urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-f...
Submission: On December 23 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 13 countries across 118 domains to perform 529 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 97625.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
25 142.251.10.132 15169 (GOOGLE)
2 56 172.217.194.157 15169 (GOOGLE)
1 3 209.58.188.181 133752 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
11 172.67.72.16 13335 (CLOUDFLAR...)
3 64.120.88.131 133752 (LEASEWEB-...)
3 74.125.68.155 15169 (GOOGLE)
3 142.250.4.157 15169 (GOOGLE)
24 74.125.24.157 15169 (GOOGLE)
2 142.250.4.97 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
3 142.251.12.100 15169 (GOOGLE)
2 99.86.20.78 16509 (AMAZON-02)
1 74.125.24.94 15169 (GOOGLE)
28 142.250.4.132 15169 (GOOGLE)
1 11 142.250.4.106 15169 (GOOGLE)
2 182.161.74.19 55569 (CRITEO-AS...)
2 182.161.73.148 55569 (CRITEO-AS...)
8 8 103.229.205.242 30419 (MEDIAMATH...)
16 38 142.250.4.155 15169 (GOOGLE)
3 3 35.247.47.28 396982 (GOOGLE-CL...)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 52.55.14.74 14618 (AMAZON-AES)
7 9 52.74.13.196 16509 (AMAZON-02)
1 1 35.208.249.213 19527 (GOOGLE-2)
16 18 35.213.12.39 15169 (GOOGLE)
2 5 103.229.10.192 16509 (AMAZON-02)
23 182.161.73.129 55569 (CRITEO-AS...)
1 104.16.86.20 13335 (CLOUDFLAR...)
6 27 139.99.49.250 16276 (OVH)
3 13 35.244.159.8 15169 (GOOGLE)
1 23.207.181.47 16625 (AKAMAI-AS)
1 52.77.12.199 16509 (AMAZON-02)
3 9 104.18.33.19 13335 (CLOUDFLAR...)
1 145.40.88.5 54825 (PACKET)
1 35.213.117.18 15169 (GOOGLE)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 54.68.229.26 16509 (AMAZON-02)
12 176.34.191.255 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
7 10 104.254.150.228 29990 (ASN-APPNEX)
3 54.65.181.45 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
2 182.161.73.132 55569 (CRITEO-AS...)
2 104.17.24.14 13335 (CLOUDFLAR...)
14 182.161.73.135 55569 (CRITEO-AS...)
4 182.161.73.142 55569 (CRITEO-AS...)
1 13.32.63.125 16509 (AMAZON-02)
1 3.233.146.122 14618 (AMAZON-AES)
2 172.253.118.95 15169 (GOOGLE)
1 172.217.194.148 15169 (GOOGLE)
1 3.104.150.39 16509 (AMAZON-02)
2 142.250.4.94 15169 (GOOGLE)
4 5 50.116.239.135 6336 (TURN-US-ASN)
16 17 35.71.131.137 16509 (AMAZON-02)
1 1 18.180.45.155 16509 (AMAZON-02)
4 7 13.250.177.10 16509 (AMAZON-02)
8 8 70.42.32.127 13789 (INTERNAP-...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
3 182.161.73.136 55569 (CRITEO-AS...)
2 172.64.151.162 13335 (CLOUDFLAR...)
1 18.66.248.39 16509 (AMAZON-02)
4 14 23.9.185.218 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
4 11 35.71.178.8 16509 (AMAZON-02)
12 23.207.180.23 16625 (AKAMAI-AS)
2 2 202.241.208.54 4694 (IDCF IDC ...)
2 2 13.32.63.29 16509 (AMAZON-02)
1 3 69.173.144.165 26667 (RUBICONPR...)
8 14 69.173.158.64 26667 (RUBICONPR...)
1 3 23.106.127.39 59253 (LEASEWEB-...)
2 4 35.190.60.146 15169 (GOOGLE)
4 10 52.46.155.104 16509 (AMAZON-02)
19 22 67.199.150.82 62713 (AS-PUBMATIC)
2 2 198.8.71.130 54312 (ROCKETFUEL)
4 23.44.0.196 16625 (AKAMAI-AS)
14 14 74.118.186.44 26120 (RHYTHMONE)
1 22 13.112.54.241 16509 (AMAZON-02)
2 184.25.248.23 16625 (AKAMAI-AS)
3 3 52.76.76.143 16509 (AMAZON-02)
2 2 182.161.73.146 55569 (CRITEO-AS...)
1 1 146.0.227.110 29066 (VELIANET-...)
3 3 104.69.166.9 16625 (AKAMAI-AS)
3 3 18.158.185.48 16509 (AMAZON-02)
1 3 13.107.42.14 8068 (MICROSOFT...)
10 11 185.84.60.23 198622 (ADFORM)
1 204.79.197.200 8068 (MICROSOFT...)
2 3 52.94.223.167 16509 (AMAZON-02)
1 54.95.216.232 16509 (AMAZON-02)
2 3 23.106.127.52 59253 (LEASEWEB-...)
1 13.249.221.60 16509 (AMAZON-02)
3 3 209.191.163.208 32475 (SINGLEHOP...)
1 1 72.34.250.75 27630 (AS-XFERNET)
1 9 139.5.84.243 27381 (CASALE-MEDIA)
2 2 13.113.72.46 16509 (AMAZON-02)
5 6 151.101.66.49 54113 (FASTLY)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 172.64.154.237 13335 (CLOUDFLAR...)
3 103.231.98.196 62713 (AS-PUBMATIC)
4 4 104.254.151.60 29990 (ASN-APPNEX)
3 3 35.214.223.115 15169 (GOOGLE)
1 2 52.25.196.209 16509 (AMAZON-02)
1 23.106.69.73 59253 (LEASEWEB-...)
2 2 18.176.102.168 16509 (AMAZON-02)
17 28 103.231.98.194 62713 (AS-PUBMATIC)
4 23.106.127.53 59253 (LEASEWEB-...)
1 1 185.183.112.148 60350 (VP)
3 3 74.214.196.131 19189 (PULSEPOINT)
2 2 54.179.76.98 16509 (AMAZON-02)
2 2 69.173.151.100 26667 (RUBICONPR...)
3 3 35.227.202.26 15169 (GOOGLE)
3 4 107.178.244.193 15169 (GOOGLE)
1 1 18.161.216.87 16509 (AMAZON-02)
2 2 35.174.181.179 14618 (AMAZON-AES)
3 4 66.225.223.159 3949 (NTTA-3946)
2 2 98.98.134.243 21859 (ZEN-ECN)
1 1 54.235.189.154 14618 (AMAZON-AES)
1 150.136.26.45 31898 (ORACLE-BM...)
2 8.3.3.8 399183 (DEEPINTENT)
3 3 52.221.110.82 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.117 16276 (OVH)
1 54.209.56.33 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
25 3.234.66.158 14618 (AMAZON-AES)
1 1 18.138.18.111 16509 (AMAZON-02)
1 2 3.1.116.111 16509 (AMAZON-02)
1 2 119.9.108.191 45187 (RACKSPACE...)
3 103.231.98.195 62713 (AS-PUBMATIC)
2 2 35.213.93.179 15169 (GOOGLE)
2 2 203.195.121.142 7979 (SERVERS-COM)
1 1 8.2.110.134 46636 (NATCOWEB)
1 1 54.254.55.187 16509 (AMAZON-02)
1 1 67.202.105.23 32748 (STEADFAST)
1 220.150.223.50 ()
1 2 35.186.193.173 ()
1 18.179.187.167 ()
1 3.1.14.27 ()
1 2 104.18.25.173 13335 (CLOUDFLAR...)
2 2 89.207.22.105 ()
1 1 34.102.253.54 396982 (GOOGLE-CL...)
529 102
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
25    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
4b3d334961981b62d836e4f399d0d669.safeframe.googlesyndication.com
72ba63a472b23b5e7251f6aff5a23efc.safeframe.googlesyndication.com
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
56    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.co.nz
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
11    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
3    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
partner.googleadservices.com
3    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
adservice.google.co.nz
24    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com
securepubads.g.doubleclick.net
www.googletagservices.com
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
7    13.76.45.37 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
3    142.251.12.100 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f100.1e100.net
www.google-analytics.com
2    99.86.20.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-20-78.blr50.r.cloudfront.net
adx.holmesmind.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
d-1132604523766099173.ampproject.net
28    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
11    142.250.4.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f106.1e100.net
www.google.com
2    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
2    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
8    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
38    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
cm.g.doubleclick.net
3    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
1    202.232.238.37 (Nishi-Tokyo-shi, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    52.55.14.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-14-74.compute-1.amazonaws.com
fksnk.com
9    52.74.13.196 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
18    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
5    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
23    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
27    139.99.49.250 (Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
1    23.207.181.47 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-47.deploy.static.akamaitechnologies.com
a.teads.tv
1    52.77.12.199 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-12-199.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
9    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    54.68.229.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-229-26.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
12    176.34.191.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
10    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
3    54.65.181.45 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-181-45.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
14    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
4    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    13.32.63.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-63-125.blr50.r.cloudfront.net
rules.quantcount.com
1    3.233.146.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-122.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
2    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
1    172.217.194.148 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f148.1e100.net
s0.2mdn.net
1    3.104.150.39 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-150-39.ap-southeast-2.compute.amazonaws.com
www.adtrek.co
2    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
fonts.gstatic.com
5    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
17    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    18.180.45.155 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-45-155.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
7    13.250.177.10 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-177-10.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
8    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    18.66.248.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-39.dus51.r.cloudfront.net
public.servenobid.com
14    23.9.185.218 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
11    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
12    23.207.180.23 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.32.63.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-63-29.blr50.r.cloudfront.net
cr-p3.ladsp.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
14    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    23.106.127.39 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
10    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
22    67.199.150.82 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.44.0.196 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    74.118.186.44 (Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
22    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
2    184.25.248.23 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-248-23.deploy.static.akamaitechnologies.com
cs.media.net
3    52.76.76.143 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-76-143.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
3    104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    18.158.185.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-185-48.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
11    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
3    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    54.95.216.232 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-216-232.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
3    23.106.127.52 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
1    13.249.221.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-221-60.blr50.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
3    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
9    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    13.113.72.46 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-72-46.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
6    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
3    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    104.254.151.60 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
3    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    52.25.196.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-196-209.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    23.106.69.73 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    18.176.102.168 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-102-168.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
28    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
4    23.106.127.53 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    54.179.76.98 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-76-98.ap-southeast-1.compute.amazonaws.com
sync.tidaltv.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
4    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
1    18.161.216.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-216-87.blr50.r.cloudfront.net
aa.agkn.com
2    35.174.181.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-181-179.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    66.225.223.159 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
sync.outbrain.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    54.235.189.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-189-154.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    8.3.3.8 (United States)

ASN399183 (DEEPINTENT, US)
match.deepintent.com
3    52.221.110.82 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-110-82.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    54.209.56.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-56-33.compute-1.amazonaws.com
cs.emxdgt.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
25    3.234.66.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-66-158.compute-1.amazonaws.com
cs.minutemedia-prebid.com
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    3.1.116.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-116-111.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
3    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
2    203.195.121.142 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    54.254.55.187 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-55-187.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    220.150.223.50 (None, )

ASN- ()
sync-dsp.ad-m.asia
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    18.179.187.167 (None, )

ASN- ()
dps.jp.cinarra.com
1    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    89.207.22.105 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
72 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
4b3d334961981b62d836e4f399d0d669.safeframe.googlesyndication.com
72ba63a472b23b5e7251f6aff5a23efc.safeframe.googlesyndication.com
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
1 MB
62 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
524 KB
60 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 594
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
image4.pubmatic.com — Cisco Umbrella Rank: 824
simage4.pubmatic.com — Cisco Umbrella Rank: 1176
49 KB
41 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
pix.as.criteo.net — Cisco Umbrella Rank: 15360
csm.as.criteo.net — Cisco Umbrella Rank: 14577
526 KB
37 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 894
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
eus.rubiconproject.com — Cisco Umbrella Rank: 529
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2005
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 835
token.rubiconproject.com — Cisco Umbrella Rank: 563
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 957
67 KB
27 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
13 KB
26 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 3260
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 4626
12 KB
23 gumgum.com
usersync.gumgum.com — Cisco Umbrella Rank: 1909
g2.gumgum.com — Cisco Umbrella Rank: 1363
7 KB
21 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
441 KB
20 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
5 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
19 KB
19 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
grid.bidswitch.net — Cisco Umbrella Rank: 871
9 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
9 KB
16 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
7 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 576
secure.adnxs.com — Cisco Umbrella Rank: 414
32 KB
15 media.net
prebid.media.net — Cisco Umbrella Rank: 1148
contextual.media.net — Cisco Umbrella Rank: 540
cs.media.net — Cisco Umbrella Rank: 1387
19 KB
13 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
8 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1615
public.servenobid.com — Cisco Umbrella Rank: 3320
8 KB
13 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13555
u.openx.net — Cisco Umbrella Rank: 653
us-u.openx.net — Cisco Umbrella Rank: 411
jp-u.openx.net — Cisco Umbrella Rank: 10750
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15342
e3.adpushup.com — Cisco Umbrella Rank: 16692
campaign.adpushup.com — Cisco Umbrella Rank: 28877
237 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510
eb2.3lift.com — Cisco Umbrella Rank: 335
5 KB
12 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 18795
ads.as.criteo.com — Cisco Umbrella Rank: 14276
bidder.criteo.com — Cisco Umbrella Rank: 713
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 15036
gum.criteo.com — Cisco Umbrella Rank: 394
dis.criteo.com — Cisco Umbrella Rank: 658
105 KB
12 bg3.co
www.bg3.co — Cisco Umbrella Rank: 97625
static.bg3.co
16 KB
11 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
cm.adform.net Failed
6 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
6 KB
10 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1751
ssbsync.smartadserver.com — Cisco Umbrella Rank: 761
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
3 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 522
5 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
5 KB
8 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 96946
2 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 29541
sync.aralego.com — Cisco Umbrella Rank: 2932
4 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
r.turn.com — Cisco Umbrella Rank: 3099
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 939
pixel.quantserve.com — Cisco Umbrella Rank: 666
cms.quantserve.com — Cisco Umbrella Rank: 639
11 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 711
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 409
815 B
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 567
570 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 10733
47 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
832 B
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 977
805 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
2 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
734 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
1 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 901
2 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
519 B
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
1 KB
2 dotomi.com
pubmatic-match.dotomi.com
746 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com
1 KB
2 ctnsnet.com
ipac.ctnsnet.com
672 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1736
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2085
961 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
857 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 527
701 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 413
3 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 799
61 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
875 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1376
676 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4507
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 204
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 707
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 26752
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 898
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
2 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 4312
966 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
10 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
94 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 540760
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16405
10 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
464 B
1 adgrx.com
cm.adgrx.com
230 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ad-m.asia
sync-dsp.ad-m.asia
174 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 848
501 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 629
396 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 5907
573 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24864
652 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1031
67 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1380
619 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1274
292 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 846
465 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
667 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1368
712 B
1 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 972
215 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1494
349 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 816
655 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 255
666 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2368
585 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4295
488 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 76847
305 B
1 adtrek.co
www.adtrek.co
399 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
155 KB
1 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9895
234 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 868
633 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3614
518 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
167 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1377
501 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
2 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1228
483 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4004
612 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 42463
704 B
1 ampproject.net
d-1132604523766099173.ampproject.net
0 pippio.com Failed
pippio.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
529 118
Domain Requested by
40 pagead2.googlesyndication.com www.bg3.co
pagead2.googlesyndication.com
cdn.ampproject.org
ads.aralego.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
www.googletagservices.com
38 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
28 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
27 onetag-sys.com 6 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
25 cs.minutemedia-prebid.com ads.pubmatic.com
cs-rtb.minutemedia-prebid.com
onetag-sys.com
eus.rubiconproject.com
24 simage2.pubmatic.com 14 redirects onetag-sys.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
www.bg3.co
23 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
www.bg3.co
22 usersync.gumgum.com 1 redirects contextual.media.net
public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
22 image8.pubmatic.com 19 redirects onetag-sys.com
www.bg3.co
21 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
18 x.bidswitch.net 16 redirects onetag-sys.com
17 match.adsrvr.org 16 redirects cdn.adpushup.com
14 pix.as.criteo.net ads.as.criteo.com
13 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
12 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
12 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
ssbsync.smartadserver.com
eus.rubiconproject.com
g2.gumgum.com
ads.pubmatic.com
cs-rtb.minutemedia-prebid.com
11 c1.adform.net 10 redirects ads.pubmatic.com
11 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
11 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
11 static.bg3.co www.bg3.co
11 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
10 sync.1rx.io 10 redirects
10 s.amazon-adsystem.com 4 redirects onetag-sys.com
eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
10 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
10 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
10 ib.adnxs.com 7 redirects cdn.adpushup.com
acdn.adnxs.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 ups.analytics.yahoo.com 7 redirects onetag-sys.com
9 adservice.google.com pagead2.googlesyndication.com
cdn.ampproject.org
securepubads.g.doubleclick.net
8 b1sync.zemanta.com 8 redirects
8 sync.mathtag.com 8 redirects
8 adservice.google.co.nz pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
7 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
7 e3.adpushup.com www.bg3.co
6 sync-tm.everesttech.net 5 redirects g2.gumgum.com
5 us-u.openx.net 2 redirects u.openx.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 image2.pubmatic.com 3 redirects ads.pubmatic.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 pixel.tapad.com 3 redirects ads.pubmatic.com
4 rtb-csync.smartadserver.com ssbsync.smartadserver.com
4 secure.adnxs.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 sync.targeting.unrulymedia.com 4 redirects ads.pubmatic.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 secure-assets.rubiconproject.com 4 redirects
4 id.rlcdn.com 2 redirects onetag-sys.com
4 ad.turn.com 4 redirects
4 csm.as.criteo.net ads.as.criteo.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ad.360yield.com 3 redirects
3 odr.mookie1.com 3 redirects
3 bh.contextweb.com 3 redirects
3 csync.loopme.me 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 ap.lijit.com 3 redirects
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 px.ads.linkedin.com 1 redirects eb2.3lift.com
www.bg3.co
3 rtb.mfadsrvr.com 3 redirects
3 stags.bluekai.com 3 redirects
3 pm.w55c.net 3 redirects
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 cms.quantserve.com 2 redirects 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 um.simpli.fi 3 redirects
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
www.bg3.co
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 creativecdn.com 2 redirects
2 id5-sync.com 2 redirects
2 match.deepintent.com g2.gumgum.com
ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 pool.admedo.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 dis.criteo.com 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 u.openx.net 1 redirects cdn.adpushup.com
2 rtb2-useast.e-volution.ai 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdnjs.cloudflare.com ads.as.criteo.com
2 cat.sg1.as.criteo.com ads.as.criteo.com
2 htlb.casalemedia.com cdn.adpushup.com
2 ads.as.criteo.com googleads.g.doubleclick.net
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
2 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
2 www.googletagservices.com googleads.g.doubleclick.net
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 ads.playground.xyz 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ssc-cms.33across.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 sync.inmobi.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 aa.agkn.com 1 redirects
1 sync.adotmob.com 1 redirects
1 gu.dyntrk.com ssum-sec.casalemedia.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 sync.go.sonobi.com 1 redirects cs-rtb.minutemedia-prebid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 dsp.adkernel.com 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 r.turn.com www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 www.adtrek.co www.bg3.co
1 s0.2mdn.net www.bg3.co
1 http-intake.logs.datadoghq.com cdn.adpushup.com
1 rules.quantcount.com secure.quantserve.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
ads.pubmatic.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 trace.mediago.io 1 redirects
1 fksnk.com 1 redirects
1 sync.fout.jp 1 redirects
1 72ba63a472b23b5e7251f6aff5a23efc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 4b3d334961981b62d836e4f399d0d669.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-1132604523766099173.ampproject.net cdn.ampproject.org
1 campaign.adpushup.com www.bg3.co
1 www.bg3.co
0 pippio.com Failed www.bg3.co
0 core.iprom.net Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 match.sharethrough.com Failed cs-rtb.minutemedia-prebid.com
0 cm.adform.net Failed cs-rtb.minutemedia-prebid.com
0 cs.admanmedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 cs.iqzone.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
529 174

