4IvRmCWUDXpuFKgQEAYMlfpqeK9fOqAiK4EAlVG0L1XGPjjKYhUgcOp-5Odv1bWovcAOyHmQKv_m4BWz8ad5vtCtSW5cy0Gi01byt9U6rb8vvPwYpW_XiLhvZd_Se58P0lJj2YTx9CR-7b10-M80JYTwc5eU75qufMYVE4sV1_-pXjM4wLJZf-BnMKlEyQ5qrWGGwJdtgNV9LUxz8D7PJQpDc-tMMxMXFUZLAaqHKHakMhewlT58zDauPn2oR5VBxXbK_MlP_D5ULiV7aEYiP6dKB4j33xoJJ3LRlBeoj8srknsbzjW-Ysopbfv0LGTt8Xfxb-VJFSZ6qAAP-tctCraApj6qzuD_1yWxN4goA7YaXbPGnL5XTdXQO61S4fRgU_mztHMPfaXksAwUxi_8TUajiQX1nGZtUCI4GDCuaC4ya2qon8ye8fY0kB1wuHiRWl4XDfWQWxBxr7X9tRZXkpOFN6ZyuHeBvXklxqE1gdEdoZgv3DyqVl-q2JmQvj83gX6ujnrhQ2vHYxdAxFabrQT9cZAqHtpIibpEi7nrYDMAyQNSVUTeRDUkOjxq7SWNQdn27jwBERi5v-4uvMvVZcP-lPCLKGMauiPXOhSdUciCE-1xuyRuk87UC3XBj3hMOLHKrqCBxlZgXwWF1FURj1ugTa7FJkXZmbqYJyL6e-6kHKCUE2Bl1DvW9K4QKIdWa1kOz3vL6KWLjVUO57XYbYQgoNHIMfhL15RUpgmxSk-uTVX8lnrSmaKZgd4ZMWKZLmPC-oHNIJe1Lo-zOz_sUHxB-rqK5vt95ydvC8G8JoDRX0Qxp0v6K7RBuac8lXx88CUuFAn3sIQ_YQXh_GrJjYdaHMr_k9jWiKHAd_QjYXBokMUhB0oksY8XmMfVjzhY8CVUHcWMz2l6obIpSkwp7iMLvfgtwA-HeEbSku-XKshNofB2TmiEFvM9UM2_kMotthpNRUNYCdRcamsNzOcUGVlkFkhtWL
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7922
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-4anBZnhQlCisgNid7toQw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-4anBZnhQlCisgNid7toQw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-4anBZnhQlCisgNid7toQw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TVZWW660XNT5ETMR9AHW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-4anBZnhQlCisgNid7toQw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7922
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 7922
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/L7awvALb9krb8Iqn0OuOr8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2167942813835836842
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2167942813835836842
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Content-Type
image/gif

Redirect headers

date
Sun, 21 Aug 2022 09:22:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2167942813835836842
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
v1
ads.yahoo.com/cms/ Frame 7922
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L734EPFT-1K-M6X4&sigv=1&esig=2~b03e4b6e5f6999036e982ce7fd95ceffe3553e70
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L734EPFT-1K-M6X4&sigv=1&esig=2~b03e4b6e5f6999036e982ce7fd95ceffe3553e70
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Server
106.10.236.40 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
o2.ycpi.vip.sg3.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L734EPFT-1K-M6X4&sigv=1&esig=2~b03e4b6e5f6999036e982ce7fd95ceffe3553e70
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7922
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkwOTE3YzdlYzRmNzFhNjA3YjY1OWJmNGZjNmY5OWMzM2NmN2NjYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkwOTE3YzdlYzRmNzFhNjA3YjY1OWJmNGZjNmY5OWMzM2NmN2NjYQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkwOTE3YzdlYzRmNzFhNjA3YjY1OWJmNGZjNmY5OWMzM2NmN2NjYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
esync
token.rubiconproject.com/ Frame 7922
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 21 Aug 2022 09:22:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 7922
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGosGwdcZusGwvbgF8qsRnI&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGosGwdcZusGwvbgF8qsRnI&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGosGwdcZusGwvbgF8qsRnI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7922
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczNEVQRlQtMUstTTZYNA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczNEVQRlQtMUstTTZYNA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczNEVQRlQtMUstTTZYNA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F93B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101320
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:22:10 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 13:30:50 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame EFFA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.120.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-120-195.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c6b6141e373f4b8d9c8206df43914d4c154a449c99fc19cc8ce8ee3d3b2f26b8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 21 Aug 2022 09:22:10 GMT
etag
W/"097ede6d4124f81361b37d66d08b677e4"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 7EB8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
15f36ec0bec053a1d7c6d9b3e5913a3f92df84466458c3d662e60bfd94cbf1d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1362
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame A5C8 		771 B
1021 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
f0873b4a90a0c520dbc554d94a0268f9a68a6079bce22ced5498fe12836d9c62

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
771
content-type
text/html
date
Sun, 21 Aug 2022 09:22:10 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7E23 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1501961a1545533c5bc8b1ebc433525d77ca1debb3e97232493c1acced04764

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e24d7eedc25aa0-MEL
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 09:22:10 GMT
dropped-udsids
46|88|4|130|8|218|51|24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf1p3Wu1XcdQDzrgIBWmIG63nfB9Jc%2Fi6yqi2bTngm35ATVNHmBu5Fv10jlqLnb7PB6VXsePdYpHmn%2Fvt3XM5cRpxloMK3KxF6Igg%2FW5fN7NQnXlsYK7bzl8nJP57UzZNZCGaSIINSc8zA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1C2B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 09:22:10 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Aug 2022 09:22:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame 93DE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L734EPFT-1K-M6X4&gdpr=0&us_privacy=1YN-
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L734EPFT-1K-M6X4&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.174.20.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-20-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L734EPFT-1K-M6X4&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7685986172581752304
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7685986172581752304
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:10 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
571b9159-b681-4c6e-9d51-59e43cb06ddb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=7685986172581752304
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FLqSDRZHQJK9P_S-Q-uJYsSC
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FLqSDRZHQJK9P_S-Q-uJYsSC
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FLqSDRZHQJK9P_S-Q-uJYsSC
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FLqSELZHWopT95PNT06HPN4M
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FLqSELZHWopT95PNT06HPN4M
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sun, 21 Aug 2022 09:22:11 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FLqSELZHWopT95PNT06HPN4M
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMzNhODg3OGYtMzE1NS00MzQ2LWJjNjEtZGU3NzY2YjU3ZDk0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMVQwOToyMjoxMS40MTYzMDZaIn0=
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMzNhODg3OGYtMzE1NS00MzQ2LWJjNjEtZGU3NzY2YjU3ZDk0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMVQwOToyMjoxMS40MTYzMDZaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMzNhODg3OGYtMzE1NS00MzQ2LWJjNjEtZGU3NzY2YjU3ZDk0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMVQwOToyMjoxMS40MTYzMDZaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
usersync
usersync.gumgum.com/ Frame 93DE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661073731414
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2655029591
  • https://sync.1rx.io/usersync/tradedesk/7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
  • https://sync.targeting.unrulymedia.com/csync/RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
date
Sun, 21 Aug 2022 09:22:13 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf8cecbd298a84ab68b443afcad6adac4004
content-type
text/html
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1917759393972564243
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1917759393972564243
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1917759393972564243
Date
Sun, 21 Aug 2022 09:22:11 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=f7e58d47-f487-435b-8128-b9bff81fc66b
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=f7e58d47-f487-435b-8128-b9bff81fc66b
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-20
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=f7e58d47-f487-435b-8128-b9bff81fc66b
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 93DE
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F89%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D39fcf0e9-8d6a-4a8f-a40a-f2578cbea260%26bidder%3Dappnexus%26cbx%3Da...