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-20 -
2023-03-18		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-21		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.logs.datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-26 -
2023-04-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.adtrek.co
Amazon		 2022-10-22 -
2023-11-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
gumgum.com
Amazon		 2022-10-04 -
2023-11-02		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dyntrk.com
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
cs.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 93 frames:

Primary Page: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Frame ID: 67B0542844C510A98CCE4553E21FE661
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 4D608857E303A2BD9A95A01EF03A0551
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 8BA1B1FAEC616A4AFD7DFC98F81FE48D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: C9551D2C69C52723BAE086FDB35C8BDA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1671822654&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822652597&bpp=4&bdt=1263&idt=1498&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6213172602284&frm=20&pv=2&ga_vid=1356302602.1671822654&ga_sid=1671822654&ga_hid=1419883430&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44773745%2C44780792&oid=2&pvsid=3985648012972242&tmod=571796346&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1521
Frame ID: F96FCDE47BB667931513B70E1D596BCF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: B6F9984DCC175DDACEE35D7064869CCC
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 93056E428806697DFFA5704ABEE25B37
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: 4C797AE6DED85D81974CC7E1D6567B18
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Frame ID: F2A70365B77FE0A8B69FB22A933D0F39
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-30854241643210942237&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2694&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=99004651&ga_hid=1419883430&dt=1671822656185&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&bdt=4851&dtd=471&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 08A2EF114B716352BCB088B890C1B3C3
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 8E85AD834B5ADFC36F16CD1C2D9AF345
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E835FCBAC910C3FCFE893036B3950673
Requests: 9 HTTP requests in this frame

Frame: https://4b3d334961981b62d836e4f399d0d669.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2D27FD9A64347EDEB2051A3A62DEE774
Requests: 1 HTTP requests in this frame

Frame: https://72ba63a472b23b5e7251f6aff5a23efc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 15CD752D7842135EECE30BA097A0ACE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7972231CC728A560B96939E382C7518D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3E5091F3675BA50193E05CC5697093E
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: 49A2AE9B399E6F1D2016886941DDD99F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30ED4C3B28ACA4CF8EE14C5D92EDD667
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ABA88B877C1717080543DD14075F3A31
Requests: 2 HTTP requests in this frame

Frame: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F81EA5FFFB2EACD6CBB4DC979AEA1811
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 87BD5BECB1C472E5EC1139C6FB7D27AC
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: E228CC19BA022C116E497CF5E29FE47F
Requests: 19 HTTP requests in this frame

Frame: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F81AB705F33076C23603F3CCC22931FA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822660423&bpp=3&bdt=595&idt=379&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&nras=1&correlator=2410723168487&frm=8&ife=1&pv=2&ga_vid=459637066.1671822661&ga_sid=1671822661&ga_hid=356800596&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071220%2C44780792&oid=2&pvsid=2123180810527031&tmod=146163553&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.pxn7uwpqy68q&fsb=1&dtd=397
Frame ID: 793F5D1F25838F53C06565F14FBAE49B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822660426&bpp=2&bdt=597&idt=404&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2410723168487&frm=8&ife=1&pv=1&ga_vid=459637066.1671822661&ga_sid=1671822661&ga_hid=356800596&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071220%2C44780792&oid=2&pvsid=2123180810527031&tmod=146163553&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.m1m12fhrwgfx&fsb=1&dtd=409
Frame ID: C1C40926CA41D6A92C5655CB59D1A2CE
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 5CC304CCBC8446AC47EDB3A1CD595732
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6DB7CFBFB02447071442A6FECD1E3C1D
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F8E2FBAEC3D7A4878A95609805947A30
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5707C375C726EF9133714E85820B4E15
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3A7875829E71A207AE22FFFC21ECBF53
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1671822658605
Frame ID: 68C3AC79C39173844340BF7739698B05
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6C0203AD2CD15E5F1A85CB0FAA317E15
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9A3135969A960917C6ABCC76478CA4A0
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 8B5C05CF3B296C8AB4C0FFFABE396CD6
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 11AC933007CB13912EC4FE9A67DAB28B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B8487427E2612893C2ABE2D5F4A7505
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A67DCF81DC6E73BEBC318AAC44F70E7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63A0B18C8B0E9E26B07947479D9FC902
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81F387EA00010C556ACB2D511B65BFE1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18D06FA668D4DC7FE8A33CE626FAA1F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A9ECE02D047413EFE641F3CBA96AB30D
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4E63803549627E71C9D4C4CB4B11E723
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 8183CC76EF0DF4531D564C9D96A482EF
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=rkt&refUrl=&vid=18226626033148242627443742000V10&ovsid=1978557980663158451
Frame ID: 681D0E8D0901AAB71B703EAF41F3DF61
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Frame ID: C97F5F3D0F661D88CFCB682FD1B65F03
Requests: 7 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 2ECC37135D512FE97BD0B0A9733E1032
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: E9CA4C686621C67C6E1EF21536EAE946
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 6F3B536EE00B704967845E105404DDEF
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: FE4B2C19DD99304B1A6AC9038EC5B1DB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 4CC91F6DE43294D8084FC849E6466444
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 0C959B7A14AED6A885019A5EC28889A2
Requests: 13 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 7394E00E8FD02AE7AFE04BFE2DDA4CCC
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5CA2F60813A9AAABC296B344B34326E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FFFDA3AFF6D20243E3F5365CBCF2BCCC
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-085aL0wq_EV-syd-k1N1auOz2IvbFjp6rUb_HzGIrg
Frame ID: 1F6FBB516197A7D49C6DF85BD3024575
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: E687A09EE45E00E8DDBE95B3BF6711A8
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=e7d6388c-cd9c-4f9c-9732-804cc5882e21
Frame ID: 375E801297772DC1DB0F4C594C3F468C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
Frame ID: B990CD4D56301122D75D2F0029B60622
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y6X9SAAGM04kzQAo
Frame ID: E06BEEF78873B1A45B9BA00FCBA1D942
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hNGJmYzU5Ni1jYmM5LTQ0ZDQtYTAwMS0yY2MxYWExODVhZTc=&gdpr=0&gdpr_consent=
Frame ID: 618D66FE3E86D2E05084279B8203858B
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: AFA09E56F4ECF438C467FF47DEE68F3F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y6X9SMCo5sAAAJ4DCekAAAAA
Frame ID: C958321313B6F232F163E13ADE9A5422
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: E2DE9600A3F78744704C637C580229A7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Frame ID: B67B9442D5C259E101A3311763E7BDFB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=8GuG0PZ8zNiyHWmR7h00&pi=gumgum&tc=1
Frame ID: 758242DF5AD3F44A120E9B44C81EED39
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 08C3A55CD4445526AF330E7CF4EC4601
Requests: 3 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: 8A0AE38B0A462340FAFEA0B3F1F4D217
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: C4819F54B92E3181BA7400671EED804D
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: D598F001815FB5568F7A3FCA90FB087E
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: 71980019A622A2EEC8A91FF6982C7702
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: 39060C86C3C118E5C584D24F08BD684B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: D6B848D4281384D9F26F5E6F3C6841D5
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 29BE900CC3AA71BB82B55EBD1541F595
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=
Frame ID: E11CE3940C55A5A0543453F1EB3FAF2A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw
Frame ID: B8646872A8FDBFF74CF63C79FA78F9F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5A332E42C40A733F44DB70FA6891F1DE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KmLlWTCDS9lUyWUEtiRzN3RaSsU
Frame ID: A1CA3E3A6E039F47217435A8F5DD5509
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: FFC3B106724EBF8E422B84D721E0058C
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/2/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: 96471A601AAE9D2E5A863BA14F8EA3AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bk55uvAO1P8NrF5&gdpr=0&gdpr_consent=
Frame ID: 1CEF701C794500D4B75FC9721E2DE9F8
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F8BDDAC1FBE7FBCF38BCF4514ADD3081
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f512bd2366fb4bfbb8909b18acbafc3a
Frame ID: 090A217E7B861283BC571BA98BE4F445
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: AC83BFC5992F576CB4DFE72039F01DA9
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Frame ID: 6C6C0D08BE1BB197DEA1D01EB6D4CCCD
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 31750DF5872119D081C34ACC77D26B79
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DDD3AD4330536A6ACE751D4CD1BB5FDD
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: EBC70891C01D11511645C26FA55CFAF7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 640F4E4316FC549D53D2FE4F2332E4F3
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 97063256EE6F71CBC8564426D60E89DB
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1A1BD90C4D8E37EE1E80421E062E2C95
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&gdpr=0&gdpr_consent=
Frame ID: 7A8CC882115EF70416F3B88F6A546004
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=pba&refUrl=&vid=18226626033148242627443742000V10&ovsid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: 527F9F8D5E2279A22099FDBDEF62C841
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Frame ID: D5959328AB89A0B6D3AA08709496B7CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

農委會撲滅羊痘!明年元旦起全國停打疫苗「10月聲明非疫國」 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