  • https://prebid.a-mo.net/cchain/0/89?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=39fcf0e9-8d6a-4a8f-a40a-f2578cbea260&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&ui...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F89%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D39fcf0e9-8d6a-4a8f-a40a-f2578cbea260%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F89%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D39fcf0e9-8d6a-4a8f-a40a-f2578cbea260%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date
Sun, 21 Aug 2022 09:22:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
date
Sun, 21 Aug 2022 09:22:10 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3Dhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D346%2526uid%253Dua-749c...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=c4d3025e-e3c4-45fc-b549-55f08a384ada&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3Dua-749c1111-eb65-3456-a62e-bfc9b5f8a859
  • https://ads.servenobid.com/sync?pid=346&uid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 93DE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
date
Sun, 21 Aug 2022 09:22:10 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame 901A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1TDPHKSAMMPRTD82BXR8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SRK4PXFAVSJ41BACV6Q2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 901A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&expiration=1663665730&gdpr=0&gdpr_consent=
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&expiration=1663665730&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d801ff95aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jrIGqqPmhQ4SOFayc4PKVaWfzaosb4%2BXuvfCbg2ezAb7evbO3ia8pR%2FFW7xUhn1Ow%2BhBeq1NK6xAnznF%2BqpEYdHB3xVPHxcgesQTerFiMpBiNyO6CJbNhufhGZ%2B8seW4s0fOTP2577%2B5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&expiration=1663665730&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 901A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_cver=1
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d809a0d5aa0-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUxGpVJv2Db19P4UVkokeEtaLrxNvz2uhB11S%2B51akBSCtgXbTp%2BLSLO0d4vk6wdpDlsCuG5xL7dZtV0W%2FUksj6CbC8sa734fsHPCo9yn3mh6%2Fbwv2bt3I%2FczummWZRb8o20wuKo1lIRPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK0denh9k0CfpNtLFpznJi0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 901A 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.147.141 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-147-141.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
demconf.jpg
dpm.demdex.net/ Frame 901A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v035-017890579.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0KOGIxMZTRM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v035-0f82fb68b.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3a9WjW9wSAE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 901A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.77.147.141 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-147-141.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
date
Sun, 21 Aug 2022 09:22:10 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 901A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1ef66301-f940-4b00-ac3f-b249d156aa03
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1ef66301-f940-4b00-ac3f-b249d156aa03
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d80b9505aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yD7TUYvhVdY3Tft1bpEb%2BFK4XaqGfIsfOPthYf7oUL%2BgFjM8ngrKXpfDF%2FclmFL7y8EQIyYNx6wfDUmBeoQ9Dv8YWOojPyTmfJIyvFT9aUFe8XQp68TuMMrWHSNO1EYnlXTZ%2FB4uyI11xg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sun, 21 Aug 2022 09:22:10 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1ef66301-f940-4b00-ac3f-b249d156aa03
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Aug 2022 09:22:09 GMT
rum
dsum-sec.casalemedia.com/ Frame 901A
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=90666d9d-421a-4c81-abaa-d1ed419e945a&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=90666d9d-421a-4c81-abaa-d1ed419e945a&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d82edec5aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bN5Kn65%2BLzwW%2B3coHIfXCPKmHS97PJazg5elT30Dd%2Brw2nmE5UcIIlMlY7dfmJCPRyWOuS8iZW0YgvTZt5Ms9AsqsQi8CmYNFTUPFMF0F8%2BJdJecU7Osj5nDkzWzxH0w2cJ5uZALfbt4Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=90666d9d-421a-4c81-abaa-d1ed419e945a&us_privacy=null&gdpr_consent=null&gdpr=null
cf-ray
73e24d809bf2df85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 901A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YwH5P6jl3HQWy3adPjXdYgAA%26887
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cf-cache-status
HIT
age
243
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73e24d80afb9fe8d-MEL
expires
Sun, 21 Aug 2022 13:22:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 869F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=3639896759784101&bg=!m5ilmNzNAAYUOm8VNDo7ACkAdvg8WqRSemrfW4CUd4FdHlxSz2N56ZkvVwgp2fMT2EKhxm7eKQsjoAIAAAB6UgAAAAJoAQcKAJ6QnL2ipI0Kbu93skVaaTkkfvd-Kx53Gperr6g1xeo6U2clkmTAMf2A_BTuqrDaPN4whEelp_JKap42C1GQhFXSxsSxnmFJi2FH9EBSHKOPR2tZr8K3DM2A-EJvEtSNQ-WrOzrOMwmQKH7tdvruPncsIqm4vv0-lElQkpdcuojr1cnNrxKo4A-jPyEudrLeTmWMBCqZbmhsT3QknTY9ppkCwKRoRqvc-Avi1_KK-fA6QnehKX3oJMN1We8sCg7C1YJrS8CyG_m9PIuatOZlOZfMNLK1g0GfdPIZJdTtS2eZGux-QLmg1e9TU4zMc8NOwiS158i9FdZ3vVdTRg4a3Dmp4LCgEhMAb9uP5Lv3Pa2xjBhuTrG4IDMTwKUD6LLRwWP59EkHjzbR0R6RZJfvKgouuEisZ9v1dueI-AKgRBGGjRQuoDbHlNihYUOiho03Yh_YWIn9ilMvbcQvsWZ7SBfM03rDyZEC64r9ej1xsrEo2EHScmY9PU-iB6QTQn5H8BV3jOd8D1dY25yUxZ__UAxo33rG4zmJXshBpe9HPxCZQBYRnM5dDkagzLi4jXQ615wQ2wj4LUjyFezJQsBGFT4iEMZ-2zsz8Qn-Pb0KEK5Rpyoc5-2VPAWxecIZE6Bndyx4T-d9jXBJojdlr6AGtLSsDFRh53p_IJ9l7GNAWKjOiY1tmNluMRT_32MdBKEtdO3PmSxgqE0sJ-LBd2pWkYZz7cfJ-LnDaGJ-4add9AwQHzbLNgv7A1Ot--r7xGfmtHmXeRIvnIBNFo6AMdfV811TrgZYBWc6UjcVUFz2cPVXWFfIC2l1CdBt1-u2rwV483X7hoWuyymtuibfp-ctfTx-XGf0er68vYtupbbvuSIU6XrrMe64jOXaV4hEjrZ7rJuvF76mANLuD4-zkiWBoFUdiEXZ1slInNJlySsuY1n_9ljwvenyKxwsYxoqJjaUNIcrHmpbsnjJ-c2DJZJiFhwKEw3n-gdj-atfrNB_A7bf1HxpEzopHwyfoHZeiVn024g7tsU2t1yqxOGpxSqxRWgXGdyw3l2pgUzMnY2uViHj2kde1YDJ-VO0s_ik0ved5ZeKUpUDcHNskqvRPUXReykGcocf34kffaKX_vd-pQRP2HwDQZ4T5c19O7I36-ZxNJUU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 79E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=2089749623384575&bg=!HR6lHlrNAAYUOm8VNDo7ACkAdvg8WoaEK89IUiuDHXNiLQ9Ha90OjfwV61Ci6geks3OuGqm-E4gKkQIAAACCUgAAAARoAQeZAqcjye0l59nCKKVADuCJn3jbQStWQURUFdpsmI2WcFyYVfdv8J_SgiaET6FJT1M6imXHzIQ3FN8hmDPc8-ryOgI-_YwNNtn7yRAwT93UviyYfKZRmPqRVDZhZx0SrJMk8eD3h-B489uThgJkXz1deOo_SxlpYAyFuVKXENd-Bx9_tqFl2kSlCj0Ly8u6R9FpFJeVnnZeXXr4Hpe0cpAGidHv8Srng8dwQDCabcOZmTDgTquJ2H5k0kVWEEZbDgkcLzyeuO2-EFG7y9Gj_BJ6OQdRrFLXfX5V-Tp_YhzlfFL4Y9Xhu2T2Gy4wEd_Fiut7mqLZiVu5PbqPYzaGZdE83lmPNpVLsWwUFAA0eL3feWkAyKrlr92I6W2YNbYcXpQD_Vw8f5RMX9YvvQeowluIpvawR6BfUs9mftei-yIAW2fc0RDghDfTmo7eWXqcS6M-0cjPjPpaP-y4oyVt21own1tYovOszS634bBYB8RN13MfGoPFTeDzzVpVoKgIMyl3q4lbv9tOiCcvKTGUdsEZzUSpQn68Zg3a9-F6I8_WCQVyE5BFyc7MjnjtSxHu-WnFCEbmOqpfOWBmkqWTVeCvYv9QmEAy7nsSxn-_9lcLeCFiuBGyHPlBtevqU2zSG2TJ4Wa43KcjSu5B7bv2FHFFacLV6aDHasU6a3-QBIbU53GVmgFwRjMZQOCPMiLbWFf8WOsFRaN476nzmyFj52w-1KikU64qmUpTKRk_RrbQsMlhpnotGH_I4vtr9Rri-PZ_ziPjE05ZcSVyhXeJMVBvwfT8jh9XBT4XH8BYjsGHYvjEwtMQ8N804SdVbewfu7sMOnSg1fszOiSvbdbfoZfmwgX8l0GMz8ZZ0pISUk4DCSeFqNrrkZgf4RDwZkWjHEBJL24p1AfsLnJD
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 7E23
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7685986172581752304
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7685986172581752304
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d84fa785aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiWEE2nM8OthrYUCPD95%2B3MU6iUPVNDS7avXgXH5MpYWbeoj5aHxYrMrCTuyO6CG6as3MVKCv1W90KOsc0Ng5QMkGtIm9Xo3d6Yzrl%2BA8oVrfDjQGJTWNVVSNxuhwehqy5yBUtLvRJldHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
35f6f666-ca4a-40fe-a640-7b20f3668b7c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7685986172581752304
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7E23
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YwH5QwAIBi9DtAAK
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwH5QwAIBi9DtAAK&_test=YwH5QwAIBi9DtAAK
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwH5QwAIBi9DtAAK&_test=YwH5QwAIBi9DtAAK
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d84ea675aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXM%2Fhlrq7mnV8nIS3RO8hnHqD89ijGurZK%2FKpb7ARcy0orkndol9UWBFaiwf6YZESaC90slWO79w482rm4N6oHhV%2Bk9Y7Tv%2B8YkC5%2FEo2iogRWWnFDdPpckWnBfwXcr%2F%2Bwd5Li1YDVB0Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661073731.249501,VS0,VE0
x-served-by
cache-bne12522-BNE
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwH5QwAIBi9DtAAK&_test=YwH5QwAIBi9DtAAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 7E23
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3418254032047919557
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3418254032047919557
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d81ebe05aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGGkKlWv4BGaUM%2F1VlmCCOuhzYunysMgZZ6ecm5VURcRwHKf1GbL0SkOn4U3S%2BifRp52GL3x3FXowcckw1L%2B6YwLa0d6oJnxFVlMQ%2Bg6frkqGN%2BVkFjSxIjlo6TG8NB4cgHJJzTeGRRgRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3418254032047919557
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7E23
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHtkE7GA_MAABCb-k8k5Q&expiration=1662283331
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHtkE7GA_MAABCb-k8k5Q&expiration=1662283331
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d877fa85aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiMIhRsalI6kEMybrMQFa9wNetJ5%2BGLnhpbGRY53gYMR%2FMmpyYT%2BxGTBedxQ2Ve1od3Z6I7oNLeJE3ItqvTgV%2BfXL5SRNgkwexILqjza2XM559TdQRHJp98mR0FdHNSlC%2BJcDegx2G0R6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHtkE7GA_MAABCb-k8k5Q&expiration=1662283331
Date
Sun, 21 Aug 2022 09:22:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 7E23
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=3fca4e58-0e5e-47c6-9efe-80e9baadbaf0&expiration=1692609731
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=3fca4e58-0e5e-47c6-9efe-80e9baadbaf0&expiration=1692609731
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d870eda5aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITd%2FU0tU5IlKOJs%2BVEaIct%2F%2FuOluayyfY%2BYPqMVq5MuHu1SDUcEikmuL3uXPkR0DaL%2BjyAZwbti3e6bsTbKCSVqp85YlNJ0DVWHSXWWItbnvKxrEClSl9ifjWjYaTfl6CSueGoNP5VcRjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=3fca4e58-0e5e-47c6-9efe-80e9baadbaf0&expiration=1692609731
date
Sun, 21 Aug 2022 09:22:11 GMT
server
Kestrel
content-length
0
demconf.jpg
dpm.demdex.net/ Frame 7E23
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v035-02f37e358.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
AIcrqYV6S2Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v035-088966c3f.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
k+SIW2rOSsg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwH5P6jl3HQWy3adPjXdYgAA%26887
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum.casalemedia.com/ Frame 7E23
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=YwH5QMCo8YUAAOViAlAAAAAA&expires=30&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5b3e17a5-92e0-4399-9d31-33cf70c1789e
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5b3e17a5-92e0-4399-9d31-33cf70c1789e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d85cd7e5a8b-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4umF799BOhIquumsjz4t7%2BMcqjt32qz7RsfFuUbUshNxOHVXAhHp7IzXZvXWhW%2FfY4Jae%2F%2FpfCSJUxKPFQY1kHrM0iBwf%2BrjMaZBw3tbP2T7UPz%2FEhAnvvln%2BP7LrcyJv%2BiZ7tS"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5b3e17a5-92e0-4399-9d31-33cf70c1789e
Date
Sun, 21 Aug 2022 09:22:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7E23
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3582f438-f2f0-4cbd-b57f-2ed5d6e5268d&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3582f438-f2f0-4cbd-b57f-2ed5d6e5268d&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73e24d831e3d5aac-MEL
pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOGksjQY4sRtjzw5lW%2BAlCSgA1Y7UgCmNF12HBtpMFnXuMGB9TALYp05Jt0u2yEAUhhIDEsy3GCwSr8qYhyrLvHxP%2BUJ9YimjOo5Tc3LvwUKozOv06X3t2L3tW6rF1NG%2Fso4aTa0BTAGDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 21 Aug 2022 09:22:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3582f438-f2f0-4cbd-b57f-2ed5d6e5268d&us_privacy=null&gdpr_consent=null&gdpr=null
cf-ray
73e24d80ac07df85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
sync
ads.servenobid.com/ Frame 7E23 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7EB8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1rR-8NnT_8OqHiKLbA09w54DpQtq71g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1rR-8NnT_8OqHiKLbA09w54DpQtq71g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgr-1rR-8NnT_8OqHiKLbA09w54DpQtq71g
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 7EB8 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 7EB8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 21 Aug 2022 09:22:10 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Aug 2022 09:22:09 GMT
/
onetag-sys.com/match/ Frame 7EB8
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=L734EPFT-1K-M6X4&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=L734EPFT-1K-M6X4&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://onetag-sys.com/match/?int_id=2&uid=L734EPFT-1K-M6X4&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
/
onetag-sys.com/match/ Frame 7EB8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7685986172581752304
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7685986172581752304
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:10 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
be8688de-638b-4855-ae58-7e391898452f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7685986172581752304
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7EB8 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=el3vdkUyYKMTzK2MpbORVdwb8qO8ZxDEWGwcEY5MdsI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 7EB8
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6214874680473096912
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6214874680473096912
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6214874680473096912
date
Sun, 21 Aug 2022 09:22:10 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7EB8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WBDUFU0IA20muqRd7rOWE-iM-y__3M-h1yU5a__H_rM
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WBDUFU0IA20muqRd7rOWE-iM-y__3M-h1yU5a__H_rM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MF5NRM5CZC5QP7HZWZ4B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WBDUFU0IA20muqRd7rOWE-iM-y__3M-h1yU5a__H_rM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 7EB8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FBQjY4RkItRkJGOS00QzlBLUIzQ0QtRjlFNDBEMjFBQTM4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
date
Sun, 21 Aug 2022 09:22:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 7EB8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
date
Sun, 21 Aug 2022 09:22:10 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 7EB8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
/
onetag-sys.com/match/ Frame 7EB8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5b3e17a5-92e0-4399-9d31-33cf70c1789e&ssp=onetag&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10529838142102681692&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10529838142102681692&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dacf31c4-42ff-498d-bd87-3afb89966d1e&ssp=onetag&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10529838142102681692&ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=231983304250167149851&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10529838142102681692&ssp=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=30&uid=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=0&gdpr_consent=&us_privacy=
Date
Sun, 21 Aug 2022 09:22:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 7EB8 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=el3vdkUyYKMTzK2MpbORVdwb8qO8ZxDEWGwcEY5MdsI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F93B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43610&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
655529424911b8254cecc74a8c3211f95dc2240d8d6b1c1c96e92093e53e75bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame A5C8 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1893933702894523039&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
711890.gif
id.rlcdn.com/ Frame A5C8 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:11 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
rtb-csync.smartadserver.com/redir/ Frame A5C8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YwH5QwABSV2MnABN&gdpr=0&gdpr_consent=&_test=YwH5QwABSV2MnABN
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YwH5QwABSV2MnABN&gdpr=0&gdpr_consent=&_test=YwH5QwABSV2MnABN
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661073731.324574,VS0,VE0
x-served-by
cache-bne12522-BNE
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YwH5QwABSV2MnABN&gdpr=0&gdpr_consent=&_test=YwH5QwABSV2MnABN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
ps.eyeota.net/match/bounce/ Frame A5C8
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOyrXOb2lRi1tBs1MWuAnvtV-Ux37agxKfuwVO4g&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=1893933702894523039&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/7/3.gif?puid=7685986172581752304&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOyrXOb2lRi1tBs1MWuAnvtV-Ux37agxKfuwVO4g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/102/3/6/4.gif?puid=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttl=%%TTL%%
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGfBe9ow4FhQJTNOM6aHKGA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7685986172581752304&opid=apx&ops=&utidl=tech:goo:CAESEGfBe9ow4FhQJTNOM6aHKGA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A28829868969&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAHtkE7GA_MAABCb-k8k5Q
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
0
0
/
rtb-csync.smartadserver.com/redir/ Frame A5C8
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=c73adda
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=c73adda
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sun, 21 Aug 2022 09:22:11 GMT
via
1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=c73adda
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
3NKKrGcAuyT5X730UfPCi2nlZzRkBFJmS7E2kju3aHM2kGpSGDvnNQ==
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7685986172581752304
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7685986172581752304
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
30edf7d8-bbbf-4d69-9563-0bd7bbd7df4e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=7685986172581752304
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=5b3e17a5-92e0-4399-9d31-33cf70c1789e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=5b3e17a5-92e0-4399-9d31-33cf70c1789e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=222a8f68-4816-43d8-8341-dd155b04d2a5&user_group=1&ssp=gumgum2&bsw_param=5b3e17a5-92e0-4399-9d31-33cf70c1789e
  • https://usersync.gumgum.com/usersync?b=bsw&i=5b3e17a5-92e0-4399-9d31-33cf70c1789e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=5b3e17a5-92e0-4399-9d31-33cf70c1789e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=5b3e17a5-92e0-4399-9d31-33cf70c1789e
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame EFFA
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e&obuid=ENC(i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3Di_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLx...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=456c2256-b84a-4193-8b48-6957e9dc86dc&obUid=i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=456c2256-b84a-4193-8b48-6957e9dc86dc&obUid=i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
66.225.223.95 , United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:18 GMT
Cache-Control
no-cache
X-TraceId
f685cc4eeb0fc8cd4dfa3f41dedea1d8
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=456c2256-b84a-4193-8b48-6957e9dc86dc&obUid=i_sToifPb3IhG7gDHhRBRJCVEXiLwhPIxRbLxvaU4jlnIUP6OuQw0mb608A4noA0
date
Sun, 21 Aug 2022 09:22:18 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=132ea0f6-e432-44c9-b720-1df1f3f12de7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=132ea0f6-e432-44c9-b720-1df1f3f12de7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sun, 21 Aug 2022 09:22:11 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=132ea0f6-e432-44c9-b720-1df1f3f12de7
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-635ada6b-2e87-444c-690a-f6779923511b$ip$103.209.254.5