529
Requests

70 %
HTTPS

0 %
IPv6

118
Domains

174
Subdomains

102
IPs

13
Countries

3682 kB
Transfer

9520 kB
Size

214
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 68
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822655&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822653977&bpp=12&bdt=822&idt=1986&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=2&ga_vid=1897484311.1671822656&ga_sid=1671822656&ga_hid=822913942&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3808869533&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44780792&oid=2&pvsid=4264461977351164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mja6uzjag27i&fsb=1&dtd=2003 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 94
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGKe8QBAARGjxpT_PcfnAsI&google_cver=1&google_push=AavPq0PIjfrwXEl1sYmYY7rMyw--Z3wDbRZnwHplgCLHxbtCewb9WrmTYL4OTuIzXSCjnXMafkbXReXDCABvyj6oRVKqUqz7eLHsvuhRWmWhcK44FBFotPCrCb_gqP0Up9_y1ZDmTEAzqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PIjfrwXEl1sYmYY7rMyw--Z3wDbRZnwHplgCLHxbtCewb9WrmTYL4OTuIzXSCjnXMafkbXReXDCABvyj6oRVKqUqz7eLHsvuhRWmWhcK44FBFotPCrCb_gqP0Up9_y1ZDmTEAzqw
Request Chain 95
  • https://um.simpli.fi/gp_match?google_gid=CAESEJhKZ8dTMA2WRALlwkjHN0E&google_cver=1&google_push=AavPq0PB1a81agHfsbw4wjgmwuBEvu8AiFIuTRwVm009-0HlLeKhO4ybZTfXIM5SuYoc5n66tSPaHiE3a4qxXLaYE2q8qtJGQa645B4-CUjt5_avYeJPjk0NkBgyg6FSvXjgWIinqJ182JU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&google_push=AavPq0PB1a81agHfsbw4wjgmwuBEvu8AiFIuTRwVm009-0HlLeKhO4ybZTfXIM5SuYoc5n66tSPaHiE3a4qxXLaYE2q8qtJGQa645B4-CUjt5_avYeJPjk0NkBgyg6FSvXjgWIinqJ182JU
Request Chain 96
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESELKB7xuvNP8VQYA_bXXBpl8&google_cver=1&google_push=AavPq0P7Q2AnnAHgpvJ0TtBvENuhNOiwhEhtSu6zSIcZdoTxQESWKsEd-AJk53kzLOLFcqJBUGk3-AT0jBa3j3EyKy3IiwBZ17s1kogtfvVg92qToCFmPEvIAb_FjE_ISITOMEpleqZKczA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0P7Q2AnnAHgpvJ0TtBvENuhNOiwhEhtSu6zSIcZdoTxQESWKsEd-AJk53kzLOLFcqJBUGk3-AT0jBa3j3EyKy3IiwBZ17s1kogtfvVg92qToCFmPEvIAb_FjE_ISITOMEpleqZKczA&google_hm=dHlldm9tZk1US0EzZElHdzExUzJITXI1b3JB&from_google=pc1
Request Chain 97
  • https://fksnk.com/cs/google?google_gid=CAESEOh38hRV6WswN_WIL0eWEpA&google_cver=1&google_push=AavPq0P0Qf6DDDv3MjDOZ5VyyYuRNtSUJIXWpTdIoEsdLn6vcwmLhjl7EOMSt-fNBo55-ULQVKhh_ENI4gto8JVo47sW3pK8BJooYv37cHhA9r-MceG2NDBVpep17Exw9QkkqWA7whuFSUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTNDOEE4MjVDNDE0OUNERg==
Request Chain 98
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPL7Ar6sCIN6GqMnbt0dZ4A&google_cver=1&google_push=AavPq0PPtg4PBmkL37UUveJeEmFVE7I1_kIIerqL2z5z8JNLxp147xePW4-r3BHCp9RNTnpdMBMesK6nEFCUVCNrO_2EBMFvsSVG-mcyj2o15lU5DYO_aOeIpM2QODwv-nh3eyIWnKKHHZcY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPL7Ar6sCIN6GqMnbt0dZ4A&google_cver=1&google_push=AavPq0PPtg4PBmkL37UUveJeEmFVE7I1_kIIerqL2z5z8JNLxp147xePW4-r3BHCp9RNTnpdMBMesK6nEFCUVCNrO_2EBMFvsSVG-mcyj2o15lU5DYO_aOeIpM2QODwv-nh3eyIWnKKHHZcY&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GVEZNMDJoRTJ1R3c0U2VFZ3RUY0VTWVl3TG1YMmZ0Un5B&google_push=AavPq0PPtg4PBmkL37UUveJeEmFVE7I1_kIIerqL2z5z8JNLxp147xePW4-r3BHCp9RNTnpdMBMesK6nEFCUVCNrO_2EBMFvsSVG-mcyj2o15lU5DYO_aOeIpM2QODwv-nh3eyIWnKKHHZcY
Request Chain 99
  • https://trace.mediago.io/cs/google?google_gid=CAESEOrZ1tAxWeBVTuCojp_rus4&google_cver=1&google_push=AavPq0PEghDfyQiiBwCJ-DQjMmNMdhZhetpuqabl028UI0CmJcNQCsBi5UWiVIJfXt4qcuq_pMTTuKYz5ZhxxwgTnPTJojgoEafrJruddEfBdgE-5OHMY--Q-PUkIAHb0FtPkgyCtYr6J3o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0PEghDfyQiiBwCJ-DQjMmNMdhZhetpuqabl028UI0CmJcNQCsBi5UWiVIJfXt4qcuq_pMTTuKYz5ZhxxwgTnPTJojgoEafrJruddEfBdgE-5OHMY--Q-PUkIAHb0FtPkgyCtYr6J3o&google_hm=e724d9554197a8d1b5eb245147e24ca0
Request Chain 100
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDB30zsdKC0GFCLnPY2p9O0&google_cver=1&google_push=AavPq0O85EXpQvYlU8vJHhQ8hHGZS4lg73Cou9WxI7C9xwFk3uLWyhC5rQoi0LfAphmDI3CM6-KRYWm7kzZDF6ueeSJXR02C1cv9e7-9relSlryW19F-gIMtEvLYTvkgCy6UpDo3eSfdAyzy HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDB30zsdKC0GFCLnPY2p9O0&google_cver=1&google_push=AavPq0O85EXpQvYlU8vJHhQ8hHGZS4lg73Cou9WxI7C9xwFk3uLWyhC5rQoi0LfAphmDI3CM6-KRYWm7kzZDF6ueeSJXR02C1cv9e7-9relSlryW19F-gIMtEvLYTvkgCy6UpDo3eSfdAyzy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&%%GOOGLE_PUSH_PAIR%%
Request Chain 153
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822658134&bpp=13&bdt=302&idt=414&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=2410723168487&frm=8&ife=1&pv=2&ga_vid=1640136165.1671822659&ga_sid=1671822659&ga_hid=2044899946&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779794%2C44773746%2C44780792%2C31071010&oid=2&pvsid=3319466712055294&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rptfoix7qgl3&fsb=1&dtd=432 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 222
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 224
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBUIWvqP7pZolI-_l5rJWD4&google_cver=1&google_push=AavPq0MjcIiMnxkVGdqsCawNxPccV4uD8EmaBDBWMRu8Zk3_G63kr8qFy6Zd97ZCvTcJddM0UHKdPR6GMwH-hDqwUwVc75rZj4lj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ4NTI0OTAxNjgzMDE3OTQ0Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBUIWvqP7pZolI-_l5rJWD4&google_cver=1
Request Chain 226
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJA6RhTQKGNq7BnswZnFvCA&google_cver=1&google_push=AavPq0MA1t5iR1GdKeXxPCgKSIv8_7HpwMaY2KoF2SjvAQAanbnrCZD_SijI4Nj3ZE3GOg_HegyG6nyvHrA0yyuaOzvfR_Szrk0Hhw HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJA6RhTQKGNq7BnswZnFvCA&google_cver=1&google_push=AavPq0MA1t5iR1GdKeXxPCgKSIv8_7HpwMaY2KoF2SjvAQAanbnrCZD_SijI4Nj3ZE3GOg_HegyG6nyvHrA0yyuaOzvfR_Szrk0Hhw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTdkNjM4OGMtY2Q5Yy00ZjljLTk3MzItODA0Y2M1ODgyZTIx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e7d6388c-cd9c-4f9c-9732-804cc5882e21
Request Chain 227
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEAEbrwtYdQTzvmOf498-K0Q&google_cver=1&google_push=AavPq0OZYjKZnLGVin1syBm7u1gOo3n0SLFfmuibNo5kaRLwT1rBZsMk2BEzRlVwZ_xg2ybZYGAe5cWIX13533pV7pxokWKxWxoeMg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0OZYjKZnLGVin1syBm7u1gOo3n0SLFfmuibNo5kaRLwT1rBZsMk2BEzRlVwZ_xg2ybZYGAe5cWIX13533pV7pxokWKxWxoeMg
Request Chain 228
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ7AEqGtZZ91i1n9OeKJJuM&google_cver=1&google_push=AavPq0P3Uhg76qnKcM8mCMJhY-MZ4_yN6E-NYbHLY4GZTbdTGma8FN5df4L4bKKnO-NFuRY_d50Cy2iShas7mYsZ3n0hFvlrmvGR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0P3Uhg76qnKcM8mCMJhY-MZ4_yN6E-NYbHLY4GZTbdTGma8FN5df4L4bKKnO-NFuRY_d50Cy2iShas7mYsZ3n0hFvlrmvGR&google_hm=eS1xb1ExOUYxRTJwR0NweDNwdFpvMkxHX3JxdGR5Lm9IM35B
Request Chain 229
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESED86yME5O7iazww1Oif_hX8&google_cver=1&google_push=AavPq0PXyBaXuReRaJJ25uXiV8AZ8_PkiN_fW314PfaYJX6l4ofMn5AUn9WpEXan3_N1UtCZFmNRvXnhXrM6JoeZQ7b1AtZtwo80 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESED86yME5O7iazww1Oif_hX8&google_push=AavPq0PXyBaXuReRaJJ25uXiV8AZ8_PkiN_fW314PfaYJX6l4ofMn5AUn9WpEXan3_N1UtCZFmNRvXnhXrM6JoeZQ7b1AtZtwo80&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0PXyBaXuReRaJJ25uXiV8AZ8_PkiN_fW314PfaYJX6l4ofMn5AUn9WpEXan3_N1UtCZFmNRvXnhXrM6JoeZQ7b1AtZtwo80&google_hm=YUFUM0dTSExoN1BTUnl0b3JKdks=
Request Chain 230
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEB9nXDp8_FMK2pGSZbr9GdI&google_cver=1&google_push=AavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4ZyrowKeSXyGmcegK3NJjfRcbXVgrNav5FiCp6JUerLklHrtT6Qxvdho HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEB9nXDp8_FMK2pGSZbr9GdI%26google_cver%3D1%26google_push%3DAavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4ZyrowKeSXyGmcegK3NJjfRcbXVgrNav5FiCp6JUerLklHrtT6Qxvdho HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6543217025203167527&exchange=193&google_gid=CAESEB9nXDp8_FMK2pGSZbr9GdI&google_cver=1&google_push=AavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4ZyrowKeSXyGmcegK3NJjfRcbXVgrNav5FiCp6JUerLklHrtT6Qxvdho HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY1NDMyMTcwMjUyMDMxNjc1Mjc&google_push=AavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4ZyrowKeSXyGmcegK3NJjfRcbXVgrNav5FiCp6JUerLklHrtT6Qxvdho
Request Chain 269
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 271
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8485249016830179443&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 272
  • https://match.adsrvr.org/track/cmf/openx?oxid=c7deb08e-700a-759d-faad-f67a8ec61900&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e7d6388c-cd9c-4f9c-9732-804cc5882e21&ttd_puid=c7deb08e-700a-759d-faad-f67a8ec61900&gdpr=0&gdpr_consent=
Request Chain 273
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y6X9RsCo5sAAAJ4DCb0AAAAA
Request Chain 274
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATB5jcBa0MHxks8ADzHosMBdKc8AAAGFQGVeug
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvH63tTOrW8OjHCerc41lI&google_cver=1
Request Chain 283
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 284
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=1&gdpr_consent=
Request Chain 286
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1466969437089447570
Request Chain 288
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBk1Pu7_L0OXbGY2Aumsor7vuPxTFo_bg
Request Chain 290
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCMb6l50GEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 291
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
Request Chain 295
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
Request Chain 307
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 308
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Drkt%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=rkt&refUrl=&vid=18226626033148242627443742000V10&ovsid=1978557980663158451
Request Chain 310
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dapx%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=apx&refUrl=&vid=18226626033148242627443742000V10&ovsid=1466969437089447570
Request Chain 311
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dopx%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=opx&refUrl=&vid=18226626033148242627443742000V10&ovsid=0ff2d911-db0a-4f7d-99e2-88143c298bdc
Request Chain 312
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dmma%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=mma&refUrl=&vid=18226626033148242627443742000V10&ovsid=497863a5-fd41-4500-a891-91e4314bf8e0
Request Chain 313
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D%5BRX_UUID%5D&cb=1671822663509 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=409079048 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e7d6388c-cd9c-4f9c-9732-804cc5882e21 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE0ODI0MjYyNzQ0Mzc0MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBGzi_eHpXOpBrMtHBtFExo&google_cver=1
Request Chain 315
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Ddxu%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Ddxu%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=dxu&refUrl=&vid=18226626033148242627443742000V10&ovsid=bk55uvAO1P8NrF5
Request Chain 316
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=151452e9-6d70-4058-8792-5838814346d4
Request Chain 317
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3D3d0d4d83-71f7-4b3e-a84e-1433524b13d9%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=01deffd0c283413da658a3bd239f87b8&ssp=medianet&bsw_param=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&gdpr_consent=&gdpr_pd=1
Request Chain 318
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dzem%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=aAT3GSHLh7PSRytorJvK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBIFKDGR2TJBGGQN2QKNJHS5DPOJFHMSZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTQMRSGY3DENRQGMZTCNBYGI2DENRSG42DIMZXGQZDAMBQKYYTAJTWONUWIPJTGE2DQMRUGI3DENZUGQZTONBSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBIFKDGR2TJBGGQN2QKNJHS5DPOJFHMSZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTQMRSGY3DENRQGMZTCNBYGI2DENRSG42DIMZXGQZDAMBQKYYTAJTWONUWIPJTGE2DQMRUGI3DENZUGQZTONBSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=aAT3GSHLh7PSRytorJvK&refUrl=&type=zem&vid=18226626033148242627443742000V10&vsid=3148242627443742000V10
Request Chain 319
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3148242627443742000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3148242627443742000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff&cs=1
Request Chain 320
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e7d6388c-cd9c-4f9c-9732-804cc5882e21
Request Chain 321
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&dongle=0cfd
Request Chain 322
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjAxOTkxNzMyNzQ0ODQyNzMzNzM%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBwoa373qBOvudL6E11BhWU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 324
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjAxOTkxNzMyNzQ0ODQyNzMzNzM%3D
Request Chain 325
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=60199173274484273373&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=60199173274484273373&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 326
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=60199173274484273373&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4902551777188804151&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 327
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/60199173274484273373?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ChsU6V5E2oS5vaGAODgLPOH43E84N11BU4uEqp0tmA--~A&dongle=0883
Request Chain 328
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=60199173274484273373 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=60199173274484273373&dcc=t
Request Chain 330
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1466969437089447570&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 335
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3rWTgagwt-60zli1sHuNRQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aM2vBSxE2oJFjJHItPanvIJx_DNzYv3eNezBJA--~A
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENHyuLbn2ZJCg3jyFelGP5w&google_cver=1
Request Chain 337
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2IAl38KuQAyXRI1A5FUuTg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2IAl38KuQAyXRI1A5FUuTg
Request Chain 338
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AZENas7ARKagNkJJG3TSvg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AZENas7ARKagNkJJG3TSvg
Request Chain 339
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC0W1N2T-Y-994A
Request Chain 340
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=&expires=30
Request Chain 341
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwVzFOMlQtWS05OTRB
Request Chain 342
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ1MTFhOTU1MTdlYWNiNjMwOGUyMjgxNmY2NjE5YjdlZDg3YmY2OA
Request Chain 347
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 350
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1466969437089447570
Request Chain 351
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=F3ZfCLZH7pfFOzTDQjOuGxL1
Request Chain 352
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=F3ZfCLZH7pfFOzTDQjOuGxL1
Request Chain 353
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1671822663509 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=248945958 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e7d6388c-cd9c-4f9c-9732-804cc5882e21 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Request Chain 354
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1975180290470519937
Request Chain 355
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=ae25df34-c4a0-496f-812f-38ebd6e56f79
Request Chain 356
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29046%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQQASIEMVlOLSrtAWh0dHBzOi8vcHJlYmlkLmEtbW8ubmV0L2NjaGFpbi8wLzI5MDQ2P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTdmMmUzOWQ4LWZmNWMtNDdlNS05ZDMyLTQ5MmM2YTQwYTA0NSZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLWQwNDhlM2U0LWY3MjYtMzI0Yy1iNGU3LWNhZDgyNDdhYTI5ZDIBGjgB
Request Chain 357
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
Request Chain 358
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQyAhoGOAE=
Request Chain 359
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
Request Chain 361
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&dcc=t
Request Chain 362
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e7d6388c-cd9c-4f9c-9732-804cc5882e21&expiration=1674414663&gdpr=0&gdpr_consent=
Request Chain 363
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6X9Rn0Afu4XBxBh04GXqQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFpq5QY77XBhsVpyMTI1hik&google_cver=1
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBZsSPFvt2D4h-LQtT6xFYM&google_cver=1
Request Chain 365
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=aAT3GSHLh7PSRytorJvK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2YKBKQZUOU2IJRUDOUCTKJ4XI33SJJ3EW HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2YKBKQZUOU2IJRUDOUCTKJ4XI33SJJ3EW HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=aAT3GSHLh7PSRytorJvK
Request Chain 366
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxlk7HS_sAACDXnwqAiw&expiration=1673032264
Request Chain 367
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6X9SAAGMqokywAo HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6X9SAAGMqokywAo&_test=Y6X9SAAGMqokywAo
Request Chain 368
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7c27c712-fc9f-3033-76c25c46
Request Chain 373
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1466969437089447570
Request Chain 375
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8485249016830179443
Request Chain 376
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
Request Chain 377
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=7a2ae2e5-fbc4-4cd8-8a60-8f366bdbb277&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBZsSPFvt2D4h-LQtT6xFYM&google_cver=1
Request Chain 379
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6X9Rn0Afu4XBxBh04GXqQAA%264759?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Request Chain 382
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBlX8dTQo4Qsyhj8rX5ypPi6sek3NEtKQ
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
Request Chain 385
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
Request Chain 386
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LC0W1N2T-Y-994A&gdpr=0
Request Chain 387
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1466969437089447570
Request Chain 389
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3674039149954260899
Request Chain 390
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
Request Chain 391
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3d0d4d83-71f7-4b3e-a84e-1433524b13d9 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3d0d4d83-71f7-4b3e-a84e-1433524b13d9 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2d75b6c6-4cd2-4071-b3af-4e4f3f402a50&user_group=1&ssp=pubmatic&bsw_param=3d0d4d83-71f7-4b3e-a84e-1433524b13d9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 392
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
Request Chain 393
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
Request Chain 394
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=xGPsz5Q0uc_fZeuckTagwpNiu5vfYb7IkzNnln_t HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 402
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=9267177e-2359-4d50-a165-d21d174e4105&gdpr_consent=null&gdpr=0
Request Chain 403
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08862204195d2cb57cc7ebdb&gdpr=0&gdpr_consent=
Request Chain 404
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=PLOBkCGJjS3y&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 405
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=08875dea-95db-4aa3-a9ab-8bfe2fe05575&gdpr=0&gdpr_consent=
Request Chain 407
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LC0W1N2T-Y-994A HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LC0W1N2T-Y-994A
Request Chain 408
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LC0W1N2T-Y-994A HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LC0W1N2T-Y-994A
Request Chain 409
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1466969437089447570
Request Chain 410
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524912331894634775&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3&ssp=gumgum2&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524912331894634775&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209760804374005613698&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524912331894634775&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
Request Chain 411
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2a62e559-3083-4bd9-54c9-6504b6247337$ip$116.90.74.197
Request Chain 412
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=aAT3GSHLh7PSRytorJvK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKBKQZUOU2IJRUDOUCTKJ4XI33SJJ3EWJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKBKQZUOU2IJRUDOUCTKJ4XI33SJJ3EWJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aAT3GSHLh7PSRytorJvK&us_privacy=1---
Request Chain 413
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5346833462 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e7d6388c-cd9c-4f9c-9732-804cc5882e21 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Request Chain 414
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=XAv1EWZXnW7f&ev=1&pid=558355
Request Chain 415
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7&obuid=ENC(hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DhZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DhZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=b646f6bb-86ce-4c5d-8d09-9c552fe616cf-63a5fd4a-4e5a&obUid=hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 416
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=30e314fe-581f-4dcb-9dd6-e69746961846
Request Chain 417
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Sq4t5jJE2pfEwHz8sptCGRT9KGD4ptYTMX8N~A
Request Chain 418
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=d701e5f6-6718-45b4-85cf-c24bb18992fd
Request Chain 421
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=7376c891-576b-49c1-ba46-77a25cd71e32
Request Chain 422
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3154994645745196841
Request Chain 424
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-085aL0wq_EV-syd-k1N1auOz2IvbFjp6rUb_HzGIrg
Request Chain 426
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=e7d6388c-cd9c-4f9c-9732-804cc5882e21
Request Chain 427
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
Request Chain 428
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y6X9SAAGM04kzQAo
Request Chain 431
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y6X9SMCo5sAAAJ4DCekAAAAA
Request Chain 433
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Request Chain 434
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=8GuG0PZ8zNiyHWmR7h00&pi=gumgum&tc=1
Request Chain 435
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 438
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 439
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y6X9SAAGL5onIwAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6X9SAAGL5onIwAo&gdpr=0&gdpr_consent=&_test=Y6X9SAAGL5onIwAo HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 440
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yarx6wlg0ae HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 441
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1466969437089447570&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 443
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rNXNJq5fTYagj33cMrhdLg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 444
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7d6388c-cd9c-4f9c-9732-804cc5882e21&ttd_puid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3%2C
Request Chain 445
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=&ct=y
Request Chain 446
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUNENUNEMjYtQUU1Ri00RDg2LUEwOEYtN0REQzMyQjg1RDJF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFcue8fm2HlfBw_h5XNd6xg&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 449
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B5B9AA53CD9C45FDB0CBBEF0C3D32AF3 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 451
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 452
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KXcx5xVE2uXV67AaAggocJJqVxh6.jI-~A&gdpr=0&gdpr_consent=
Request Chain 453
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=7376c891-576b-49c1-ba46-77a25cd71e32
Request Chain 454
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2dffdbac-baa2-4c1e-a81c-e709eee665da&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 456
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=F3ZfCLZH7pfFOzTDQjOuGxL1
Request Chain 457
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=2VyLuRDujHeg&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Request Chain 458
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=5e87528a-0f98-4ac9-8235-ef8dcec593e5
Request Chain 459
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A&gdpr=0&gdpr_consent=
Request Chain 460
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=175b6d2f-eee4-5465-8828-3738eb8dca71
Request Chain 461
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004&rndcb=8969712032 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&google_hm=M2QwZDRkODMtNzFmNy00YjNlLWE4NGUtMTQzMzUyNGIxM2Q5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBL1XDO5PJ4C1AsVytYzQU0&google_cver=1&ssp=adconductor&bsw_param=3d0d4d83-71f7-4b3e-a84e-1433524b13d9 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/3d0d4d83-71f7-4b3e-a84e-1433524b13d9?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Request Chain 462
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=aed2cc87-03cb-4d85-88dd-60622c503e94
Request Chain 463
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7bdff88a46edbfb7644&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524912331894634775&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dminutemedia%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3&ssp=minutemedia&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524912331894634775&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209760804374005613749&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524912331894634775&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
Request Chain 466
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212062442102972
Request Chain 467
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/cchain/0/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=triplelift&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=60199173274484273373 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=1466969437089447570 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F30548%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3DACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E HTTP 302
  • https://prebid.a-mo.net/cchain/2/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Request Chain 468
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff
Request Chain 469
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Request Chain 470
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=60199173274484273373
Request Chain 471
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQyAgYaOAE=%26buyeruid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F25535%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFrTURRNFpUTmxOQzFtTnpJMkxUTXlOR010WWpSbE55MWpZV1E0TWpRM1lXRXlPV1FRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMxa01EUTRaVE5sTkMxbU56STJMVE15TkdNdFlqUmxOeTFqWVdRNE1qUTNZV0V5T1dReUFnWWFPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 473
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=1466969437089447570
Request Chain 474
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=3154994645745196841&gdpr=0&gdpr_consent=
Request Chain 478
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 480
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LC0W1N2T-Y-994A HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LC0W1N2T-Y-994A
Request Chain 482
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBlZZT_GTkA8sWZK7ugmA1huW3T2zA37A
Request Chain 484
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=EF2B9BwoSqcm308TdJogu1RB9wlyds43lQR7y0L29aY
Request Chain 486
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=1&gdpr_consent=
Request Chain 488
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1466969437089447570
Request Chain 491
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
Request Chain 493
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
Request Chain 499
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LC0W1N2T-Y-994A HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LC0W1N2T-Y-994A
Request Chain 506
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw
Request Chain 507
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 508
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KmLlWTCDS9lUyWUEtiRzN3RaSsU
Request Chain 510
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Bqu8dth2AP2XvpsCS_2lYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3DACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E HTTP 302
  • https://prebid.a-mo.net/cchain/2/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Request Chain 511
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bk55uvAO1P8NrF5&gdpr=0&gdpr_consent=
Request Chain 513
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f512bd2366fb4bfbb8909b18acbafc3a
Request Chain 515
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004&rndcb=6577379227 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2dffdbac-baa2-4c1e-a81c-e709eee665da&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/3d0d4d83-71f7-4b3e-a84e-1433524b13d9?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Request Chain 519
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 520
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 522
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&gdpr=0&gdpr_consent=
Request Chain 524
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=497863a5-fd41-4500-a891-91e4314bf8e0
Request Chain 525
  • https://idsync.rlcdn.com/420486.gif?partner_uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f10b2582248b45e03c31a98b56485cf9034de10b9cf7ecd9d4c1162c859b7e12791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmMTBiMjU4MjI0OGI0NWUwM2MzMWE5OGI1NjQ4NWNmOTAzNGRlMTBiOWNmN2VjZDlkNGMxMTYyYzg1OWI3ZTEyNzkxNDI2YjU0MTdkY2UyMRAAGgwIy_qXnQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmMTBiMjU4MjI0OGI0NWUwM2MzMWE5OGI1NjQ4NWNmOTAzNGRlMTBiOWNmN2VjZDlkNGMxMTYyYzg1OWI3ZTEyNzkxNDI2YjU0MTdkY2UyMRAAGgwIy_qXnQYSBAgCEABCAEoA&google_gid=CAESEIkfl36ishIkA0qe8PPGToY&google_cver=1
Request Chain 526
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8485249016830179443&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 527
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1d79b112e7432049&is_secure=true&networkId=17100&version=1&nuid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALeFeXbSAzjgMEgYwfAAAAAAA&expiration=1671909067&nuid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 528
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1466969437089447570