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-635ada6b-2e87-444c-690a-f6779923511b$ip$103.209.254.5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-635ada6b-2e87-444c-690a-f6779923511b$ip$103.209.254.5
Date
Sun, 21 Aug 2022 09:22:11 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5FAVWCBE2pf46s0z9skhaDbNaUu9XM.esAUy~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5FAVWCBE2pf46s0z9skhaDbNaUu9XM.esAUy~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sun, 21 Aug 2022 09:22:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5FAVWCBE2pf46s0z9skhaDbNaUu9XM.esAUy~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=03ac70cd-a13c-4652-9437-75cc783e5575
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=03ac70cd-a13c-4652-9437-75cc783e5575
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=03ac70cd-a13c-4652-9437-75cc783e5575
Date
Sun, 21 Aug 2022 09:22:12 GMT
X-CI-RTID
944cd764-d2d9-4e0d-84e1-d795ebb66122
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame EFFA 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.148.45.191 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
766631601
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame EFFA 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=hh-XwatS-qAYScs12pxc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22DIFVMHOYLUKMWXCQKZKNRXGMJSOB4GG...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=hh-XwatS-qAYScs12pxc&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=hh-XwatS-qAYScs12pxc&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=hh-XwatS-qAYScs12pxc&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=456c2256-b84a-4193-8b48-6957e9dc86dc
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=456c2256-b84a-4193-8b48-6957e9dc86dc
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=456c2256-b84a-4193-8b48-6957e9dc86dc
date
Sun, 21 Aug 2022 09:22:11 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1661073731414
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1878904262
  • https://sync.1rx.io/usersync/tradedesk/7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
  • https://sync.targeting.unrulymedia.com/csync/RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
date
Sun, 21 Aug 2022 09:22:13 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf8cecbd298a84ab68b443afcad6adac4004
content-type
text/html
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=xKjJLpkxNiQz&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=xKjJLpkxNiQz&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://usersync.gumgum.com/usersync?b=pln&i=xKjJLpkxNiQz&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d98db7788-9zgc2
expires
-1
usersync
usersync.gumgum.com/ Frame EFFA
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1893933702894523039
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1893933702894523039
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1893933702894523039
date
Sun, 21 Aug 2022 09:22:11 GMT
content-length
0
sync
ads.servenobid.com/ Frame EFFA 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame ADC3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:11 GMT
Expires
Sun, 21 Aug 2022 09:22:10 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master nrt-pixel-x2 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame B9DA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YwH5QwAIBSOJIgBC
  • https://usersync.gumgum.com/usersync?b=atm&i=YwH5QwAIBSOJIgBC&gdpr=0&gdpr_consent=&_test=YwH5QwAIBSOJIgBC
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YwH5QwAIBSOJIgBC&gdpr=0&gdpr_consent=&_test=YwH5QwAIBSOJIgBC
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 21 Aug 2022 09:22:11 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YwH5QwAIBSOJIgBC&gdpr=0&gdpr_consent=&_test=YwH5QwAIBSOJIgBC
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-bne12522-BNE
x-timer
S1661073731.428076,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 8D7E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9mMWY5MGU1MS0yNjUwLTRjZmQtOTE5Zi1jMTliYjllYWNhNGU=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8770 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101319
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:22:11 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 13:30:50 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 3C18
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sun, 21 Aug 2022 09:22:11 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame 0376 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.112.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-112-134.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 21 Aug 2022 09:22:11 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame B324
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YwH5QMCo8YUAAOViAlAAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YwH5QMCo8YUAAOViAlAAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 21 Aug 2022 09:22:11 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YwH5QMCo8YUAAOViAlAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
9
X-SO-Cluster-ID
21
X-SO-HostName
a-ad40195.dc2p.scaleout.jp
X-SO-IP
103.209.254.5
X-SO-Key
YwH5QMCo8YUAAOViAlAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":21,"gdpr":false,"ipv4":"103.209.254.5","key":"YwH5QMCo8YUAAOViAlAAAAAA","privacy_sensitive":false,"uid":"YwH5QMCo8YUAAOViAlAAAAAA","upstream_id":"a-ad40195"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-UID
YwH5QMCo8YUAAOViAlAAAAAA
X-SO-Upstream-ID
a-ad40195
usersync
usersync.gumgum.com/ Frame 48CC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=YwH5P6jl3HQWy3adPjXdYgAA%26887
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=YwH5P6jl3HQWy3adPjXdYgAA%26887
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e24d834f725aa0-MEL
content-length
0
date
Sun, 21 Aug 2022 09:22:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=YwH5P6jl3HQWy3adPjXdYgAA%26887
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymJGTd%2F%2BRxKkf9eFR8VUJ16IemlNWjV36hhK16KJ%2BlR5ub8b9OCAha839wWRXbxGrQLw%2BlT%2BPPvIyNcOTomYQNhzUlNJe6uX49OckOlg8q1heOBB42Saq6LFcK9sj4EYdq3NDXndf7T9HA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 5144
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=dRofJNyj00kklMRai5ve&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=dRofJNyj00kklMRai5ve&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 21 Aug 2022 09:22:12 GMT Sun, 21 Aug 2022 09:22:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=dRofJNyj00kklMRai5ve&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame DDAE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:22:11 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Aug 2022 09:22:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 1C2B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:22:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80645
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Mon, 22 Aug 2022 07:46:16 GMT
async_usersync
ib.adnxs.com/ Frame 7E9D 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:11 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a25db7d-a702-4094-85fd-a2538f6c5c3c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 1C2B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L734EPFT-1K-M6X4
  • https://ads.servenobid.com/sync?pid=323&uid=L734EPFT-1K-M6X4
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L734EPFT-1K-M6X4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.servenobid.com/sync?pid=323&uid=L734EPFT-1K-M6X4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
match
c1.adform.net/serving/cookie/ Frame 7FA6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 21 Aug 2022 09:22:12 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 21 Aug 2022 09:22:11 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
SPug
image4.pubmatic.com/AdServer/ Frame 3A6D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1ef66301-f940-4b00-ac3f-b249d156aa03&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Sun, 21 Aug 2022 09:22:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

age
0
content-length
0
date
Sun, 21 Aug 2022 09:22:12 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
SPug
image4.pubmatic.com/AdServer/ Frame 483E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwH5QwAIBSOJIgBC&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Sun, 21 Aug 2022 09:22:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

age
0
content-length
0
date
Sun, 21 Aug 2022 09:22:12 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
setuid
x.yieldlift.com/ Frame E7FE 		0
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.20.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-20-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F93B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rh_HmyT-TQWd90sBQ1-uOA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=101319
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 22 Aug 2022 13:30:50 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame F93B
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6e2b1bd1382c36b58d514944c9cba286f324b36f0537ca206b5592a24ed74884791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2ZTJiMWJkMTM4MmMzNmI1OGQ1MTQ5NDRjOWNiYTI4NmYzMjRiMzZmMDUzN2NhMjA2YjU1OTJhMjRlZDc0ODg0NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2ZTJiMWJkMTM4MmMzNmI1OGQ1MTQ5NDRjOWNiYTI4NmYzMjRiMzZmMDUzN2NhMjA2YjU1OTJhMjRlZDc0ODg0NzkxNDI2YjU0MTdkY2UyMRAAGgwIw_KHmAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=51434540-3893-413d-8a6a-8ab6833a98fe
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=51434540-3893-413d-8a6a-8ab6833a98fe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:22:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=51434540-3893-413d-8a6a-8ab6833a98fe
date
Sun, 21 Aug 2022 09:22:12 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame F93B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ef66301-f940-4b00-ac3f-b249d156aa03
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ef66301-f940-4b00-ac3f-b249d156aa03
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 21 Aug 2022 09:22:11 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x20 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ef66301-f940-4b00-ac3f-b249d156aa03
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Aug 2022 09:22:10 GMT
/
onetag-sys.com/match/ Frame F93B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDYxRkM3OUItMjRGRS00RDA1LTlERjctNEIwMTQzNUZBRTM4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
date
Sun, 21 Aug 2022 09:22:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame F93B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMUzImp6vMmt55gFszjFnsw&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
date
Sun, 21 Aug 2022 09:22:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame F93B
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CF7483954E1940709E69873CC72091EC
42 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CF7483954E1940709E69873CC72091EC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 21 Aug 2022 09:22:11 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CF7483954E1940709E69873CC72091EC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Aug 2022 09:22:11 GMT
461FC79B-24FE-4D05-9DF7-4B01435FAE38
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F93B 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/461FC79B-24FE-4D05-9DF7-4B01435FAE38?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.147.141 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-147-141.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame F93B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nN9b629E2uXwfvKt0oyvEpxq0T40s10-~A&gdpr=0&gdpr_consent=
date
Sun, 21 Aug 2022 09:22:12 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame F93B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7685986172581752304&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
date
Sun, 21 Aug 2022 09:22:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame F93B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=E8VZbkPPWjsIklFtR8dEZxfAWDoIx1prE5d2HxgL
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=461FC79B-24FE-4D05-9DF7-4B01435FAE38
date
Sun, 21 Aug 2022 09:22:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame F93B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c1f3ab44-b55a-43a0-bc86-e25039be30dc&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=&gdpr_consent=&gdpr_pd=
1 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5b3e17a5-92e0-4399-9d31-33cf70c1789e&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 21 Aug 2022 09:22:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame DDAE 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:11 GMT
content-encoding
gzip
last-modified
Wed, 17 Aug 2022 13:55:35 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=80645
content-type
text/html; charset=UTF-8
content-length
9441
expires
Mon, 22 Aug 2022 07:46:16 GMT
usersync
usersync.gumgum.com/ Frame DDAE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L734EPFT-1K-M6X4
  • https://usersync.gumgum.com/usersync?b=mag&i=L734EPFT-1K-M6X4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L734EPFT-1K-M6X4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:22:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L734EPFT-1K-M6X4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8h0&_p=8221&cid=1267558297.1661073726&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661073726&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&dt=%E7%89%B9%E6%96%AF%E6%8B%89%E5%89%B5%E8%BE%A6%E4%BA%BA%E9%A6%AC%E6%96%AF%E5%85%8B%E5%86%8D%E6%8E%80%E8%A9%B1%E9%A1%8C%E3%80%80%E7%99%BC%E6%96%87%E7%A8%B1%E5%B7%B2%E5%88%AA%E9%99%A4%E6%8E%A8%E7%89%B9%E5%B8%B3%E8%99%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F93B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 8770 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60314097&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cd3920c9a13d5bbcd08030f407e46843e8c43dadede59963f164369252fa1dc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:14 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame BD11 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:15 GMT
Pragma
no-cache
Server
nginx
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame ED67 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:22:13 GMT
expires
Sun, 21 Aug 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
742563
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 9047
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wraagdkjfj6
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Sun, 21 Aug 2022 09:22:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 21 Aug 2022 09:22:15 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame B4C5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:i5DgjOCl1OpH9R5&gdpr=0&gdpr_consent=
42 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:i5DgjOCl1OpH9R5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Aug 2022 09:22:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 21 Aug 2022 09:22:14 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:i5DgjOCl1OpH9R5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-04d2d43691b0ba1ae@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2397
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004&rndcb=8136756405
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5b3e17a5-92e0-4399-9d31-33cf70c1789e&google_hm=NWIzZTE3YTUtOTJlMC00Mzk5LTlkMzEtMzNjZjcwYzE3...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOtdzi83siBMmLYPm1VIdC8&google_cver=1&ssp=adconductor&bsw_param=5b3e17a5-92e0-4399-9d31-33cf70c1789e
  • https://sync.1rx.io/usersync/bidswitch/5b3e17a5-92e0-4399-9d31-33cf70c1789e?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Aug 2022 09:22:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sun, 21 Aug 2022 09:22:16 GMT
etag
RXf8cecbd298a84ab68b443afcad6adac4004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pxd
dps.jp.cinarra.com/ Frame E85E 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.41.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-41-24.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Sun, 21 Aug 2022 09:22:15 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame B194
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bea001d0-2132-11ed-80b9-9113a8cf3a64
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.120.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-120-195.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 21 Aug 2022 09:22:15 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

content-length
216
content-type
text/html; charset=utf-8
date
Sun, 21 Aug 2022 09:22:15 GMT
location
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 6583 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=461FC79B-24FE-4D05-9DF7-4B01435FAE38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 21 Aug 2022 09:22:14 GMT
Expires
0
Pragma
no-cache
info2
uipglob.semasio.net/pubmatic/1/ Frame 8770
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=461FC79B-24FE-4D05-9DF7-4B01435FAE38&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=461FC79B-24FE-4D05-9DF7-4B01435FAE38&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=461FC79B-24FE-4D05-9DF7-4B01435FAE38&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
119.9.108.191 Central, Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:14 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:14 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=461FC79B-24FE-4D05-9DF7-4B01435FAE38&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 8770
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.140.96.174 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-96-174.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.29.35
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.20.70
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 8770
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=461FC79B-24FE-4D05-9DF7-4B01435FAE38
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dacf31c4-42ff-498d-bd87-3afb89966d1e%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttd_puid=dacf31c4-42ff-498d-bd87-3afb89966d1e%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttd_puid=dacf31c4-42ff-498d-bd87-3afb89966d1e%2C
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:14 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&ttd_puid=dacf31c4-42ff-498d-bd87-3afb89966d1e%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
ImgSync
image8.pubmatic.com/AdServer/ Frame 8770
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1756822123006844034
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7685986172581752304
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:15 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 21 Aug 2022 09:22:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 8770
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3418254032047919557&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7685986172581752304
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:15 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 21 Aug 2022 09:22:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 8770
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=731f7eedf1ea1fff&is_secure=true&networkId=17100&version=1&nuid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALXg0q_j2TDgNeZwz4AAAAAAA&expiration=1661160135&nuid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALXg0q_j2TDgNeZwz4AAAAAAA&expiration=1661160135&nuid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALXg0q_j2TDgNeZwz4AAAAAAA&expiration=1661160135&nuid=461FC79B-24FE-4D05-9DF7-4B01435FAE38&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 8770 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:22:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dc_oe=ChMImK7Y683X-QIVT82PCh2OiQjCEAAYACDVrdpRQhMIvaSk683X-QIVZY_mCh2RNg8w;met=1;&timestamp=1661073739132;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B610 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImK7Y683X-QIVT82PCh2OiQjCEAAYACDVrdpRQhMIvaSk683X-QIVZY_mCh2RNg8w;met=1;&timestamp=1661073739132;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI0Y7Z683X-QIVAjmPCh2Cyge9EAAYACDcht1RQhMIvqSk683X-QIVZY_mCh2RNg8w;met=1;&timestamp=1661073739133;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D21B 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0Y7Z683X-QIVAjmPCh2Cyge9EAAYACDcht1RQhMIvqSk683X-QIVZY_mCh2RNg8w;met=1;&timestamp=1661073739133;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMImK7Y683X-QIVT82PCh2OiQjCEAAYACDVrdpRQhMIvaSk683X-QIVZY_mCh2RNg8w;met=1;&timestamp=1661073749131;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame B610 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImK7Y683X-QIVT82PCh2OiQjCEAAYACDVrdpRQhMIvaSk683X-QIVZY_mCh2RNg8w;met=1;&timestamp=1661073749131;eid1=2;ecn1=0;etm1=10;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI0Y7Z683X-QIVAjmPCh2Cyge9EAAYACDcht1RQhMIvqSk683X-QIVZY_mCh2RNg8w;met=1;&timestamp=1661073749133;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame D21B 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0Y7Z683X-QIVAjmPCh2Cyge9EAAYACDcht1RQhMIvqSk683X-QIVZY_mCh2RNg8w;met=1;&timestamp=1661073749133;eid1=2;ecn1=0;etm1=10;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/te-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:22:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