529 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
www.bg3.co/a/ 		54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
91199cb5793fd5ef3d27ece0eee46c7966cc41d4dc997ea81918db1948876306

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Dec 2022 19:10:50 GMT
ETag
"d60d-SQfFjb+1T+HGdJCYtt2MJIE9Uyg"
Expires
Fri, 23 Dec 2022 20:10:50 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
889c8dd97d82a778b37300d54b338cd093040b2aacc208df8b2c4f5896bde98e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 19:10:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72681
x-xss-protection
0
server
sffe
etag
"0f8f5d9d8c9a8fd9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Dec 2022 19:10:52 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
74a728f3606e8e792cd0959126c33a0d15aa2c047e20efc083aecf408ee16fce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 19:10:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9654
x-xss-protection
0
server
sffe
etag
"4b66d6f91d1262b7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Dec 2022 19:10:52 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
7b803ad1dd4b7e46b45dfa6f3cdf42053ae31b0ca7e1ed7cc71ed2d098324ebd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 19:10:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7580
x-xss-protection
0
server
sffe
etag
"68f3175abba6e2b9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Dec 2022 19:10:52 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
321b3e630cd5162192ca9753f956dda11f61aba3f45c8265d4604e41257c60a7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 19:10:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
etag
"a9a002bfa741eb92"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Dec 2022 19:10:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
2745b54787779a3105c5cf942f1d59297b7b311c1ff82fc7cd111aadbdf2204c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49435
x-xss-protection
0
server
cafe
etag
6973768664740490203
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:52 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:52 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 06:32:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a2a866-b1a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKAtAODXiydp84cCYApEp4KAL%2FVLEet9N8IP%2B4IjYfCBEwwWu6GP2wToeym52WDOxF9w%2BS7m1TAPRe%2F4C%2FMZbfObzpmeZ1%2FD2m7hmCj7Z9C4j0pW4%2BsD9K6LC7ZKmld1Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
77e3665c2ceca895-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45472

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 23 Dec 2022 19:10:52 GMT
content-encoding
br
last-modified
Fri, 23 Dec 2022 08:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
NZ
content-length
9215
expires
Fri, 23 Dec 2022 20:10:52 GMT
adpushup.js
cdn.adpushup.com/42753/ 		524 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
04d04f0a5ea44e5c6e9a2be97dd68c1197349ba9f73e95333d6928a3818eb1f4