e3.adpushup.com
URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Domain
e3.adpushup.com
URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjEwNzM3MjQzNjgsInBhY2tldElkIjoiMDAwMEE3MDEtYjRjMjkwNWQtYmIwNy00YmMxLWI3YjMtNGQyMzUyNmJhNDE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RlLXNpLWxhLWNodWFuZy1iYW4tcmVuLW1hLXNpLWtlLXphaS14aWFuLWh1YS10aS1mYS13ZW4tY2hlbmcteWktc2hhbi1jaHUtdHVpLXRlLXpoYW5nLWhhby5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Domain
e3.adpushup.com
URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjEwNzM3MjQzNjksInBhY2tldElkIjoiMDAwMEE3MDEtYjRjMjkwNWQtYmIwNy00YmMxLWI3YjMtNGQyMzUyNmJhNDE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RlLXNpLWxhLWNodWFuZy1iYW4tcmVuLW1hLXNpLWtlLXphaS14aWFuLWh1YS10aS1mYS13ZW4tY2hlbmcteWktc2hhbi1jaHUtdHVpLXRlLXpoYW5nLWhhby5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Domain
e3.adpushup.com
URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEwNzM3MjQzNjksInBhY2tldElkIjoiMDAwMEE3MDEtYjRjMjkwNWQtYmIwNy00YmMxLWI3YjMtNGQyMzUyNmJhNDE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RlLXNpLWxhLWNodWFuZy1iYW4tcmVuLW1hLXNpLWtlLXphaS14aWFuLWh1YS10aS1mYS13ZW4tY2hlbmcteWktc2hhbi1jaHUtdHVpLXRlLXpoYW5nLWhhby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Domain
e3.adpushup.com
URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEwNzM3MjQzNzQsInBhY2tldElkIjoiMDAwMEE3MDEtYjRjMjkwNWQtYmIwNy00YmMxLWI3YjMtNGQyMzUyNmJhNDE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RlLXNpLWxhLWNodWFuZy1iYW4tcmVuLW1hLXNpLWtlLXphaS14aWFuLWh1YS10aS1mYS13ZW4tY2hlbmcteWktc2hhbi1jaHUtdHVpLXRlLXpoYW5nLWhhby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Domain
e3.adpushup.com
URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEwNzM3MjQzNzYsInBhY2tldElkIjoiMDAwMEE3MDEtYjRjMjkwNWQtYmIwNy00YmMxLWI3YjMtNGQyMzUyNmJhNDE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RlLXNpLWxhLWNodWFuZy1iYW4tcmVuLW1hLXNpLWtlLXphaS14aWFuLWh1YS10aS1mYS13ZW4tY2hlbmcteWktc2hhbi1jaHUtdHVpLXRlLXpoYW5nLWhhby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
ad.audience73.com
URL
https://ad.audience73.com/adx_sync?google_gid=CAESEI-MqI8ja7-4PL08KT_ilzg&google_cver=1&google_push=AehlK4DfF9KYGMW_bWIgmkhVsE2eLEiJAU4aulpavNgv-Nrvp7CYRrrzJBzEbby20AIxEuTKSJHPYWApOHmETv8jF0I6k6tS3yRwC1fe1l5GpYsYo0LLwm44Y0KvSGki39XFpojfkXmx1kyv
Domain
ps.eyeota.net
URL
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| ucf object| request string| paramsString object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| adRecover number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery string| currentState function| jqAlias object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| listeningFors number| 3pla object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| descriptionPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_127 object| Criteo_prebid_127

202 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ5NLW_aswCgoIgQIQ5NLW_aswCgoI4gEQ5NLW_aswCgoI5gEQ5NLW_aswCgoIhwIQ5NLW_aswCgkICRDk0tb9qzAKCQg6EOTS1v2rMAoJCAsQ5NLW_aswCgoIjAIQ5NLW_aswCgkIXxDk0tb9qzA=
.aralego.com/ Name: sspid
Value: 3da8f625-a9c4-3539-8f91-b48c939b24e5
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: b80b062c-eb1f-4d8b-9afd-722c7b5653d8
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 37bf3bdf-65a0-4368-8a8d-c5f45f861f5c
.bg3.co/ Name: __gpi
Value: UID=000008d5c52495a3:T=1661073724:RT=1661073724:S=ALNI_MbsFIIzU854OQ649Yw15iZ9QhwnvQ
.openx.net/ Name: i
Value: 37bf3bdf-65a0-4368-8a8d-c5f45f861f5c|1661073724
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwvfKHmAY4AUABSAEQvfKHmAYYAA..
.adnxs.com/ Name: uuid2
Value: 7685986172581752304
.teads.tv/ Name: tt_viewer
Value: e5478b69-c55c-42cd-83a1-d339e1f2376e
.prebid.a-mo.net/ Name: __amc
Value: 1_1661073725_1661073725
.a-mo.net/ Name: amuid2
Value: 39fcf0e9-8d6a-4a8f-a40a-f2578cbea260
.prebid.a-mo.net/ Name: sd_amuid2
Value: 39fcf0e9-8d6a-4a8f-a40a-f2578cbea260
www.bg3.co/ Name: cto_bidid
Value: DrC2wF9lenFNN2FnT3AxJTJCc1B0SnROSjA5eUIxdmMxZ1doUVUzT2hhOW5PN2Q0aTElMkZDRTVNYWpTNkdseDZteW1QeEpTOVd3JTJCYWp1JTJGJTJGR1p3STJDOVVYaE1rUlElM0QlM0Q
www.bg3.co/ Name: cto_bundle
Value: K3zLQl84YU5TRHdYZyUyRkpKdVpzZWJhTWEzbGtTdCUyQmlkaWlFbFkyemRDZzQ3STJoWFgxMWt6Y29JeElZc1RndGt5a3ZCM1RrVTgxNWJhVkQyaTRwNEpIVmpJQTlHJTJCQjhIOWVUT1hRJTJCYlhVZTlhdSUyQmclM0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUmvseLb8gZXSR4QbUM0ZR21XEVdjPuWluuW-1t6TRvN6Dk8UEkAaApJWDf82bI
.rubiconproject.com/ Name: khaos
Value: L734EPFT-1K-M6X4
.quantserve.com/ Name: mc
Value: 6301f93d-d82b1-8261e-1346a
.bg3.co/ Name: __qca
Value: P0-176178162-1661073725705
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1661073726.1.0.1661073726.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1267558297.1661073726
.bg3.co/ Name: __gads
Value: ID=90023be74548c829:T=1661073724:S=ALNI_MZ26cw_Lo8XGpEA8toBMNbaXr6CkQ
.casalemedia.com/ Name: CMPS
Value: 887
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2InA<hNz=!@wnfH8K6pQK`!5=E<*L5?%Ln6<L8=fzm492aemx3]-:Pl!MZzAcd=0u+1__%nugO%v4VB%noU[*>oNK
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d2ff6dca-a008-434b-8965-d75b803d1ef2"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2359:u=1:x=1:i=1661073727:t=1661160127:v=2:sig=AQFOXBMt8Ik9_d8EIKGom33_yYJQQH9F"
.sharethrough.com/ Name: stx_user_id
Value: 03e5f367-016e-45cf-9e87-cb3ea660e757
.media.net/ Name: visitor-id
Value: 3040753271530168000V10
.adsrvr.org/ Name: TDID
Value: 7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
.inmobi.com/ Name: idsp_c
Value: 5591a527-ea81-4388-8b38-2dec0e3f6d6a
.media.net/ Name: data-g
Value: CAESEK1WgSDhf9lojynpKcTu7BQ~~6
.casalemedia.com/ Name: CMID
Value: YwH5P6jl3HQWy3adPjXdYgAA
.casalemedia.com/ Name: CMPRO
Value: 887
.uncn.jp/ Name: t
Value: v_c650956d-6cd5-498a-8dd0-3ada2e37381e
.r-ad.ne.jp/ Name: r_ad_token
Value: 5059M800sBDGa007BmUN
.mathtag.com/ Name: uuid
Value: 1ef66301-f940-4b00-ac3f-b249d156aa03
.mathtag.com/ Name: mt_mop
Value: 4:1661073728
.media.net/ Name: data-ttd
Value: 7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a~~1
.yahoo.com/ Name: A3
Value: d=AQABBED5AWMCENhdxyr6RNKfBlGAzGjwNWQFEgEBAQFKA2MLYwAAAAAA_eMAAA&S=AQAAArEuFzd-z5z__q6NqHEurFM
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-635ada6b-2e87-444c-690a-f6779923511b.NhNu%2FCMopXyH70q7TCndRlJUHiL%2FxGbePR99lkCPons
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AY1raay6HRExpCvZ3mSNRG2fR_gU.x2cAOUX2bcKElaouFUnvPINwRZsIV8xox6AEzdZZRaM
.socdm.com/ Name: SOC
Value: YwH5QMCo8YUAAOViAlAAAAAA
.tribalfusion.com/ Name: ANON_ID
Value: aWnseFujieFo7YxU36x35NLYB0vS9PRXaEXqUmnGCv4fXZdYTnqIdsr9EDTB6F3fynVG4fP1jQhPtaAmdOKIu
.fout.jp/ Name: uid
Value: IhqAdOHnbtgMBQsgkljTHeVMrT4
.ad-m.asia/ Name: uid
Value: 12sTf9VlmvN
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A1908240396760235712
.uuidksinc.net/ Name: jcsuuid
Value: Vx8NT4cZdhpu4AbxdNvT
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%227fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-21T09%3A22%3A09%22%7D
.openx.net/ Name: pd
Value: v2|1661073729|jElYiuvOiahI
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A1908240396760235712
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYxMDczNzI5fQ
.3lift.com/ Name: tluid
Value: 442145460521826048405
.openx.net/ Name: univ_id
Value: 537072971|7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a|1661073729778638
.turn.com/ Name: uid
Value: 3418254032047919557
.bidswitch.net/ Name: tuuid
Value: 5b3e17a5-92e0-4399-9d31-33cf70c1789e
.bidswitch.net/ Name: c
Value: 1661073730
.bidswitch.net/ Name: tuuid_lu
Value: 1661073730
.linkedin.com/ Name: li_sugr
Value: df6a7ade-e186-45b8-9d30-d1c75021f4a3
.casalemedia.com/ Name: CMST
Value: YwH5QmMB+UIA
.bing.com/ Name: MUID
Value: 0F2A35AF999566461E8F27A89885679E
.c.bing.com/ Name: MR
Value: 0
.casalemedia.com/ Name: CMRUM3
Value: 036301f94205a0&336301f94205a00&da6301f9422760&276301f9420b40&e66301f9422760&086301f94205a00&2d6301f94005a0CAESEPQ_TUGTtQ8JV6PELJJJSxo&496301f94205a0&826301f942a8c0&2e6301f94205a0&046301f94205a0&186301f94205a0&586301f94205a0&ce6301f94205a0&f16301f94205a0
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.ladsp.com/ Name: cr
Value: 1
.servenobid.com/ Name: pid_339
Value: y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
.servenobid.com/ Name: pid_337
Value: y-9Wn1bzBE2uH.Z8ZrwkpUQb6k84863QUqUT0Ajzw-~A
.smartadserver.com/ Name: pid
Value: 1893933702894523039
.servenobid.com/ Name: pid_312
Value: 7685986172581752304
.ladsp.com/ Name: smn_uid
Value: HPvQax4mnYDgADr4m9kXFA7FrgiIQrs
.ladsp.com/ Name: lum
Value: CITa1v2rMBIFCAMQ0AU
.servenobid.com/ Name: pid_333
Value: YwH5P6jl3HQWy3adPjXdYgAAA3cAAAIB
.gumgum.com/ Name: vst
Value: a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e
.csync.loopme.me/ Name: viewer_token
Value: 3582f438-f2f0-4cbd-b57f-2ed5d6e5268d
.servenobid.com/ Name: pid_318
Value: el3vdkUyYKMTzK2MpbORVdwb8qO8ZxDEWGwcEY5MdsI
.adsymptotic.com/ Name: U
Value: c196330926a7ee2fb3d08c5188d440d1
.sportradarserving.com/ Name: zuuid
Value: c1f3ab44-b55a-43a0-bc86-e25039be30dc
.sportradarserving.com/ Name: c
Value: 1661073730
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
.servenobid.com/ Name: pid_317
Value: 1893933702894523039
.mookie1.com/ Name: id
Value: 10529838142102681692
.mookie1.com/ Name: mdata
Value: 1|10529838142102681692|1661073731173
.mookie1.com/ Name: ov
Value: 6ddf1a196f95fc5088c26c2f59a7c6be
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_309
Value: a_f1f90e51-2650-4cfd-919f-c19bb9eaca4e
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YwH5QwAIBSOJIgBC
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 461FC79B-24FE-4D05-9DF7-4B01435FAE38
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZoYG5sbmxoZG4AAPYr7XoQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTQGQnMjUzMTIxNjIT5DXRfzAMNs17IK1yDnKADfSVvbJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTQGQnMjUzMTIxNjIT5DXRfzAMNs17IK1yDnKADfSVvbJQAAAA
.smaato.net/ Name: SCM