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 23 Dec 2022 19:10:52 GMT
content-encoding
br
last-modified
Thu, 22 Dec 2022 12:04:02 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
116557
expires
Fri, 23 Dec 2022 20:10:52 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e467e4cdae1c8061b60e972cba2cf4c0e025ad75057d069e91bc8b820e0d629a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119966
x-xss-protection
0
server
cafe
etag
3877669572924599173
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 4D60 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
31524
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 10:25:29 GMT
etag
10353107486223812946
expires
Fri, 06 Jan 2023 10:25:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:53 GMT
content-encoding
gzip
x-sp-metadata
HS256.CM2WmJ0GEogBCiRmN2FlMzFiNC1iYjA2LTRhM2YtYTc5Yi03YjNhOWQyZThjNjgQ+OiCoKvU+wIaBgi9+pedBiINMTE2LjkwLjc0LjE5Nyi+qwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGY3OGZkYmIzLTliNTItNDU3Ny05NTQ3LWNkMDQ4NDlkMmIxNRi46QEiGAgCEhRjZHMyMTAubGEzLmh3Y2RuLm5ldA==.A1CSmB5OSc0rC+gPtPeaabUUcx7fmgdq2Vn+gltth9A=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1671822653.dop025.la3.t,1671822653.cds240.la3.hn,1671822653.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
f38fed24d8cb62329c5de097b087556f.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f38fed24d8cb62329c5de097b087556f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f11c028c8ff4c4e6234da3ab44f0efec.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f11c028c8ff4c4e6234da3ab44f0efec.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e61fd45b784e0fa534e40e19e583b996.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e61fd45b784e0fa534e40e19e583b996.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9811fbfd462526f28448d6c0de16f2a7.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9811fbfd462526f28448d6c0de16f2a7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a193d22565cc19c48a0403096e901146.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a193d22565cc19c48a0403096e901146.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
64b07107d18317ea036e441884e8a233.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/64b07107d18317ea036e441884e8a233.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ea11d3d7a834076444253a1c5006cddf.jpg
static.bg3.co/imgs/202112/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/ea11d3d7a834076444253a1c5006cddf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ff5ac374ecd3889ae6c1b4b0c85d7f73.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ff5ac374ecd3889ae6c1b4b0c85d7f73.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e556a3c15923502b84e502da665d177b.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e556a3c15923502b84e502da665d177b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
65a7bf5eb76453fb000c612f7f7b4ed0.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/65a7bf5eb76453fb000c612f7f7b4ed0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
508ebf13066b268877bd03893440b5bf.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/508ebf13066b268877bd03893440b5bf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d890adb2cee66d5527d37756a7c31451767903ffcc0f7063cb923043db885c25
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 00:32:48 GMT
age
239887
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
server
sffe
etag
"2822a89a04832126"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 00:32:48 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
37f6ae60595a0d47a07f29de8025c7f9023ede6b23230df0af72a9698c7ca849
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 00:32:48 GMT
age
239887
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23078
x-xss-protection
0
server
sffe
etag
"e8aa1933667594a4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 00:32:48 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
277538eb2369d9d6d75a947bd6ed5b16e38cab9056dd4cb1cdd9827e6f5841bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
481
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
17ad2ba9644dc2e2245219e384abf35638308374aad83151d64b9af2cd0d7e7d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 00:32:48 GMT
age
239887
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3930
x-xss-protection
0
server
sffe
etag
"e11794ea739ab772"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 00:32:48 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2800
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WduB9BOu8KVPJ8ZI9nphZpJdlvHiAcp0ZmdQRv9NgdEOp9%2BxyXuX5tWfcflCiRFDYNTQB5Dv1wSfvC4qUiy9Pg8bI51FZ%2BhGJHXcAIBvQrFRNEGBpPdFLQ7t9EslpQslxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
77e3665f8830aadd-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:10:54 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:10:54 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8046070002701913&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:10:53 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9855601424426552&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:10:53 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:55 GMT
content-encoding
gzip
x-sp-metadata
HS256.CM+WmJ0GEogBCiQ5NzE1MzQ1Yy0zYjczLTQzYzUtYjRjMi1iMWI3ZWZjYjMzMWMQ+OiCoKvU+wIaBgi/+pedBiINMTE2LjkwLjc0LjE5Nyi+qwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDFmZGIzMzY4LWQzODktNGEyMC05NDFiLWNkNGZhZDY3Mjg3NBib8QEiGAgCEhRjZHMyNjcubGEzLmh3Y2RuLm5ldA==.427r2cxVXr0pDOMX0XZVJiVHdHva6aKBg+uvh95oruQ=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1671822655.dop025.la3.t,1671822655.cds240.la3.hn,1671822655.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
87e708d4895549290624cdda1268bba48ae78ab289a955f39b2adf8d54fdf5fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 00:32:48 GMT
age
239887
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10271
x-xss-protection
0
server
sffe
etag
"07afe8ec7a5b890f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 00:32:48 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8BA1 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
39285f03b342bdea0176e85d768cda56fd729b662eb6dd7434aaaa7db0e8e39e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34141
x-xss-protection
0
server
cafe
etag
9790467149667160671
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:53 GMT
gtag.json
cdn.ampproject.org/rtv/012211302304002/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 00:32:50 GMT
age
239884
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"57cb31050eaf5482"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 00:32:50 GMT
block.jpg
delivery.adrecover.com/ 		631 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1671822653947
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 23 Dec 2022 19:10:55 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Fri, 23 Dec 2022 20:10:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 8BA1 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
67ad5d1cae6d7b82fe6ba4008533dd6cf753d57af7cfc5d2a0aae08de058756d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119955
x-xss-protection
0
server
cafe
etag
3328174732651894141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:55 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C955 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
4502750abe083fa7a911d75e5a6f83a199469c0438786bb2abd951e758561a3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34145
x-xss-protection
0
server
cafe
etag
8104860165656700927
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-5961800537962381&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
ae441eebc6e80ecb695ca7331009b72a5e0970d9a25e21e5cd5f075eb8d9bec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F96F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1671822654&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822652597&bpp=4&bdt=1263&idt=1498&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6213172602284&frm=20&pv=2&ga_vid=1356302602.1671822654&ga_sid=1671822654&ga_hid=1419883430&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219%2C44773745%2C44780792&oid=2&pvsid=3985648012972242&tmod=571796346&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1521
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
1b4d3e92c5cace200914094bd198f6dd1459847aeecd1f78407736385f171590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
3980
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:54 GMT
expires
Fri, 23 Dec 2022 19:10:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame B6F9 		714 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
2861
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
77e366655cbbaadd-SYD
content-encoding
br
content-type
text/html
date
Fri, 23 Dec 2022 19:10:54 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5v2xwFL%2B5BflW9T8dx4ruw%2BuBMLtrrbq9%2F7Rvd8w0%2BBv6F57SedIkCJDjaJFlV44BAHsDHOcQpEexBgWb%2Beff%2BJnLfVQhcrxZinBQvgNX5uq%2Fh2Qe%2Bm5kND%2F8IiG2kztw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:10:55 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 9305 		714 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
2861
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
77e366656cc3aadd-SYD
content-encoding
br
content-type
text/html
date
Fri, 23 Dec 2022 19:10:54 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qNNlsUzCrrE898LaKmaQ0pgGbM07pHhnynj0RlqQTo0XYdYAGi7U60LAViUvAMGD0KgWHtTaaeXM8GdldrK5iDtwI3eRTq8aTHRRJGJRS0fTRai8qlAkoW4Ysx44449yw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame C955 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
1b05cef9b2e3cbb81e8b3c1fa19d6dcf4b7c88efd93ba552328e55679b7710b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119955
x-xss-protection
0
server
cafe
etag
2513955429781623070
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B6F9 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1429 / 884 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Dec 2022 19:10:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9305 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1429 / 743 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Dec 2022 19:10:55 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Fri, 23 Dec 2022 19:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		215 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
2400797e6cdc3aa0e87ecfcf346be3ddf2179ec973448a82a260c562061a7c0a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 00:33:34 GMT
age
239841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57898
x-xss-protection
0
server
sffe
etag
"477261eabf4dff2e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 00:33:34 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
94168
expires
Sat, 23 Dec 2023 19:10:56 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
211
expires
Sat, 23 Dec 2023 19:10:56 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
18371
expires
Fri, 23 Dec 2022 20:10:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
46eaca8feeaefa95329b8fa1ad2f534bab954d61d9fd2b2eca99862694c730d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1429 / 562 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Dec 2022 19:10:56 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:56 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame B6F9 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 18:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 18:04:57 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzE4MjI2NTU2NzIsInBhY2tldElkIjoiMDAwMEE3MDEtZGZmMGVlYTMtZTdjMy00ZGVjLWE2MWEtYzY0MmY5YTRjMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL25vbmctd2VpLWh1aS1idS1taWUteWFuZy1kb3UtbWluZy1uaWFuLXl1YW4tZGFuLXFpLXF1YW4tZ3VvLXRpbmctZGEteWktbWlhby0xMHl1ZS1zaGVuZy1taW5nLWZlaS15aS1ndW8uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=5870
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:56 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzE4MjI2NTU2NzIsInBhY2tldElkIjoiMDAwMEE3MDEtZGZmMGVlYTMtZTdjMy00ZGVjLWE2MWEtYzY0MmY5YTRjMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL25vbmctd2VpLWh1aS1idS1taWUteWFuZy1kb3UtbWluZy1uaWFuLXl1YW4tZGFuLXFpLXF1YW4tZ3VvLXRpbmctZGEteWktbWlhby0xMHl1ZS1zaGVuZy1taW5nLWZlaS15aS1ndW8uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=5870.699999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:56 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzE4MjI2NTU2NzIsInBhY2tldElkIjoiMDAwMEE3MDEtZGZmMGVlYTMtZTdjMy00ZGVjLWE2MWEtYzY0MmY5YTRjMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL25vbmctd2VpLWh1aS1idS1taWUteWFuZy1kb3UtbWluZy1uaWFuLXl1YW4tZGFuLXFpLXF1YW4tZ3VvLXRpbmctZGEteWktbWlhby0xMHl1ZS1zaGVuZy1taW5nLWZlaS15aS1ndW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=5871.10000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:56 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
3013
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Fri, 23 Dec 2022 23:10:57 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzE4MjI2NTU2NzgsInBhY2tldElkIjoiMDAwMEE3MDEtZGZmMGVlYTMtZTdjMy00ZGVjLWE2MWEtYzY0MmY5YTRjMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL25vbmctd2VpLWh1aS1idS1taWUteWFuZy1kb3UtbWluZy1uaWFuLXl1YW4tZGFuLXFpLXF1YW4tZ3VvLXRpbmctZGEteWktbWlhby0xMHl1ZS1zaGVuZy1taW5nLWZlaS15aS1ndW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=5876.199999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzE4MjI2NTU2ODAsInBhY2tldElkIjoiMDAwMEE3MDEtZGZmMGVlYTMtZTdjMy00ZGVjLWE2MWEtYzY0MmY5YTRjMTc3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL25vbmctd2VpLWh1aS1idS1taWUteWFuZy1kb3UtbWluZy1uaWFuLXl1YW4tZGFuLXFpLXF1YW4tZ3VvLXRpbmctZGEteWktbWlhby0xMHl1ZS1zaGVuZy1taW5nLWZlaS15aS1ndW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=5878.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 9305 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 18:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 18:04:57 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%BE%B2%E5%A7%94%E6%9C%83%E6%92%B2%E6%BB%85%E7%BE%8A%E7%97%98%EF%BC%81%E6%98%8E%E5%B9%B4%E5%85%83%E6%97%A6%E8%B5%B7%E5%85%A8%E5%9C%8B%E5%81%9C%E6%89%93%E7%96%AB%E8%8B%97%E3%80%8C10%E6%9C%88%E8%81%B2%E6%98%8E%E9%9D%9E%E7%96%AB%E5%9C%8B%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-pehX9AjlaoJhT9qcbsBqOA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.18950266841421448&gjid=0.08157092942230726&_r=1&a=4651&z=0.9497097540931185&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
c8c525c55cf82a2b7abf6fbfb179c7b8c21f0ae7efef5ddc53372422440444ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 19:10:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7852
x-xss-protection
0
server
sffe
etag
"c0564ce6402f500c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Dec 2022 19:10:57 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 8BA1 		379 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
804f3a8016e85a6d2b7804110d6343dd62b3ea82b75ad47935cda8ded9d1a855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 8BA1 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8BA1 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame 4C79
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822655&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.20.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-20-78.blr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-length
673
content-type
text/html
date
Fri, 23 Dec 2022 19:10:58 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 362c65c57df97e0bc220116880b0aea6.cloudfront.net (CloudFront)
x-amz-cf-id
ynEDl5VbksQC0ercxfcIa3oLJvH_2WzfjGH4PfTh9A5KER2wDA3LVA==
x-amz-cf-pop
BLR50-C2
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
RefreshHit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:56 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-1132604523766099173.ampproject.net/2211302304002/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-1132604523766099173.ampproject.net/2211302304002/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame C955 		379 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
1cb4fa3a613558a6b7c1934faaa07718877ee23bc2293cef1c8ab0dc5ddbca91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame C955 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C955 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F2A7 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
416464778048f47e9b1a1b76e793e27b180af754f50095b0fe9a8b00d69f8dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12037
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:56 GMT
expires
Fri, 23 Dec 2022 19:10:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F2A7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 07:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
42946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 07:15:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F2A7 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 09:55:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
33316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 09:55:41 GMT
l
www.google.com/ads/measurement/ Frame F2A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgL36EdgeTWIpr3GURg8i8YvuI4BBqPm_jdRyYOaixZq_pIM8cGujwmEXbNiSLZzZEcoJdWXGilv6JCaYbGvNG7pWSeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F2A7 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 19:10:56 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 08A2 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-30854241643210942237&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2694&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=99004651&ga_hid=1419883430&dt=1671822656185&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&bdt=4851&dtd=471&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211302304002/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F2A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CA2I5QP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSjAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbITqItkxOvbCAguI-ClF0WYlfE-Ju48FFQfaQyIHzPPlYVRqnjr4YAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=5kw0MLEw-Jc&uach_m=[UACH]&cid=CAQSKQDq26N9s5kgcfaVXSRmqQ5he3NsD5DJpnp2Zp6tmO9KaqwQyNLSlWMsGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 23 Dec 2022 19:10:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame F2A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-qNEp_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQQP2lY0xT9y9U28Q3LhMwABIAAA&wp=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
165271
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 8E85 		141 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c9479f553efe22b49d84cbe56916e43e18a9681728ae30cd6ee79f80ec55ff65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:56 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=bbqUvPleI6Zml46cpXPi4CHLFQhrek1nok1THKqwkOEIdg7c8Fj03xiVWUmcU0MhRXhGUyL5241bcp2wvUFVeoSrjbHeCA1zhioNJVPrHcgy7pGsVl49zU_W-1EeVBsfXN053smbNIK_BPsHg_wiAl4uYWOQ7AmBina7t5Z0PbykvWmfyFhsEtxYC-z6EASnakwKOmmDAKdPC0q6AkQOywSb_7YAT6afY2LmW1t2LDrWa09YaaKdBl_LaGA_kZiOR-hhuQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
37165423
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E835 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
76262
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 21:59:54 GMT
etag
48472445140208031
expires
Fri, 23 Dec 2022 21:59:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame B6F9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B6F9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B6F9 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=724482718492426&correlator=1174989023633266&eid=31069101&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1671822656720&lmt=1644386353&dlt=1671822654372&idt=2326&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=w20hodsym3k6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=174527492.1671822657&ga_sid=1671822657&ga_hid=873497393&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
7e55a281b9adb67b4a4873a1ef969218f6fab211ca95276746864e7bf4b7ba0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4b3d334961981b62d836e4f399d0d669.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D27 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b3d334961981b62d836e4f399d0d669.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:57 GMT
expires
Sat, 23 Dec 2023 19:10:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 9305 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9305 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9305 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1859368706194295&correlator=2352349817848682&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1671822656927&lmt=1644386353&dlt=1671822654391&idt=2528&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ocf3n3z4ar39&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=14346101.1671822657&ga_sid=1671822657&ga_hid=1979813516&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
5e6f7e6b2e2ea0de9d3f380e7abf8e1b8340ca652c0f83f05e15f864237d5f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
72ba63a472b23b5e7251f6aff5a23efc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 15CD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://72ba63a472b23b5e7251f6aff5a23efc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:57 GMT
expires
Sat, 23 Dec 2023 19:10:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 19:50:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		134 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80
x-xss-protection
0
expires
Fri, 23 Dec 2022 19:10:57 GMT
pixel
cm.g.doubleclick.net/ Frame E835
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGKe8QBAARGjxpT_PcfnAsI&google_cver=1&google_push=AavPq0PIjfrwXEl1sYmYY7rMyw--Z3wDbRZnwHplgCLHxbtCewb9WrmTYL4OTuIzXSCjnXMafkbXReXDCABvyj6o...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PIjfrwXEl1sYmYY7rMyw--Z3wDbRZnwHplgCLHxbtCewb9WrmTYL4OTuIzXSCjnXMafkbXReXDCABvyj6oRVKqUqz7eLHsvuhRWmWhcK44FBFotP...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PIjfrwXEl1sYmYY7rMyw--Z3wDbRZnwHplgCLHxbtCewb9WrmTYL4OTuIzXSCjnXMafkbXReXDCABvyj6oRVKqUqz7eLHsvuhRWmWhcK44FBFotPCrCb_gqP0Up9_y1ZDmTEAzqw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 23 Dec 2022 19:10:57 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PIjfrwXEl1sYmYY7rMyw--Z3wDbRZnwHplgCLHxbtCewb9WrmTYL4OTuIzXSCjnXMafkbXReXDCABvyj6oRVKqUqz7eLHsvuhRWmWhcK44FBFotPCrCb_gqP0Up9_y1ZDmTEAzqw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Dec 2022 19:10:56 GMT
pixel
cm.g.doubleclick.net/ Frame E835
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJhKZ8dTMA2WRALlwkjHN0E&google_cver=1&google_push=AavPq0PB1a81agHfsbw4wjgmwuBEvu8AiFIuTRwVm009-0HlLeKhO4ybZTfXIM5SuYoc5n66tSPaHiE3a4qxXLaYE2q8qtJGQa645B...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&google_push=AavPq0PB1a81agHfsbw4wjgmwuBEvu8AiFIuTRwVm009-0HlLeKhO4ybZTfXIM5SuYoc5n66tSPaHiE3a4qxXLa...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&google_push=AavPq0PB1a81agHfsbw4wjgmwuBEvu8AiFIuTRwVm009-0HlLeKhO4ybZTfXIM5SuYoc5n66tSPaHiE3a4qxXLaYE2q8qtJGQa645B4-CUjt5_avYeJPjk0NkBgyg6FSvXjgWIinqJ182JU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Dec 2022 19:10:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&google_push=AavPq0PB1a81agHfsbw4wjgmwuBEvu8AiFIuTRwVm009-0HlLeKhO4ybZTfXIM5SuYoc5n66tSPaHiE3a4qxXLaYE2q8qtJGQa645B4-CUjt5_avYeJPjk0NkBgyg6FSvXjgWIinqJ182JU
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 22 Dec 2022 19:10:57 GMT
pixel
cm.g.doubleclick.net/ Frame E835
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESELKB7xuvNP8VQYA_bXXBpl8&google_cver=1&google_push=AavPq0P7Q2AnnAHgpvJ0TtBvENuhNOiwhEhtSu6zSIcZdoTxQESWKsEd-AJk53kzLOLFcqJBUGk3-AT0jB...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0P7Q2AnnAHgpvJ0TtBvENuhNOiwhEhtSu6zSIcZdoTxQESWKsEd-AJk53kzLOLFcqJBUGk3-AT0jBa3j3EyKy3IiwBZ17s1kogtfvVg92qToCFmPEvIAb_FjE_ISI...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0P7Q2AnnAHgpvJ0TtBvENuhNOiwhEhtSu6zSIcZdoTxQESWKsEd-AJk53kzLOLFcqJBUGk3-AT0jBa3j3EyKy3IiwBZ17s1kogtfvVg92qToCFmPEvIAb_FjE_ISITOMEpleqZKczA&google_hm=dHlldm9tZk1US0EzZElHdzExUzJITXI1b3JB&from_google=pc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:10:57 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0P7Q2AnnAHgpvJ0TtBvENuhNOiwhEhtSu6zSIcZdoTxQESWKsEd-AJk53kzLOLFcqJBUGk3-AT0jBa3j3EyKy3IiwBZ17s1kogtfvVg92qToCFmPEvIAb_FjE_ISITOMEpleqZKczA&google_hm=dHlldm9tZk1US0EzZElHdzExUzJITXI1b3JB&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame E835
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEOh38hRV6WswN_WIL0eWEpA&google_cver=1&google_push=AavPq0P0Qf6DDDv3MjDOZ5VyyYuRNtSUJIXWpTdIoEsdLn6vcwmLhjl7EOMSt-fNBo55-ULQVKhh_ENI4gto8JVo47sW3pK8BJooYv37...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTNDOEE4MjVDNDE0OUNERg==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTNDOEE4MjVDNDE0OUNERg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTNDOEE4MjVDNDE0OUNERg==
date
Fri, 23 Dec 2022 19:10:57 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame E835
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPL7Ar6sCIN6GqMnbt0dZ4A&google_cver=1&google_push=AavPq0PPtg4PBmkL37UUveJeEmFVE7I1_kIIerqL2z5z8JNLxp147xePW4-r3BHCp9RNTnpdMB...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPL7Ar6sCIN6GqMnbt0dZ4A&google_cver=1&google_push=AavPq0PPtg4PBmkL37UUveJeEmFVE7I1_kIIerqL2z5z8JNLxp147xePW4-r3BHCp9RNTnpdMB...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GVEZNMDJoRTJ1R3c0U2VFZ3RUY0VTWVl3TG1YMmZ0Un5B&google_push=AavPq0PPtg4PBmkL37UUveJeEmFVE7I1_kIIerqL2z5z8JNLxp147xePW...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GVEZNMDJoRTJ1R3c0U2VFZ3RUY0VTWVl3TG1YMmZ0Un5B&google_push=AavPq0PPtg4PBmkL37UUveJeEmFVE7I1_kIIerqL2z5z8JNLxp147xePW4-r3BHCp9RNTnpdMBMesK6nEFCUVCNrO_2EBMFvsSVG-mcyj2o15lU5DYO_aOeIpM2QODwv-nh3eyIWnKKHHZcY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GVEZNMDJoRTJ1R3c0U2VFZ3RUY0VTWVl3TG1YMmZ0Un5B&google_push=AavPq0PPtg4PBmkL37UUveJeEmFVE7I1_kIIerqL2z5z8JNLxp147xePW4-r3BHCp9RNTnpdMBMesK6nEFCUVCNrO_2EBMFvsSVG-mcyj2o15lU5DYO_aOeIpM2QODwv-nh3eyIWnKKHHZcY
date
Fri, 23 Dec 2022 19:10:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame E835
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEOrZ1tAxWeBVTuCojp_rus4&google_cver=1&google_push=AavPq0PEghDfyQiiBwCJ-DQjMmNMdhZhetpuqabl028UI0CmJcNQCsBi5UWiVIJfXt4qcuq_pMTTuKYz5ZhxxwgTnPTJojgoE...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0PEghDfyQiiBwCJ-DQjMmNMdhZhetpuqabl028UI0CmJcNQCsBi5UWiVIJfXt4qcuq_pMTTuKYz5ZhxxwgTnPTJojgoEafrJruddEfBdgE-5OHMY--Q-PUkI...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0PEghDfyQiiBwCJ-DQjMmNMdhZhetpuqabl028UI0CmJcNQCsBi5UWiVIJfXt4qcuq_pMTTuKYz5ZhxxwgTnPTJojgoEafrJruddEfBdgE-5OHMY--Q-PUkIAHb0FtPkgyCtYr6J3o&google_hm=e724d9554197a8d1b5eb245147e24ca0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AavPq0PEghDfyQiiBwCJ-DQjMmNMdhZhetpuqabl028UI0CmJcNQCsBi5UWiVIJfXt4qcuq_pMTTuKYz5ZhxxwgTnPTJojgoEafrJruddEfBdgE-5OHMY--Q-PUkIAHb0FtPkgyCtYr6J3o&google_hm=e724d9554197a8d1b5eb245147e24ca0
date
Fri, 23 Dec 2022 19:10:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame E835
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDB30zsdK...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDB...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&%%GOOGLE_PUSH_PAIR%%
Date
Fri, 23 Dec 2022 19:10:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame E835 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNqb5Sq_pXw7yYEjMQgXul2n0xB_Qr7UNzN2BObP1Lbnw34YxZEHAG25UbH1_3q-UM1v5Zo6ma
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:59 GMT
content-encoding
gzip
etag
"StHfV9prSwQMxjKWocWEFw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 30 Dec 2022 19:10:59 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8E85 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:10:58 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8E85 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:10:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8E85 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 18 Dec 2023 19:10:58 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221223
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ab1b0a057d2bd20012562459bc3bad3b1ca065f4a566cf988fa180ef5f78513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11407
x-jsd-version
1.0.1565
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-ZZBiAq4leosWkAmBbT+TGz5SwcE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jq60ZfZVhgqZaYt5LbqooBA2ZRPXlNL1OQgguGdw%2BorvLYgxGp44Q8uMI3zxHBGlyvP%2FJBBBj5e4vfUy1bAP3YageuZedwpHm0ADYNmLkxHKqub5Z2i0yzRMBiK1JiUGsBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77e3667b5afda96e-SYD
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
arj
adpushup-d.openx.net/w/1.0/ 		173 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=449d5bba-745c-425d-b372-a2090c186009%2C154367e1-736e-434d-ac9b-f6e7a238ebfb%2Cf5f9188b-e51c-4915-97aa-8964b2e5b031&nocache=1671822657462&pubcid=14728fd7-d98d-4a6a-a07b-3e92eae12afd&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8c1f85ae6e0a5dd802e30dd00c9b7c0987ad51c5263b5f7be69a5a67767613bc

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=348550e6-fd26-444e-9f88-3b998c7aa117&nocache=1671822657463&pubcid=14728fd7-d98d-4a6a-a07b-3e92eae12afd&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0ddd2f4d-8b3a-43e1-9c34-5a1d38eb0ed4&nocache=1671822657463&pubcid=14728fd7-d98d-4a6a-a07b-3e92eae12afd&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ac9cce1a-d148-4659-a797-9552907a882d&nocache=1671822657463&pubcid=14728fd7-d98d-4a6a-a07b-3e92eae12afd&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.47 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 23 Dec 2022 19:10:58 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.12.199 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-12-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
accept-ch
sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2236c048d9a7f0ef8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2243d4fcd16a144c1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22463abac53a6bb5e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22472b3828553f76a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2214728fd7-d98d-4a6a-a07b-3e92eae12afd%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d0069e32e2c76e4461b6041eeff73b67715f095fa4d052bd7be6e48bd54042