Value: c73adda
.smaato.net/ Name: SCMsas
Value: c73adda
.zemanta.com/ Name: zuid
Value: hh-XwatS-qAYScs12pxc
.go.sonobi.com/ Name: __uis
Value: c4d3025e-e3c4-45fc-b549-55f08a384ada
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.sportradarserving.com/ Name: zuuid_lu
Value: 1661073731
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1661073731
.onetag-sys.com/ Name: OTP
Value: WBDUFU0IA20muqRd7rOWE-iM-y__3M-h1yU5a__H_rM
.quantserve.com/ Name: d
Value: EIoBDgH0JoEO-TA
.servenobid.com/ Name: pid_332
Value: f7e58d47-f487-435b-8128-b9bff81fc66b
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 3fca4e58-0e5e-47c6-9efe-80e9baadbaf0
beacon.lynx.cognitivlabs.com/ Name: ss
Value: rKPIJMwM1KMq9sTD3Pv7aix4o6o8%2BCD75Pb5LJiHZ%2BRM5qiJKooX4plw6p0LQDOwC%2BRnPjsgut%2FsxV9mD2nYEg%3D%3D
.tapad.com/ Name: TapAd_TS
Value: 1661073731567
.tapad.com/ Name: TapAd_DID
Value: dacf31c4-42ff-498d-bd87-3afb89966d1e
.bidr.io/ Name: bito
Value: AAHtkE7GA_MAABCb-k8k5Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.360yield.com/ Name: tuuid
Value: 456c2256-b84a-4193-8b48-6957e9dc86dc
.360yield.com/ Name: tuuid_lu
Value: 1661073731
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-E8VZbkPPWjsIklFtR8dEZxfAWDoIx1prE5d2HxgL&KRTB&19420-E8VZbkPPWjsIklFtR8dEZxfAWDoIx1prE5d2HxgL&KRTB&22979-E8VZbkPPWjsIklFtR8dEZxfAWDoIx1prE5d2HxgL&KRTB&23403-E8VZbkPPWjsIklFtR8dEZxfAWDoIx1prE5d2HxgL
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMUzImp6vMmt55gFszjFnsw&KRTB&22987-CAESEMUzImp6vMmt55gFszjFnsw&KRTB&23025-CAESEMUzImp6vMmt55gFszjFnsw&KRTB&23386-CAESEMUzImp6vMmt55gFszjFnsw
.servenobid.com/ Name: pid_324
Value: 1917759393972564243
.lijit.com/ Name: ljt_reader
Value: FLqSELZHWopT95PNT06HPN4M
.yieldlift.com/ Name: xuids
Value: eyJ4dWlkIjoiMWFlNDhlYmItYjZlYS00Zjk4LTg0NmItYzEwNjI0MDcyOTYwIiwiZHAiOnsicnViaWNvbiI6eyJ1aWQiOiJMNzM0RVBGVC0xSy1NNlg0IiwiZXhwaXJlcyI6IjIwMjItMDktMDRUMDk6MjI6MTEuNzExMTY4WiJ9fSwiYmRheSI6IjIwMjItMDgtMjFUMDk6MjI6MTEuNzExMTY1WiJ9
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7685986172581752304&KRTB&23339-7685986172581752304
.dpm.demdex.net/ Name: dpm
Value: 48610867542467716460185217788939780863
.demdex.net/ Name: demdex
Value: 48610867542467716460185217788939780863
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.simpli.fi/ Name: suid
Value: CF7483954E1940709E69873CC72091EC
.servenobid.com/ Name: pid_314
Value: eyJ4dWlkIjoiMzNhODg3OGYtMzE1NS00MzQ2LWJjNjEtZGU3NzY2YjU3ZDk0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yMVQwOToyMjoxMS40MTYzMDZaIn0=
.id5-sync.com/ Name: callback
Value:
.outbrain.com/ Name: obuid
Value: 21843643-9b16-414a-a12a-c1da196bc549
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YwH5QwAIBSOJIgBC&KRTB&22978-YwH5QwAIBSOJIgBC&KRTB&23194-YwH5QwAIBSOJIgBC&KRTB&23209-YwH5QwAIBSOJIgBC
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:1ef66301-f940-4b00-ac3f-b249d156aa03&KRTB&16736-uid:1ef66301-f940-4b00-ac3f-b249d156aa03&KRTB&23019-uid:1ef66301-f940-4b00-ac3f-b249d156aa03&KRTB&23208-uid:1ef66301-f940-4b00-ac3f-b249d156aa03
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&KRTB&22918-7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a&KRTB&23031-7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a
.amazon-adsystem.com/ Name: ad-id
Value: AwaCLJmNs0McgrN1BElmgT0
.creativecdn.com/ Name: u
Value: dRofJNyj00kklMRai5ve
.creativecdn.com/ Name: ts
Value: 1661073731
.casalemedia.com/ Name: CMTS
Value: 909
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:CF7483954E1940709E69873CC72091EC
.pippio.com/ Name: did
Value: 1jyVYY8bCiFqyrrl
.pippio.com/ Name: didts
Value: 1661073731
.pippio.com/ Name: nnls
Value:
.servenobid.com/ Name: pid_346
Value: ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
.servenobid.com/ Name: pid_310
Value: FLqSELZHWopT95PNT06HPN4M
.ipredictive.com/ Name: cu
Value: 03ac70cd-a13c-4652-9437-75cc783e5575|1661073732050
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-5b3e17a5-92e0-4399-9d31-33cf70c1789e
.adform.net/ Name: uid
Value: 1756822123006844034
.mookie1.com/ Name: syncdata_TAP
Value: 1
.id5-sync.com/ Name: id5
Value: 0d52a993-6aa7-4309-9f55-2b08417d8d77#1661073731790#2
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~26pl:194o~26pl:18z8~26pl"
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJLuaus2GzwAiKB0+A8/5Oa+/5x9kDdZuoJf/MQpjYeQytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.smartadserver.com/ Name: csync
Value: 111:ID5-ZHMOyrXOb2lRi1tBs1MWuAnvtV-Ux37agxKfuwVO4g|133:c73adda
.contextweb.com/ Name: V
Value: xKjJLpkxNiQz
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1fng|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b85171b88e5043df
pool.admedo.com/ Name: tuuid
Value: 222a8f68-4816-43d8-8341-dd155b04d2a5
pool.admedo.com/ Name: c
Value: 1661073732
pool.admedo.com/ Name: tuuid_lu
Value: 1661073732
.pippio.com/ Name: pxrc
Value: CMTyh5gGEgQIAhAAEgYI7OsBEAA=
.servenobid.com/ Name: pid_323
Value: L734EPFT-1K-M6X4
.agkn.com/ Name: ab
Value: 0001%3APDVqtimjeebPgmJnCC%2FfCejdpAjvmIDV
.linksynergy.com/ Name: rmuid
Value: 51434540-3893-413d-8a6a-8ab6833a98fe
.linksynergy.com/ Name: icts
Value: 2022-08-21T09:22:12Z
.mookie1.com/ Name: syncdata_NEU
Value: 1
.rlcdn.com/ Name: rlas3
Value: eyW3atRoR8dRrKt0/M8wy9f/VKs20JpIBpf68qE+dJ8=
.rlcdn.com/ Name: pxrc
Value: CMPyh5gGEgUI6EcQABIPCJC8KxD///////////8B
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004%22%7D
.pubmatic.com/ Name: DPSync3
Value: 1662249600%3A197_226_245_201%7C1661644800%3A164_248%7C1661126400%3A174
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCJjTkYSV2IE7EAUSFgoHcnViaWNvbhILCNb3qoWV2IE7EAUSFQoGY2FzYWxlEgsImpaTiJXYgTsQBRIXCghwdWJtYXRpYxILCPT3sZGV2IE7EAUSFAoFdGFwYWQSCwiQqLuwldiBOxAFGAEgASgCMgsIkKC-3avYgTsQBTgBWgV0YXBhZGAC
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3418254032047919557&KRTB&23150-3418254032047919557
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1756822123006844034&KRTB&23263-1756822123006844034
.ambientdsp.com/ Name: _aGeoIp
Value: HK-Hong_Kong
.ambientdsp.com/ Name: _aUID
Value: wraagdkjfj6
.adgrx.com/ Name: ADGRX_UID
Value: bea001d0-2132-11ed-80b9-9113a8cf3a64
.pubmatic.com/ Name: pi
Value: 0:3
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5601
.semasio.net/ Name: SEUNCY
Value: BE92446C8250497F
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-wraagdkjfj6
.w55c.net/ Name: wfivefivec
Value: i5DgjOCl1OpH9R5
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: aee6d4d5215c1964237d10363cc0b0aa
.dotomi.com/ Name: DotomiTest
Value: 731f7eedf1ea1fff
ads.playground.xyz/ Name: connect.sid
Value: s%3AtHjHxSKZrCp78bdt7Ag0Ngn7wJ64bWyi.GD3qNbFPn5K6jMuTPioMHOTaXracf32v8NDqrFvsoyU
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-bea001d0-2132-11ed-80b9-9113a8cf3a64&KRTB&23275-bea001d0-2132-11ed-80b9-9113a8cf3a64
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:i5DgjOCl1OpH9R5
.pubmatic.com/ Name: SyncRTB3
Value: 1662249600%3A22_179_13_8_21_165_3_71_7_54_204_99_5_189_56_107_220_247%7C1661904000%3A63%7C1661644800%3A223_2_15%7C1662336000%3A35
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAALXg0q_j2TDgNeZwz4AAAAAAA&KRTB&22713-AAALXg0q_j2TDgNeZwz4AAAAAAA&KRTB&22715-AAALXg0q_j2TDgNeZwz4AAAAAAA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004&KRTB&17107-RX-f8cecbd2-98a8-4ab6-8b44-3afcad6adac4-004
.pubmatic.com/ Name: PugT
Value: 1661073736
.pubmatic.com/ Name: SPugT
Value: 1661073736
.mediarithmics.com/ Name: mics_vid
Value: 28829868969
.mediarithmics.com/ Name: mics_uaid
Value: web:1:a6aa3428-0c95-4639-8a28-6e9e513e544c
.mediarithmics.com/ Name: mics_lts
Value: 1661073736737
.id5-sync.com/ Name: 3pi
Value: 2#1661073733243#-778795296#7685986172581752304|18#1661073737090#-366800811|3#1661073733793#1782331762#1ef66301-f940-4b00-ac3f-b249d156aa03|102#1661073732663#-1122453102|264#1661073734245#-1171207308#7fa88d97-1fe9-4cf9-8dc1-6a2e930f7c6a|155#1661073738091#-133480779#AAHtkE7GA_MAABCb-k8k5Q
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.eyeota.net/ Name: mako_uid
Value: 182bfb5cc84-538c000001085bec
.eyeota.net/ Name: SERVERID
Value: 23532~DM

6 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fte-si-la-chuang-ban-ren-ma-si-ke-zai-xian-hua-ti-fa-wen-cheng-yi-shan-chu-tui-te-zhang-hao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.adpushup.com/42753/L2EvdGUtc2ktbGEtY2h1YW5nLWJhbi1yZW4tbWEtc2kta2UtemFpLXhpYW4taHVhLXRpLWZhLXdlbi1jaGVuZy15aS1zaGFuLWNodS10dWktdGUtemhhbmctaGFvLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://ad.audience73.com/adx_sync?google_gid=CAESEI-MqI8ja7-4PL08KT_ilzg&google_cver=1&google_push=AehlK4DfF9KYGMW_bWIgmkhVsE2eLEiJAU4aulpavNgv-Nrvp7CYRrrzJBzEbby20AIxEuTKSJHPYWApOHmETv8jF0I6k6tS3yRwC1fe1l5GpYsYo0LLwm44Y0KvSGki39XFpojfkXmx1kyv
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14247d44765c4ef64af988c3254350b9.safeframe.googlesyndication.com
27e0171b72eac250f1df76f777bb910a.safeframe.googlesyndication.com
8c8641eaa5df0bc1d8f41b2ac9620311.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.audience73.com
ad.turn.com
ade.googlesyndication.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1-sindc1.zemanta.com
b1sync.zemanta.com
b1t-sindc1.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
cs.r-ad.ne.jp
csm.as.criteo.net
csync.loopme.me
d-14199441001193768644.ampproject.net
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
ps.eyeota.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.sg1.as.criteo.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.fout.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.mathtag.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
warp.media.net
widgets.outbrain.com
widgets.zemanta.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
zem.outbrainimg.com
ad.audience73.com
e3.adpushup.com
hb-api.omnitagjs.com
ps.eyeota.net
103.229.10.180
103.229.205.243
103.229.206.241
103.231.98.194
103.231.98.196
104.16.89.20
104.17.25.14
104.18.100.194
104.18.12.76
104.18.18.126
104.18.19.126
104.19.172.108
104.211.156.162
104.254.151.68
104.254.151.69
104.26.5.103
104.45.178.220
104.69.148.168
104.83.196.24
104.83.197.63
106.10.236.40
107.178.244.193
107.178.254.65
108.138.36.84
119.9.108.191
124.146.215.3
124.146.215.42
13.107.42.14
13.112.54.241
13.114.41.24
13.115.228.100
13.115.89.75
13.227.254.108
13.227.254.51
13.228.139.136
13.231.81.146
13.250.207.233
13.251.219.40
13.33.33.38
13.33.88.20
13.33.88.34
139.99.49.250
141.148.45.191
142.251.10.147
142.251.10.155
142.251.12.132
142.251.12.149
142.251.12.154
142.251.12.94
145.40.88.5
148.251.44.111
151.101.66.132
151.101.66.49
169.197.150.7
172.217.194.157