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH5awD%2B2unZh2W7z2klHtCgKI%2FpNEcMQqAUAnRLmfYTcTx4ZicciUpv4gSNOhLI4ln6NxN0IzROgTklNEz7NgV7hbcGotkSzfYnSDIJPU3jSxV3%2FZQsOsTKkII1dzbpMi78YL0GG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e3667b7b0da811-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2236c048d9a7f0ef8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22463abac53a6bb5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22472b3828553f76a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2214728fd7-d98d-4a6a-a07b-3e92eae12afd%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e1c6ee3611482a602b564e35f4b8feceb0c7859b0375a9c90aea302aaf2f36

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rla4O4Y7dcdXYb6SKh9KI3qozgrj3UPIQd1PRiTmCZ1wynPb6rg1NrEUbJa%2FMmXG1NWai6PHBlVVDY4MFuOk3jg%2F%2FiOhJZ6QPynqJRe9dZk6EnHgm5pet0uemFVhNh1Cm4w6KNum"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e3667b7b0fa811-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Fri, 23 Dec 2022 19:10:57 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
92d2e166aa495910bfad5ff12a4f03f8a8f063e504bb8fdaad8c9f61374df25e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 23 Dec 2022 19:10:58 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
81a380442b17611f210e62cf025583f9109499681732a7fc2bf4258c8a60937d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
99
alt-svc
clear
expires
Fri, 23 Dec 2022 19:10:57 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.229.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-229-26.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
11
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5405
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=25547299590
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d2961a246d362f458d3a5bc87dbe1dfab9afc77e71518468c763e666171d73ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:10:58 GMT
AN-X-Request-Uuid
bd2853de-9338-4d52-8712-5610ae7823dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.181.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-181-45.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
2481a441a4160a00cbe5fc21e2f0ca113d175f74458268b9a9816c11de9f3338

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.181.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-181-45.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
0162f5c2c04c2e3e06776a78e5722f4e869c308ae20d53ef91727b71b75c6783

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.181.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-181-45.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6cd9fbfb40522161db11cfdb95d9368da9ce688bf3ec81d762f0e80be60b648d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=14728fd7-d98d-4a6a-a07b-3e92eae12afd%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=f7d35e68-2003-432b-ba2c-b653bcc0feaa%3B6664ae35-7b55-411f-ab9b-967d4e3ddb1f%3B5e0e1442-9593-4a48-aceb-d4be2fa4d2a5&l_pb_bid_id=794584229f3d2e3%3B80e35dc5158218b%3B81ed9ce0968aa89&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.5796557258835429
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f2e0e3aedef1c382d8c85a95c9c68f9b061b254ac659363a6020f108a240c9ac

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8E85 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 18 Dec 2023 19:10:58 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 8E85 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=PBO7XP75XM3tyKw0QFopdBT6cT0utV474FQ7WXAmvYSwj3U5ymuaCcwphBUYATf3HF8gSTPF9q-ezvBodV1YQiIa5sKCGFmgTntSQs2bl4uiyqVYXi78Tk_khTMl7qd5FEqAgzhaLiABlgfq5NUpHP0v-Mchb86E9Jn0PzXooo1ZCEuqKMxSsF2WVRdaA0IcMY6ToaHiFvHryMT2RRFzvekAxw55XB62fjvIGw7zZQKzhV-rON9wpG5ZHkAwsIDYVZKgInKks_oHdqySZduWVhxRjtvD8J0lCqmcbR8pcO636QLYBBWfEz3T7faZUAsEvTPOJuSCEFnoq-PYBVh6x_FqMRP7BJFMDzr08JWn5bfMbFYDZrs64k86GOhFM0_s2bKp6x1X55sbJB_5W5be6K_Ezgra3JF9Kub0KfyB4uz-47kQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3893355
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame F2A7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
066bd0ab3f03c6733036391e59f227c04a34bfb54adcc5f3c2462cde9432e4f3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
static.criteo.net/design/dt/ Frame 8E85 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-cbac"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:10:58 GMT
1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
static.criteo.net/design/dt/ Frame 8E85 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-50d0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:10:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B6F9 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
47bc8c6022c30b4d59914893790af49f7c00436c7e9b5e0694b78e52977b4e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12418
x-xss-protection
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8E85 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
692537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQ3%2BO9n4ERFUqGn%2FOnl2yonGLvQHskatzHwfqSKx6rIeAGqV68q%2Bu5CJIoWIPcQRZfkv4S1RKFM2hsitHhD7DHI%2B4%2Fpp5pcVVXBlhPfizt%2FOzxo9GQm4oOVQg43xpUu0I9ZmKJuA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e3668098d9ab01-SYD
expires
Wed, 13 Dec 2023 19:10:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9305 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
4168b82173ee871261a5edc235b2ea975443158831c37b0df791078d5c2a5d63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12517
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4C79 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
87752c29ca04281ba59e1451edceda2a01179744538a4fbc4c6c4144de98bddc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34171
x-xss-protection
0
server
cafe
etag
15904684532644490222
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:57 GMT
animejs.js
static.criteo.net/animejs/ Frame 8E85 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:10:58 GMT
807152278c1a495d8e7648f09472bd58_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221214/ Frame 8E85 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221214/807152278c1a495d8e7648f09472bd58_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
908621395b7eb80c47e4db4d95a020ecbf7679b089ff1daa6d071f538fe9b941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 14 Dec 2022 10:25:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6399a487-10013"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
65555
expires
Mon, 18 Dec 2023 19:10:58 GMT
img
pix.as.criteo.net/img/ Frame 8E85 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=152&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=668&s=Plfybc99RBiiwXw0FK6zcWVJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29142735
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23355
expires
Sun, 26 Nov 2023 02:23:14 GMT
img
pix.as.criteo.net/img/ Frame 8E85 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5636486_png%2Flatisha-earring-jackets--flower--pink--rhodium-plated-swarovski-5636486.png&v=3&w=400&s=qEMgMzLX3uRdGfEIZR8sdpNd&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
807fc9e37ab679d6c64049ec21baebcd62decf83c3c64571aca65c209335f770
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30117680
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10996
expires
Thu, 07 Dec 2023 09:12:19 GMT
img
pix.as.criteo.net/img/ Frame 8E85 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5555794_png%2Fbirthstone-pendant--round-cut--pink--rhodium-plated-swarovski-5555794.png&v=3&w=400&s=CsaeZWrNuM154H9Il46aSfQp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
47b91d73b2493b07a7f73e4e4fa0f8816450eb1199855102c9fe689dd3af40ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30217589
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5884
expires
Fri, 08 Dec 2023 12:57:28 GMT
img
pix.as.criteo.net/img/ Frame 8E85 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5493722_png%2Fowl-couple-swarovski-5493722.png&v=3&w=400&s=KjVU63iH5appaTFjwo-BbF0z&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3b1aa53419f55a91e749bf5a571ec8ff26f81bad0c3056fe380e237e081e4c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30324572
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8736
expires
Sat, 09 Dec 2023 18:40:31 GMT
all
csm.as.criteo.net/ Frame 8E85 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=bbqUvPleI6Zml46cpXPi4CHLFQhrek1nok1THKqwkOEIdg7c8Fj03xiVWUmcU0MhRXhGUyL5241bcp2wvUFVeoSrjbHeCA1zhioNJVPrHcgy7pGsVl49zU_W-1EeVBsfXN053smbNIK_BPsHg_wiAl4uYWOQ7AmBina7t5Z0PbykvWmfyFhsEtxYC-z6EASnakwKOmmDAKdPC0q6AkQOywSb_7YAT6afY2LmW1t2LDrWa09YaaKdBl_LaGA_kZiOR-hhuQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 23 Dec 2022 19:10:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8E85 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:10:58 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8E85 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:10:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B6F9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 19:10:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9305 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 19:10:58 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ Frame 4C79 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
0b0d03f54ac0ff7dfed8bebc68b9aec035c0493764a7e598160635fa702dccfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119966
x-xss-protection
0
server
cafe
etag
5241094389626651725
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7972 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
126405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 08:04:13 GMT
expires
Fri, 22 Dec 2023 08:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B3E5 		783 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
6716721517a253dc71068ecb8ef1b78e0a3b24a4598a46b7772045e9df0da96f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_4VxfqQ3YpEdshYBQqzAeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-_4VxfqQ3YpEdshYBQqzAeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:58 GMT
expires
Fri, 23 Dec 2022 19:10:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
L2Evbm9uZy13ZWktaHVpLWJ1LW1pZS15YW5nLWRvdS1taW5nLW5pYW4teXVhbi1kYW4tcWktcXVhbi1ndW8tdGluZy1kYS15aS1taWFvLTEweXVlLXNoZW5nLW1pbmctZmVpLXlpLWd1by5odG1s.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2Evbm9uZy13ZWktaHVpLWJ1LW1pZS15YW5nLWRvdS1taW5nLW5pYW4teXVhbi1kYW4tcWktcXVhbi1ndW8tdGluZy1kYS15aS1taWFvLTEweXVlLXNoZW5nLW1pbmctZmVpLXlpLWd1by5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 23 Dec 2022 19:10:59 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=897
content-length
555
expires
Fri, 23 Dec 2022 20:10:59 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 4C79 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4C79 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame 49A2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.20.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-20-78.blr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-length
801
content-type
text/html
date
Fri, 23 Dec 2022 19:11:00 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 362c65c57df97e0bc220116880b0aea6.cloudfront.net (CloudFront)
x-amz-cf-id
cVpHjNvSIhffh0adWzQOgCgXqJbdjJHjPJH_oNoi4a6lo7eXiaagsQ==
x-amz-cf-pop
BLR50-C2
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
RefreshHit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:58 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 30ED 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
126405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 08:04:13 GMT
expires
Fri, 22 Dec 2023 08:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ABA8 		783 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
e78cdcfdc106dabf4e1c675984596d399eba5487fc28364bc5a493e755bfaeca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6Q7YXei1bY_DANbYCxuuYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6Q7YXei1bY_DANbYCxuuYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:59 GMT
expires
Fri, 23 Dec 2022 19:10:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 7972 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 07:18:45 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9ub25nLXdlaS1odWktYnUtbWllLXlhbmctZG91LW1pbmctbmlhbi15dWFuLWRhbi1xaS1xdWFuLWd1by10aW5nLWRhLXlpLW1pYW8tMTB5dWUtc2hlbmctbWluZy1mZWkteWktZ3VvLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS1kZmYwZWVhMy1lN2MzLTRkZWMtYTYxYS1jNjQyZjlhNGMxNzciLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjQ5MzQ2MDJiLTk5OGQtNDUxNy04NDRkLTBjNzA2ODk4OTM3MyIsInRpbWVPZkF1Y3Rpb24iOjE2NzE4MjI2NTc0NTIsImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfSx7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjQ5MzQ2MDJiLTk5OGQtNDUxNy04NDRkLTBjNzA2ODk4OTM3MyIsInRpbWVPZkF1Y3Rpb24iOjE2NzE4MjI2NTc0NTIsImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI0OTM0NjAyYi05OThkLTQ1MTctODQ0ZC0wYzcwNjg5ODkzNzMiLCJ0aW1lT2ZBdWN0aW9uIjoxNjcxODIyNjU3NDUyLCJiaWRzIjpbeyJjcG0iOjAuMDMsImFkSWQiOiI4MmM1MmZhZTIwNWE3MGUiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjgwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY3MTgyMjY1ODE0OH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJpeCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODJjNTJmYWUyMDVhNzBlIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5N31dfQ%3D%3D&c_b=9014.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:58 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 30ED 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 07:18:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B3E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=724482718492426&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7972 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gRzI2g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame ABA8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1859368706194295&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 30ED 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?cGwF6Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		130 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3985648012972242&correlator=2940117625693204&eid=31071090%2C31071256%2C31071160%2C31070232%2C31069102%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=2&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D82c52fae205a70e%26hb_ap_bidder%3Dix%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D7941c0e0b32528ba-22272e14b1d900e8%3AT%3D1671822658%3ART%3D1671822658%3AS%3DALNI_Ma8rNELMn9nq91tjAjK4SO76tchIA&gpic=UID%3D00000b966bbe2133%3AT%3D1671822658%3ART%3D1671822658%3AS%3DALNI_MZMz9Xu5wyI-vJjRL0661bYxRf-Dg&arp=1&abxe=1&dt=1671822659602&lmt=1671822659&dlt=1671822651334&idt=8238&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1356302602.1671822654&ga_sid=1671822654&ga_hid=1419883430&ga_fc=false&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
070cacee7984313ea2a9fd4f8d55cf6c819e14781ff875d36cec31055e85511b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29753
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F81E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:59 GMT
expires
Sat, 23 Dec 2023 19:10:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.63.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-63-125.blr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 18:39:28 GMT
via
1.1 0132a5dc678365e730115a1e95f1a2b4.cloudfront.net (CloudFront)
x-amz-cf-pop
BLR50-C1
age
1893
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
mumq7kt7PlEStWKxMozfBQKUB_WmH93c5gWzeLL49PshjiX2tKjh8A==
sodar
pagead2.googlesyndication.com/getconfig/ Frame C955 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
1e49d0cd3de328d065fdcb85760f40558e26350a59177910ff65ec429d27b558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12496
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
14a1b91903b8e949aa724043c8134db57a8fe9a05a6e771622e7aaa2a259f67f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78482
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 23 Dec 2022 19:11:00 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.146.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-146-122.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 23 Dec 2022 19:11:00 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 49A2 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
6a72f7af5f417414991daeecc3325d1b5b2919edf90cf28c01ff3097e3abfbfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49467
x-xss-protection
0
server
cafe
etag
154187412797873312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:10:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C955 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 19:11:01 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 87BD 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:38:12 GMT
age
516768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:38:12 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 87BD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:46:45 GMT
age
516256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:46:45 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 87BD 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:37:59 GMT
age
516783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:37:59 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 87BD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:43:46 GMT
age
516436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:43:46 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 87BD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:38:12 GMT
age
516770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:38:12 GMT
truncated
/ Frame 87BD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
649af3554cc38e3eaee5060f1d710ffb62717a0983e8f745d030e3764ab2f113