172.217.194.94
172.64.152.245
172.67.72.16
174.137.133.49
18.138.158.87
18.138.18.111
18.140.96.174
18.176.241.222
18.177.11.95
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.141
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
184.87.200.196
184.87.200.25
184.87.201.3
185.184.8.90
185.84.60.20
198.8.71.129
199.232.46.132
202.131.200.84
202.232.238.37
204.79.197.200
209.191.163.209
209.191.163.210
209.58.171.197
216.239.34.178
23.106.127.38
23.106.127.39
23.108.101.160
23.53.160.138
23.72.44.196
23.72.45.76
23.9.185.218
3.1.169.35
3.82.84.88
31.220.27.134
34.102.253.54
34.107.148.139
34.124.209.251
34.198.200.28
34.98.67.3
35.190.60.146
35.213.12.39
35.213.93.179
35.227.202.26
35.244.159.8
35.71.131.137
35.71.178.8
42.99.128.161
42.99.140.144
44.195.112.134
50.116.239.135
50.31.142.255
52.0.153.146
52.193.120.195
52.205.37.96
52.212.135.106
52.46.128.147
52.74.13.196
52.77.147.141
52.88.128.19
52.94.220.185
54.174.20.147
54.238.123.46
54.249.253.250
64.120.88.131
66.225.223.95
67.199.150.82
67.199.150.85
67.199.150.86
69.16.175.42
69.173.144.165
69.173.158.64
69.173.158.65
72.247.81.112
72.34.250.75
74.118.186.45
74.125.200.156
74.125.200.95
74.125.200.97
74.125.24.155
74.125.68.155
74.125.68.156
74.214.196.131
8.43.72.97
84.17.37.44
89.207.22.76
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
01a8dae77651a8899acd413f39b00636042d47a39f9f251626f71f9fd49c8410
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
045d9f2d3c3ca2e3f613ad48cb3da62b4f29351f181acb9c1a381007556d2268
04724be875e6e6f5ca0e9e9e044ee7e199820365584b4333079c56db00bb15a2
04dd30be55e6d70ef1aa0830c31518005a23db403197cec2c5e7f55db8fab637
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe3a339dce9f0599a961a0562139acac9160b7617f912704f9a9d794263c80
0a05de643ac8c608138f3eda57b0efb0d59285892f4e2f26840f50abdc26fd8f
0a6138ea0db2ad80451df7fb182cccf8d0598dc9641a9fdbfb5aa5861dc3cfc5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c62b7ba635a97ceda7194355e506b35c7ad88bd1dc7e981d973d6fc8659e5ca
0c68f1fca1bf8f8f75606c189c6e78e74046307f4cc90e14ef50b4a7e3ebe7a8
0c9aa48a9dff744077cecac94c091930d9495b118a53160a65090bc8e1ae37fc
0e6fec1d5fc0b781ed6c0447bcf2f7e55ace90f19ec1b8b58d1800fd2160a37a
0f188c53aefc1be7e574d4c8d0a2e5107a2381eea0d3558b57cce87463f89543
11e824e773da306f35ebfbc341f1437af0eed1167dbe4053c6e68dfc0bbf1beb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
15f36ec0bec053a1d7c6d9b3e5913a3f92df84466458c3d662e60bfd94cbf1d3
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a6217dcc2afc2b07536c722a693916c87397b741db6f23e1c399f607127be3f
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f81904ff710efe37490baba856731f5ba0eb6c8e632b46a1f6ac46c07c5aac5
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
22bda836176f4588d117df13e6917425045837d29fefe7eb2acc6d727f586afb
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2a0f293420259a5311c1ee4eebec0c6318fc0afcdbb46649e913cc2e0faa1704
2b228c5f8c00ed84b7e44f3e0bfba3fa0b050d39bca08194e70bed45d61ce87a
2c24be0dc33e4732d9c2db83132ee72761d96ac41eda9c5bf34d7447cca18098
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
317b79a5d03cd485290b06141265e845858b4ac2500f048caaedef9df06ceeb6
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
344e02c0e49e58ad7c4726c954b00243760f2301e49f004d008f494a89510710
3569b93e6740e1a601fccccb01da9b5bce280f4e8f4bf1baca090b3fef3ca3f3
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c5a92e9a4da7e3cf56a01470b69bc321b6ec7168b8cb57a8e7d636e5d55b76b
3c78e1f3c026d67b2e87f49275494c86bdb90b8418069434879f786dc5008965
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
42406888614f5578e2585d3a467f266f367f688782c680b0f50c71c13639707c
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4873f1af4037d7fa5a5150c6dc4a9af05d7436c2e85f908e886336c9ee300385
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ae4030323ae233382f7227369996929cf1ab6c3c8c5945e9c60adf3eb2a9a61
4afac04c5fd0b8d418ba0f07626755756e3d1808cbd0f1d436a103ddfaf444ce
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
4cad284af8a652ca54f297d9301d7aaf0f4d9516bfe07b50ec195cd69f89f96b
4d9fe5d575b54eb27c1d32effb8b2c365bd4006c0c032d24bfcbe232e3ea5bef
4dc3ce86228cfece3b66864c9d22a3ee64ffdb1fab21b3ba51a6d0d22febb3f9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ccd4abe0459936a0f89490d62446ecb39a77d0a5670ba9be301a3f0bc558ec
56e0b7751b461497ec69a113a3ab603d53085f7fc4a24aa8058fdc9b4fa3fc62
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5792b4b79e75727b85159ca802c90876cdec67c054cfd0b3643cb6ccbdae6cf7
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5bff20a5b35dde45e781a21efd388606d61ab121062ea006a17bdec608be850c
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
5f8947828d20f8ab59e7c5e277ded685a0b701d5578ef9a969baeba8ed66415a
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
655529424911b8254cecc74a8c3211f95dc2240d8d6b1c1c96e92093e53e75bd
662b8225c47e6ce0cb4ab692c754a26260e9d08a02332b21acf2dcf4b11ae609
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6717a0a1f8f403ffa64074e07cfa31ab2346dfecbba212cbc69b4481cf00a1b0
69e8c4c95fb9f73d6b2f92abccbdf535308533079c5385ffb3f12f423f7b0524
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
71180d5890635db2b00f1c9716e29f45d6b71d0897ecce57083d717abe12344f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73d39859c7cd0f5a031e4530a0a9f0b8ad5170f50fa919221e4ff79e11c109ce
74509b738f8c3828a0e58dbd0f7badaceeaf7e9513586cf57732fe24ef839a5a
7625582929e58467c1010bd042ea0359fa27e9ce530821428be745af852102fd
76c183c04077fce70fc2db1992cb7c178c323d5a9ba54300fa3d773b50e2a1af
7702f4f6e539dd4050266261a23c34d40f406f96bde4912d9668d8ebc224f61f
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c
78064e1e2f596740c54673b4f62303f0596648c6308a02a94e8006ff724694bc
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7aa5aed44c586034cb5f6807292dbb5b2a23a5d1c24c43383e2884e446c93fd1
7b42b1c573fd6efc899a7c99ccb0c1f487892ed24687f22d60f93b52e8583227
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
7ead6e6f4bab8ffec6ff2977b511fa6d74ea5092687e73a62aecf5c2941eed8a
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f171095c097d81c123f18d59fd2519fcfc7272b81bb62bd4535a3c19b5bb5e0
81bbe82990797944af3bb75e9f2b19fea5e892d550c6407ac8ff6311b331959c
81bece4632174e64919595df99efe1e9dd950304aefd12fd3eb08fce68f4760f
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82ef5d0df1b613c45aebf7285049a4b72e5fc48d19145a6318fe5f70d25a8443
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
83eb7cf112efa3bd3098d99307a8b8b7997af33a8e80f69bbf37da54530a4c6e
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
84f891f6d2e72cf7026a272b6dc70a81bbb8af731a28c5fc97d086ea9abd1502
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
863cd8fa1c2160463b44c65a419195500af58459c71d7bdc7d1e6f9b8ac33671
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
876037e1d211d367908afbced450a9fc5269f2cb81dd460fc3658a4431d36187
88c986111a2c9a7d3c850c287bfed80bc469d593de7769fc6cd8eaf698a4220c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8c10396c8a95a902b6bbbc9e3f7576627dff1d27d3e0ce5a26e918d6da4ddb97
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92e18194d466af008a538a06faab82d620ecb7ffa5a2986cc53fd8aaee8e7119
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96a5b1bfa627e17a16d63df1b840918e9898b47d3a3b9006cce89818ec7590ce
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1d364683bafd44cef44405cd77f9dbe405c2795d589407f22141224648ff72
9d9e838e11e53e28982fab39b9239fd02223517740e15a36d80cc781c2d2cfcf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a187a330f0cc465b995180b65ef92a7bc481149aa186e83e8099fd10acc1cfe4
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51abdc945bd68a425eddc829372fe5380aff8fe0343c7246784db121f65f994
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b
aacced85d906dbfbb18f27313386349b928fff5490e123037ee24f83d312363c
ad553c8914341fa2e36b85250a3e5d13ab0fa097791225eebb3cb524f66a7858
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
afb64c0ac0ff75a8ede1c6c9d9cd7065b3bbf7f98b7bc25ab4079aa04354414f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b467d542a2d8664e6eef3a76d86d61d96b5af84fcb50e8a23b474521d8afd877
b5bb2c8d3f7d0320bda5e2d820442bcc4144a2daa48cdbb498696410dbd558c8
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce7b7a333407f4649b212295c4ae99cfc020e26db50d87e3c92138bcf0426a8
bfbe4083cd7f48a312e81db70959942348412dea1900bb643fc715e5c04d09df
c036bfd3c10e02cffe3cbb368cb6b454d95aee03f82c72defb3fe85281afd5de
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720
c4c7dc5e73a3832bbce5e40db2be9bbccf4880d8234c4d58b904cf6ef89839a1
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c53f4706b6959f19ff2d7b6ac019b91cb3eb325d8e5024c6613e226506d6d71e
c6b6141e373f4b8d9c8206df43914d4c154a449c99fc19cc8ce8ee3d3b2f26b8
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cd3920c9a13d5bbcd08030f407e46843e8c43dadede59963f164369252fa1dc1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
dd98325b703df4f13c3a2ebcb93a7726270304b854afc75f4d5dfe5f27852937
de02b286183f13e11ca5ae8dd08f80e11818b6a3ea4973b67d17e2e89bca0cce
de3577fb6836ce8196d135aec683780e913eb06cbeed2796e1049397d9e48dea
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0959d4af53e9f0f9a2d691de7c67c70a6b2a53fd8f6daaa67cd8ffb23e3405d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1501961a1545533c5bc8b1ebc433525d77ca1debb3e97232493c1acced04764
e218093a3e8d994d337993a3f5243d26eaecbce21b7aaed2a8eb10c88b309e36
e22106f370b5a68ae458629159ccfc7b6c0a6c8d76b272c8130df1c689b03632
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4004d6bddd788c79d1798b01706a2b54dd5f9afbf279619a4fe6c3a003e3ebd
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
e996bcadfd56d44d7d1e7875f53b0fa39e71db4aaffce98c4d896fc756c60fd1
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed0f520175b3c7bd82e9ff3b2ce4b7bf312f57a64241ed1ba1349c580cdbb451
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effc34da09dad7e8945dcbf18d7de3aea9dc30088a6484a204798e680663522d
f068ab743ca4ceb7679ed7cea8cb0de01b9e12040876589028c29b35062bee47
f0873b4a90a0c520dbc554d94a0268f9a68a6079bce22ced5498fe12836d9c62
f1f7753af419f8014dfe809978f84123b23a9dabdf3b27d05f001fad032e3097
f226f385bac548ae23f0e6e851126bfa62a823c582293a26acec5c57d62a9363
f4ada8a2dc4840022f93ca85a833c8e135a32aa392ec006612a6ce40db4bb278
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
fa0171d4efb65328150bc36ef873148854e83729df444f9570c761dcb2a25c03
fdbb68ce0799da05f4952b077678ab33e6f5de147af83b77a8572f448fe3c431
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e