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
CC_BMW_Auckland_JULY_Mini_Servicing_On_North_Shore_GDN_300x250_V3.png
tpc.googlesyndication.com/sadbundle/12534099469762814762/ Frame 87BD 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/12534099469762814762/CC_BMW_Auckland_JULY_Mini_Servicing_On_North_Shore_GDN_300x250_V3.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
0f8d5c432cb8c01f6ac3f2ca1b76d68ebd6cbc4c99ce038abd6e1111121e6f03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:00 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37641
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 22:01:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 19:11:00 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 87BD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:54:15 GMT
x-content-type-options
nosniff
server
cafe
age
22605
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sat, 24 Dec 2022 12:54:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 87BD 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:30:22 GMT
x-content-type-options
nosniff
server
cafe
age
24038
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Dec 2022 12:30:22 GMT
l
www.google.com/ads/measurement/ Frame 87BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuT3gbucSt0yaCVC5gmaGKf5zaX9by7_oBEh4TFsdd_WmPbHcbnIyUdGyN1VJ4dsenujpEBx1SnQ3x6aSEiDtzcafiEQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 87BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CI4xOQ_2lY4GtL62lz7sPx9C76AaXrczrbbnCtL2qELCQHxABILqEwDNgq-yxheAYoAGDo6bNA8gBCakCZV5k-sEXpT7gAgCoAwHIAwiqBNMCT9BRXQ6cggMd03db9gmf_iXUvslTQY-eYKBFVxZFN-AJyE_oB4hGFGqZqBiNwrIDx-xvvNwpez_zFWe_R8K6WD26WPw8FdiU4R44l_nybDjE3jy3o9-XUeTffeANxVZgFAI6qgp2w0vXmcSR39d5s6biR-WhE2GRbCLf04-fGidISI7WnA4aGyIMCSiPGTekFqfz6ZISutKAJjHqeNXxwNCx8Zi0h5gfGCkD0Fod4YRFSYPztgBUwCRZhV0c4PLJJLZ8Fa5PLJG30BbKviaBJ93Eh5mkoWs0QbdoRb5z_c5M2FYEKmOOI0nj7A4WjW8SCYiCM6op6AfSkApcYdfF3E3UdhjvisOaUiy2WNFp6D-4VaSCO6kbLWwPoZ7s-JtAvKwn1JIffm6JPzBfwsloMUVWILdgGep0eawuG7-hDuRl89Szp0goSnbZqk9cHe_fcUucwATtiIqFzQPgBAGSBQQIBBgBkgUECAUYBKAGLoAH5dzZMqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKT8BNIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=e4D5u6WWdDw&uach_m=[UACH]&cid=CAQSOwDq26N9Er7Gn_LcUDGxgF0F6GRUnaeCCG2fbcvwfUb-V9jmJqFtQ-TUFgU_FK7yDdSYQszcVOYskiAgGAEgEw&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame E228 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:38:12 GMT
age
516768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:38:12 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame E228 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:46:45 GMT
age
516257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:46:45 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame E228 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:37:59 GMT
age
516783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:37:59 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame E228 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:43:46 GMT
age
516436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:43:46 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame E228 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:38:12 GMT
age
516770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:38:12 GMT
css
fonts.googleapis.com/ Frame E228 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 19:11:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 19:11:01 GMT
css
fonts.googleapis.com/ Frame E228 		4 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 17:28:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 19:11:01 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E228 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:54:15 GMT
x-content-type-options
nosniff
server
cafe
age
22605
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sat, 24 Dec 2022 12:54:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E228 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:30:22 GMT
x-content-type-options
nosniff
server
cafe
age
24038
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Dec 2022 12:30:22 GMT
container.html
21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F81A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:10:59 GMT
expires
Sat, 23 Dec 2023 19:10:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
7011701388613199170
s0.2mdn.net/simgad/ Frame E228 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7011701388613199170
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
011c9f954597c8443845dd193bf7ce5eb694e36f3e46e2f23ba044c7851356e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:03:37 GMT
x-content-type-options
nosniff
age
7644
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157966
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 03:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Dec 2023 17:03:37 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E228 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpuhxcY-6eaGXfT87l_pFJGrBLF2z5aRdHuVhpxSLAfA87DysyJdvde7ZRPovww1FM6Gi9xt3YAmTQFh3V-4YwbuX746bbM8RyR09MRg0h4o7qn0e5JmXgPYVnjb-oUo1W8hAMQkx2MFDcABE6sFy39VzOD-T5Rg8cCpTnsTIGypZgpyI&dbm_d=AKAmf-AYlMTv4qBL9jAjSHEceBFcHn7VcczGOKa_xNsmsa5_xWeht0RkQ0Jdij_VJAa9ufwMHcsApnVPN5_zl10OqBSF9lZURsxsGBRMYADWm0VRZCEAVGV9IdvDvUOnRas_WoP7TuNj1sMgHRIncrhyd8O0eW0fMOHJwQhnchwp1XzEMYGGNfyX93GdOwNHwMzgPPJiVGPrzH4NwtcOKJWjthGvcdIyhdCp2xHOyK5G8rYvFdpJzFy5YyIntzXpqITS7SMQIAeyF2kc4YN3hVmc2XgUkJ3dt_n0nJ-nMxKkv5mpvvJVto3O9axm5ouoG8EQSLsL2JH3aIOK6Y9vWa4UlNJASEWelIKbLVZa-AMI3zQXTDZSTW_snO41oRo8f0VcFsih-76fJ0dWnZsGbcCHM08Yk_piWLPeMXTRn7VV1w8wSoWK2nF1uF7a8stwSH6lHhEu4HAi79hQot8ACRyB8yAQpl8zRfTFoCP61Y4UBn4Z5HtevI-u0YxovOk_8NBA7xL063bDHNP_WIIyckC_wt0pJHqhwulhtjAFM4ukfXXeMJt4vt3pU593LVNFMqHVlAWO60TAnAXU7agEVu4WyPM2NAqH33HZb-KXyIopoG4JVXyJoElOVM8aRG5d8r6oqYfTZsdDRRY4QLOEmvy3DdXOxjO7cJ9PUuXRYF2rdVGef1YwWzsH8OTPFyGh81AeFT9n_DCumMjongjKEe6y4S7D_kjud0BM0TYejEeBgS8SVOV6loL5_EvgQLe5EUixN4YPei6rBygePGI0Ql8k-_1_UZueoOqeNvF_pI2WCG8tlNzJile3a_dxriF4ZePLNoTMBVlZ0sYP1itbpPN7kU-6PQ-jKIEZZlxoPQTTx8TjiLr-fpeJ9-mqfEJRcWXfXzc8rGEYWsFDG3t0JKNba9Et2XcD_Gv7HZMEPHNMRqIqAphxa613I5MUFKh8gL0xPvb51nHH4ZyAkec_V-aMbqOkl-Ez3y4cI1yhQ6BJBqge9Q3Xn2w7xIkljI93s-gy_k3sGnVoXQBOxi_a5eAcHo3E-PR3oBlrUQtfvTcgvLCsKe7Tj5EQBQ3F8kJ0RgPeGS6ky01Pog2VTHGyX1COSPnE1oFTGKMAukARyj1XLtziNjHaCFsfMzp4icMPolEZSE_axyvhwSNsQ_tFb4t-MJQf61RyM3_hwEB4A-rGm5QjXeclHtSX4Ur0pCOOqtM-vPAgEXJV8JZ1pN5OboebZYBntifU1FQDSeEXtTWnYhTTRfua9WMSzXWATBM_3YtLdWUJ-gNZJ2NhULciL2BEJTTMedf7MwJw0cfHe2bl_IEkjSckCYpNG-cSXaXxGK3xJchZyQcUwhzWl8_XxrV45lq_ZVNkmlpQdc6Mdui2oGLKHo3XIy0jSZDaPvNwfsj6uLYuLJABI4XnHlocDES1CVZO1Z5dh_kapPY0ulUi-s-yKyJ-byijJRSzZH64B1xgaPtOxoIuUYd_tXeEYlC11J9TSEaGxd14EZgle5-kmcA5nrDMk3vAblAG0k_c7qGSG109E411zmic2PJxPP9N-WVHnpspOd-Eg9v20fdZ2IGRdNZo6ynqxNliOQZwP-pFda7otSpRJ1RRMe6I-QH5u03v6UOx-eQsa09FNMda-i-XOJ-dWcZbdMowacIAlWihOHP0t7U0OZtZw9vRUPsRdANcbYOZ3CstjYj7tZNIFx974swOlzA1EhWpuRpgLu0TcYQX3gG8bnVLctSL1ptesPGT3ak5k3K_0edE17RgS8oa0gMrgL91fi4b85Q_qDq-GS9KJv4-Fq-fBWLEb-rW4emE6r-Egv2LefnPKPs-9WVRz61g9_lA08EBKEK8G8VrWT5R6W6K2Wc0xulIfewi5sNjeCQXmNSPRmniKNdo4iTPFiBlNHOPzlbfdcMb60bPHctZlzO3eY-_4K31VhOY-ecW58p9tAUAkmhhmDY6gkWR1dWYd3Vv5drAJ-9lIkcQOfoVwsLnkLKaRt3JtOwG-j2mKFsvgpgF4JeHtVibJGxbopzUiVuXAoyTnRyOoE9EC1CqbDFgQD6d62a8ywgbJjFl8POIYTo8OLLkNhF4hQCSgzqM5_QkkhYxyOAvBNeg3XFbIBTB9yK04lKs6E--7RpLy7HR3CQcKBH-3ONz9_oKSjlOSJnDohIaHayQbwKRG_vQEN_TM9UcOPHQtTalvgj18jazZF4uEDlWUyxFR6msG1y-plUBYDuy8bT5dzpy09XUoDoDxhLOZDmFjvprHULf8Efs4hO8OPahTPGv-1Wku7BGdQRRe_eh3PzbMkkn_61T4iOBZV--WaaYCUCveirUucsTq3qTrcXWz-Gl2OHsIUT0S4qYl5facb8LXdjoCA2_T4tjUXVOAEccDgdpKpdzevaqMjFFJ5iaDZvEYy2psARZ2OWtzCVL5SXtZBNU8P6Q2pDTL_z9JTuodNevJRcSh9TsqmVuyTMch-aatxaMKnD5rHEpEpcoUHY0ftCR0N_Pb13kXdHiFu5m-v51cWyRJiaMY0FmFcG0RlH9LV_i805xCI6iM79BKwhlaNH9OVyJPIrdHddHqXDtWDcSIedIGA--IUolbgfcLuET8DoDM7QW3779F-lo5QKNNT-VTrW1TLZPrlFI1im1uhmeZZ7O5S5eZDkksgdOMdtrruRWaamcpVDuI0xMA4pIkj1HLOH7tw74Wzx2lSt6IbSdRV6C4OmHKfvBuhpHnzhTpRngkO4BIaBG-JayM3tGJrMx9zs2FkJUHBARM9zxu4U8JWIxbcuaZ0xqwZHpw5UhZbuQyQmxwnBeXfB7Uv6vqJKarT2_yICKjRv8ipyn9D_yOijJiyPuYGCPtOlIP0RuHwVt7lKO4wGVvqGZgnn6BF3M8hP_aBOX6i1RjSRxvjF38V_Cc0IJtUtU1GsdoTByYYAQkUmD30Q_IELOKLHxVlTRF1Zhq5uX9gtQYXAINjpit8KDd5h82zdLsflOIcstWYEqsdy_fm5pZw34GTX3re_AtHgK0NR75wi1U6hiiTNcnPPqLAXMcu6kn5qmKWXmQ2YnM8kD3y6F1cGDNPJDLF_H_hujoaTCsAdAVho-eJNOWUeT1IKvu43hOxgy-QrgazJQ7QlDw2lrA_scObuXtkSmIOelgFU_Ll0-qMOKpywRKOtvxECAmrjfVQ4JtvJJPiP5ErMnf9tQyA5L-B5hq93ML2Lu_Bv7k1uHQWVnXBD2O6AVdlFm7kKLRhq2UVze2Ggs6qlsFyoXju30krUpdSdRfHjUrkiEI1TG0DG9hTIa_C7P-xfggRQJc4TLw_rchvLcUKPHgHgaIJg_MWIWX6NfqrcuF5hOhf_5joewCeuUC7MFV1K67fmJJ5R8SH2uqwrFaIy2Mk8BfbBIDkYobuIcmaIb99Cy-KfWyMScK_2c2JIpYWi6E9XJXPXAi7j_dyU2tuw0xapWsShswlnfYyOYzZZG3WLKEyGqrBPbarucm4p5x0NyoON3pG_-S-l_fCkIRcfruL3tJV2LVB-tPdR5GV2vCZQj&cid=CAQSOwDq26N9Er7Gn_LcUDGxgF0F6GRUnaeCCG2fbcvwfUb-V9jmJqFtQ-TUFgU_FK7yDdSYQszcVOYskiAgGAEgEw&dc_exteid=278516680365694609&dc_pubid=4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
imp
www.adtrek.co/adserver/ Frame E228 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adtrek.co/adserver/imp?cc=d308511d-2bb6-4407-bceb-5f28bf2331c6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.150.39 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-150-39.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:11:00 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
adview
securepubads.g.doubleclick.net/pagead/ Frame E228 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNdjFQ_2lY4KtL62lz7sPx9C76Abz25DLbaeIqojvEP_Ror3AARABILqEwDNgq-yxheAYoAHu0_ySAcgBBqkCZV5k-sEXpT6oAwGqBOIBT9Dg-NR3B9g2oGyRJWDhxaJiSkCf5RQ_xU27nIiHSWsguz9esYmWVDlKcZIVd7Lk4eIJocwXVsNFcZHcNHwge6ZRK18rHkmDrPSiDz6lkxPIPcO9xXDOPIxk1cTeYAMaztLPbal5EarRY8Es4hHU1KrxZzZDVYzde3yzjNlnPKeSyfkGjHgcQBXt0g5lmaD7nZG-JUsq2IVqTZQbxigNVnD0_kU4EAG1Hk9tuotmYmg81juGrfvvr7jUNz9reZuDGXPxWlr5SVwGfgw7xyZEz4_CdCM6nNbjSQWvq6WiusahfsAE8saj_ZsE4AQDiAWP4OzvRpIFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH-quD7QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChCW1gcY652x2wHSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwGwE4X7txHIE9f2vuED0BMA2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=hsKg6B13g9s&uach_m=[UACH]&cid=CAQSOwDq26N9Er7Gn_LcUDGxgF0F6GRUnaeCCG2fbcvwfUb-V9jmJqFtQ-TUFgU_FK7yDdSYQszcVOYskiAgGAEgEw&template_id=509&vt=10
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame E228 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQya2MTlFaxI8iQVzF3mZKyVuE4HCNm5O8SXQaZ1rUslKWpqrX7i1cQvmbNzdnmllNOuBnHqhYry0ew0NWzX_Bo4LwoVQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame E228 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aac43007a50c3ebba3adcf81f6d8e46af67203a6338e8eb169557ac7ee404fd4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ Frame 49A2 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e70d35e1737bf13c05cb1b5137e47fc2fa98509970f3aa1e352be20217ca7cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120016
x-xss-protection
0
server
cafe
etag
12267067891708134194
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:11:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Dec 2022 19:11:02 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 49A2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 49A2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 793F 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822660423&bpp=3&bdt=595&idt=379&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&nras=1&correlator=2410723168487&frm=8&ife=1&pv=2&ga_vid=459637066.1671822661&ga_sid=1671822661&ga_hid=356800596&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071220%2C44780792&oid=2&pvsid=2123180810527031&tmod=146163553&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.pxn7uwpqy68q&fsb=1&dtd=397
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C1C4 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822660426&bpp=2&bdt=597&idt=404&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2410723168487&frm=8&ife=1&pv=1&ga_vid=459637066.1671822661&ga_sid=1671822661&ga_hid=356800596&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071220%2C44780792&oid=2&pvsid=2123180810527031&tmod=146163553&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.m1m12fhrwgfx&fsb=1&dtd=409
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=820105251;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html;uh=e51ed67df...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=820105251;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-687585939-1671822659633;pbc=14728fd7-d98d-4a6a-a07b-3e92eae12afd;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1671822660952;tzo=0;ogl=;ses=dbd52fa1-9a44-4812-ab14-2be53da94e0c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F81A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjxwbQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoExQJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRM8kN2i2v_sLtrdwt7pjYh6FNhN4TXs9tneaeXuyD-NDFmuyjoTq4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=rDLDcOr9ZCk&uach_m=[UACH]&cid=CAQSOwDq26N9Er7Gn_LcUDGxgF0F6GRUnaeCCG2fbcvwfUb-V9jmJqFtQ-TUFgU_FK7yDdSYQszcVOYskiAgGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame F81A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kOqNEvn1BnjYBGL4LRICAAAA-ONZtFtuTcMQQ_2lY-Fh2gMOLOQDbG7OABIAAA&wp=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
182353
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 5CC3 		177 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c036d0a0c042c04b1caf869bb1b4f357b9abb47479fb08a697fdff743c49647d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:00 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=DbAZ2vleI6Zml46c_pWPUuscwWLd22Qao1JHmshw14eK7REFbqe4xMWbINLMhifQNYMZrDjVbFehim8iInd4JJSEB8jXaMRVNnW8raXmzADUi_fGR_WiXrgBLqAnrnBYIkppv0LGbHWvUhZSBglqC3DKDLZIiWW2G9efMqUhBtN3grOZoDgNCus9dvXd-vW5JG_mVqemrg_Mjg8b9kfNL-weKb2qWIVsSAyHv5ln-KNA48RKtaMUJ7qzpayXZvuoPF7vWA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
47992017
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F81A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 07:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
42950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 07:15:11 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6DB7 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
76267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 21:59:54 GMT
etag
48472445140208031
expires
Fri, 23 Dec 2022 21:59:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F81A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 09:55:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
33320
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 09:55:41 GMT
l
www.google.com/ads/measurement/ Frame F81A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToI8u4sH6QtObWQa3EPW5uau2OWLndBV_e0t6KHhH5nA_gdFspV5Z08CJCzxdb7kR7DSPETf5ycoWbp4bqmkYN_Gd1hA
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F81A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
369786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Dec 2023 12:27:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F81A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 19:11:01 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=1419883430&cid=1356302602.1671822654&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671822661&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&dt=%E8%BE%B2%E5%A7%94%E6%9C%83%E6%92%B2%E6%BB%85%E7%BE%8A%E7%97%98%EF%BC%81%E6%98%8E%E5%B9%B4%E5%85%83%E6%97%A6%E8%B5%B7%E5%85%A8%E5%9C%8B%E5%81%9C%E6%89%93%E7%96%AB%E8%8B%97%E3%80%8C10%E6%9C%88%E8%81%B2%E6%98%8E%E9%9D%9E%E7%96%AB%E5%9C%8B%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 49A2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
b5f78b0fb5d317c876a6708c5b12ee62d82058a57bd1bf36e1caab1717849b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12431
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4C79 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
c72b9b76dd2dbdf7a9faf8f1f8775d0f1f3dffde8158be509483d4c8fb65bff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12606
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8BA1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
5290e4d5773ed01be64940bcd1a9ff70ae09122c0af373bd12d47c83c3606a34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12671
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E228 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 21:52:55 GMT
x-content-type-options
nosniff
age
163086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 21:52:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E228 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 01:18:05 GMT
x-content-type-options
nosniff
age
582776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:18:05 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E228
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 23 Dec 2022 19:11:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B6F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=724482718492426&bg=!o6CloOTNAAYgquz3AKo7ACkAdvg8WlO4KVVnfwImYOE1vDJZokj48y8L17HfUxfO8-rKu64VkQZVTwIAAABfUgAAAAJoAQeZArIkZxEIll-vFClG6g7__Cel3StWNRc1opm2NnYqTr3-wkiYNGTa5KAh9qa-edv6Kcr-mWOKCSHfWGhDRoTeT01Lfwkgmw24ElJUON7DGsvvtp1VnxpATzjo6Q7CBucbtwl9oNsWU0Hr6FQGe6nvIQ3IndYtke9XbR2zDjGeYQe5NJQ0g3_9-P3bRgiGX22bcx6KDPMheME0_I--hlqZeVyC5wa1v_0Z1ymDMx_H3shn12pVudE-AVyMGujnPy6gZoxFnWQYT5Cc1dJhj4lvx1XQJBAiLUxxrvl0sh77iiB5oJS9wFPsLvb4IvjFj4Modyid_Y_JAgAwBKdq26klMuKLJQp8p6LI2g-a3sBs0fsoKmwXuiqSJo5aIvKA2rPxg1wIUdRhh1yK1ZwKodPQ-VMukdPY68Xds2M5PnGmYh4PBzmjlEoZaOrEHywi-MulkVMO_gVKr-GUGHHH82yNw0tSOjWizsMLMEHZ7Ii2rW3YA_r5b1dnV6Q_GqbVyDVtclA4xehoic9yMYacJv_xB4gmMPFkJe1aQ1WOFcnzZZIW2miKHv6PtwFmpeuQ3sa5Wkd0TGgun5gTW1ssQ7NsAlopOjbEdCCw1Xrmz6-IPRwKpYe91f2G2oD_2xMaF6OGUjQflIJsZ5rnd7_js8VCzQZSKCxpFrJyLk3uwwac-xyOrBuuO6XUk0enm89_rDjDdBAL95RX-F7NiB3loUXsMGhDak4Y8JrgS8MZSua4Ovikd2m1uIBMxDFM-ILqXBSujr5QMMQtXwQtteoZ-aPE-BY2p6FbAwuPMTUkZg39a40ybsTeBiH25ianVilqxVq39E-RwY-fQ8Fb8OMTUPNI2rZYcpbe7HRjhJBNeXZ50xpjJDrmZ4tXzUZ_I1IBlcWykJV78aiQUJ-ygEHIOM_qmLaoh1M
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6DB7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBUIWvqP7pZolI-_l5rJWD4&google_cver=1&google_push=AavPq0MjcIiMnxkVGdqsCawNxPccV4uD8EmaBDBWMRu8Zk3_G63kr8qFy6Zd97ZCvTcJddM0UHKdPR6GMwH-hDqwUwVc75rZj4lj
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ4NTI0OTAxNjgzMDE3OTQ0Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBUIWvqP7pZolI-_l5rJWD4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBUIWvqP7pZolI-_l5rJWD4&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBUIWvqP7pZolI-_l5rJWD4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 6DB7 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDBqfRSTzLMq5QjfewFtTqE&google_cver=1&google_push=AavPq0M6mQywzhBTJnoe3td9w1WP5yin27HcrWhbTX7-46HCmDeMGMinD-O_6Z-SoAUSxdmyrPQ7Ylfm0w8RAsvH2GyqxBlE6xx4
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6DB7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJA6RhTQKGNq7BnswZnFvCA&google_cver=1&google_push=AavPq0MA1t5iR1GdKeXxPCgKSIv8_7HpwMaY2KoF2SjvAQAanbnrCZD_SijI4Nj3ZE3GOg_HegyG6nyvHrA0yyuaOz...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJA6RhTQKGNq7BnswZnFvCA&google_cver=1&google_push=AavPq0MA1t5iR1GdKeXxPCgKSIv8_7HpwMaY2KoF2SjvAQAanbnrCZD_SijI4Nj3ZE3GOg_HegyG6nyvHrA0yyuaOz...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTdkNjM4OGMtY2Q5Yy00ZjljLTk3MzItODA0Y2M1ODgyZTIx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e7d6388c-cd9c-4f9c-9732-804cc5882e21
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTdkNjM4OGMtY2Q5Yy00ZjljLTk3MzItODA0Y2M1ODgyZTIx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e7d6388c-cd9c-4f9c-9732-804cc5882e21
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTdkNjM4OGMtY2Q5Yy00ZjljLTk3MzItODA0Y2M1ODgyZTIx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e7d6388c-cd9c-4f9c-9732-804cc5882e21
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 6DB7
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEAEbrwtYdQTzvmOf498-K0Q&google_cver=1&google_push=AavPq0OZYjKZnLGVin1syBm7u1gOo3n0SLFfmuibNo5kaRLwT1rBZsMk2BEzRlVwZ_xg2ybZYGAe5cWIX13533pV7pxokWKx...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0OZYjKZnLGVin1syBm7u1gOo3n0SLFfmuibNo5kaRLwT1rBZsMk2BEzRlVwZ_xg2ybZYGAe5cWIX13533pV7pxokWKxWxoeMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0OZYjKZnLGVin1syBm7u1gOo3n0SLFfmuibNo5kaRLwT1rBZsMk2BEzRlVwZ_xg2ybZYGAe5cWIX13533pV7pxokWKxWxoeMg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0OZYjKZnLGVin1syBm7u1gOo3n0SLFfmuibNo5kaRLwT1rBZsMk2BEzRlVwZ_xg2ybZYGAe5cWIX13533pV7pxokWKxWxoeMg
Date
Fri, 23 Dec 2022 19:11:02 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6DB7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ7AEqGtZZ91i1n9OeKJJuM&google_cver=1&google_push=AavPq0P3Uhg76qnKcM8mCMJhY-MZ4_yN6E-NYbHLY4GZTbdTGma8FN5df4L4bKKnO-NFuRY_d50Cy2iShas7mYsZ3n0hFvl...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0P3Uhg76qnKcM8mCMJhY-MZ4_yN6E-NYbHLY4GZTbdTGma8FN5df4L4bKKnO-NFuRY_d50Cy2iShas7mYsZ3n0hFvlrmvGR&google_hm=eS1xb1ExOUYxRTJwR0NweD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0P3Uhg76qnKcM8mCMJhY-MZ4_yN6E-NYbHLY4GZTbdTGma8FN5df4L4bKKnO-NFuRY_d50Cy2iShas7mYsZ3n0hFvlrmvGR&google_hm=eS1xb1ExOUYxRTJwR0NweDNwdFpvMkxHX3JxdGR5Lm9IM35B
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0P3Uhg76qnKcM8mCMJhY-MZ4_yN6E-NYbHLY4GZTbdTGma8FN5df4L4bKKnO-NFuRY_d50Cy2iShas7mYsZ3n0hFvlrmvGR&google_hm=eS1xb1ExOUYxRTJwR0NweDNwdFpvMkxHX3JxdGR5Lm9IM35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6DB7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESED86yME5O7iazww1Oif_hX8&google_cver=1&google_push=AavPq0PXyBaXuReRaJJ25uXiV8AZ8_PkiN_fW314PfaYJX6l4ofMn5AUn9WpEXan3_N1UtCZFmNRvXnhXrM6J...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESED86yME5O7iazww1Oif_hX8&google_push=AavPq0PXyBaXuReRaJJ25uXiV8AZ8_PkiN_fW314PfaYJX6l4ofMn5AUn9WpEXan3_N1UtCZFmNRvXnhXrM6J...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0PXyBaXuReRaJJ25uXiV8AZ8_PkiN_fW314PfaYJX6l4ofMn5AUn9WpEXan3_N1UtCZFmNRvXnhXrM6JoeZQ7b1AtZtwo80&google_hm=YUFUM0dTSExoN1BTUnl0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0PXyBaXuReRaJJ25uXiV8AZ8_PkiN_fW314PfaYJX6l4ofMn5AUn9WpEXan3_N1UtCZFmNRvXnhXrM6JoeZQ7b1AtZtwo80&google_hm=YUFUM0dTSExoN1BTUnl0b3JKdks=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0PXyBaXuReRaJJ25uXiV8AZ8_PkiN_fW314PfaYJX6l4ofMn5AUn9WpEXan3_N1UtCZFmNRvXnhXrM6JoeZQ7b1AtZtwo80&google_hm=YUFUM0dTSExoN1BTUnl0b3JKdks=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6DB7
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEB9nXDp8_FMK2pGSZbr9GdI&google_cver=1&google_push=AavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4ZyrowKeSXyGmcegK3NJjfRcbXVgrNav5...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEB9nXDp8_FMK2pGSZbr9GdI%26google_cver%3D1%26google_push%3DAavPq0PqELmujWVqFQ3GoO...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6543217025203167527&exchange=193&google_gid=CAESEB9nXDp8_FMK2pGSZbr9GdI&google_cver=1&google_push=AavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4Zyro...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY1NDMyMTcwMjUyMDMxNjc1Mjc&google_push=AavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4ZyrowKeSXyGmcegK3NJjfRcbXVgrNav...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY1NDMyMTcwMjUyMDMxNjc1Mjc&google_push=AavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4ZyrowKeSXyGmcegK3NJjfRcbXVgrNav5FiCp6JUerLklHrtT6Qxvdho
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY1NDMyMTcwMjUyMDMxNjc1Mjc&google_push=AavPq0PqELmujWVqFQ3GoOqFjDE9X-t2ozN3dr6Hj73yEUd4ZyrowKeSXyGmcegK3NJjfRcbXVgrNav5FiCp6JUerLklHrtT6Qxvdho
Date
Fri, 23 Dec 2022 19:11:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6DB7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRX0HbNAIaKqMJXUGjm8VBgqN91cll7pxCJZmfYFRoiG4kFyC2ydVDeLIVk6Fkgm7S28koWQ
Requested by
Host: 21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
URL: https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5CC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:11:01 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5CC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:11:01 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5CC3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 18 Dec 2023 19:11:01 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5CC3 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 18 Dec 2023 19:11:01 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 5CC3 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Ff6JEhggK5PipYfv96DhSMG5nZMHmJxuGdslQpMDebZuVBbpWEiDKpyGzr8GPcozjz0Ir1uM71GS6FKuCgVBxhmvjEGlUnkb5fwmysXN_mSmQ6NhC1GHtGLgjvj4htTssxBBWGvWv8GOte7QbLbjUxr3qybS5xnPiMVvkuEADdFTyWmE3Y-guQ13GInAEJwu5Z7CotPWsJE6aEwFFi7qeepxVn2dZfMfHoH5JO-7O6xcMR1Ea1tJge-aqGvbKcUhjJ-SGu-yGWwA0kBcTaOM-IWTgDKzXChZvujfS28csNExCy_voINjSjGY7-4goGoXARzAozrC00DZlPo92qyRZ320kD1LdhPHvEFNCr789MAKdNloAtMin8ufc7G0pnnQzl5y4Poz1o80pEYyDMz_3ST9zjKqlYW-KkJIi0LXMU_6bjOF
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2926545
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame F81A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7539264b1d71b6041ec467c1bb92211b8780bfe5f5eb79a98b0645b5d9685f0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
static.criteo.net/design/dt/ Frame 5CC3 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-cbac"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:11:01 GMT
1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
static.criteo.net/design/dt/ Frame 5CC3 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-50d0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:11:01 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5CC3 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
164118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRtpsNSkkZjZYTIo3vRKRcNCQECv9UF1bi4QFMYHJZSw7Dan6aNJNCyEzVR60vNmJFUAb5nR0Zh8%2FbhqSs1fQLMciLG0sNkQnImnnY5Lf1gTDuB1i0AEd2W7ixtPgIzthx8DccaQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e36693eb3fa97f-SYD
expires
Wed, 13 Dec 2023 19:11:01 GMT
animejs.js
static.criteo.net/animejs/ Frame 5CC3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:11:01 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5555794_png%2Fbirthstone-pendant--round-cut--pink--rhodium-plated-swarovski-5555794.png&v=3&w=400&s=CsaeZWrNuM154H9Il46aSfQp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
47b91d73b2493b07a7f73e4e4fa0f8816450eb1199855102c9fe689dd3af40ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30217587
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5884
expires
Fri, 08 Dec 2023 12:57:28 GMT
f910b93bf13b49e59bb06286e9cf623a_cpn_120x600_1.jpg
static.criteo.net/design/dt/85833/221214/ Frame 5CC3 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221214/f910b93bf13b49e59bb06286e9cf623a_cpn_120x600_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
84431b09673903e5a29eb60e990cba3993be8d86653aa00f29b452c0a9ae36ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 14 Dec 2022 10:25:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6399a487-b9f3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
47603
expires
Mon, 18 Dec 2023 19:11:01 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=272&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2F36d2b6f6d576413da169b639e8ed0853_brandlogo.png&v=3&w=236&s=xGTGfYT8H6zuwIoFygtSp65-
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e428c3064b0321610652c2d3ded381e90372f0b2e4f3b9051f40a6e33dca4a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26460014
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5954
expires
Thu, 26 Oct 2023 01:11:16 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5572701_png%2Ftahlia-ring--round-cut--purple--rhodium-plated-swarovski-5572701.png&v=3&w=400&s=f7QOYUQh9htMi2gQgKdVT0p7&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b196591de27fa054b52f1a9a310fa27b1d1b71beaf99030e24361378a87826ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27040915
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8256
expires
Wed, 01 Nov 2023 18:32:57 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5613740_png%2Fgema-drop-earrings--asymmetrical-design--mixed-cuts--long--multicoloured--rhodium-plated-swarovski-5613740.png&v=3&w=400&s=GmaMXzpD9JFD-Jg6vZ3bKdAx&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
21295c187205746a49fa6654b6bff00a75127e2c58d51a5432802c03ec09632b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=26668652
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11900
expires
Sat, 28 Oct 2023 11:08:34 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5437517_png%2Fswarovski-symbolic-pendant--evil-eye-and-key--blue--rose-gold-tone-plated-swarovski-5437517.png&v=3&w=400&s=HeLre9-A3-qPQTYjjCUrWp_i&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
47615049f5f0592554f49d2fc2810b036dec70f4fd0d4f4492cc5f50e718e604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30136556
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8552
expires
Thu, 07 Dec 2023 14:26:58 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5619441_png%2Fnumina-ring--pear-cut--green--gold-tone-plated-swarovski-5619441.png&v=3&w=400&s=y-NSpSt1cAMvnsUqutpSJ4R2&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4953b6df98b0150cde8923d06dd202e9ec5fd9e37007ba99210f676fda12ea9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=26491557
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15302
expires
Thu, 26 Oct 2023 09:56:59 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5636485_png%2Flatisha-drop-earrings--flower--pink--rhodium-plated-swarovski-5636485.png&v=3&w=400&s=qvV6jcfUuDjkDp9thjahAgZo&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c8f527a5ca341ca08eccbd601c2070bad6453df8387b58893c54c1faf0735c20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29338338
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14326
expires
Tue, 28 Nov 2023 08:43:20 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5625988_PNG%2Fannual-edition-2022-ball-ornament-swarovski-5625988.png&v=3&w=400&s=nLY5o0BbO2wPTeEJ6Ff4d_CV&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
66009e608de3ff4f950fa50020d3b3efc62b0051e2f3f69c764f5bf21ce0d029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29503702
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4596
expires
Thu, 30 Nov 2023 06:39:24 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5610981_png%2Fsomnia-set--white--gold-tone-plated-swarovski-5610981.png&v=3&w=400&s=4c1GxeOyNqupx3CuvgwZWd4V&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
65e9b0e1f6bbfef0d60d8e35626cce51780af138794fc255930886c7d86463f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28551763
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6132
expires
Sun, 19 Nov 2023 06:13:45 GMT
img
pix.as.criteo.net/img/ Frame 5CC3 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5672639_png%2Fgolden-goose-super-star-trainers--women%2527s--white-swarovski-5672639.png&v=3&w=400&s=Fhv471sWPIGCxMBj7MrhhFDL&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b34bada35719d05dfd2186eca5611db1ee1ab052207a7d008fd0a0a47e40bffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31094883
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11720
expires
Mon, 18 Dec 2023 16:39:05 GMT
all
csm.as.criteo.net/ Frame 5CC3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=DbAZ2vleI6Zml46c_pWPUuscwWLd22Qao1JHmshw14eK7REFbqe4xMWbINLMhifQNYMZrDjVbFehim8iInd4JJSEB8jXaMRVNnW8raXmzADUi_fGR_WiXrgBLqAnrnBYIkppv0LGbHWvUhZSBglqC3DKDLZIiWW2G9efMqUhBtN3grOZoDgNCus9dvXd-vW5JG_mVqemrg_Mjg8b9kfNL-weKb2qWIVsSAyHv5ln-KNA48RKtaMUJ7qzpayXZvuoPF7vWA&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 23 Dec 2022 19:11:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5CC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:11:02 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5CC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:11:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 49A2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 19:11:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9305 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1859368706194295&bg=!2dql2p7NAAYgquz3AKo7ACkAdvg8WrCjYBkzSo6J0BQ0hhLi1AsuAj7L_rh5X-1i5fi96l9lCvluTwIAAABSUgAAAAJoAQcKAL79wYqY_SL1MJ7bihNrSRCdJQNCoTlFLyF4BmIfn7OxFRwtwfbZ0PZx-lEVty7-cwK4dfmJ91CaVvpQYhi-0nm8iaRr6teUzLTwDRAyqSRIJYcwSu4gpsmDfmV5z5OPodLOS3OL7UkHpMGjGu3CIO5oEyYPnM5YaP6q5d_VZW-VQ-9dbF8HJCyLqszPhY0ZIcauGaSsm4qtogpksjjsNo8A-8BYtd4Z0UhIVH6if6hOADA8PDZLIntwGs2lxdOgmQK_HggijxEZHc5rWTBcAD2H4WgK5xmPeE1jSlp9Bs2lQmgauM5EnYX7eQxHHYmca61KJSAsR2g4XMrRqZvoa3g1XHXOfHaB7jd3XQ520WBax6fW3OrtZpagNPtD1_BZ4XVdNvzI9W9tEaVTNG0fv6sbko-iKsEWMccduHqDqvvfbvCYXMMSBD_1zgUiZdcqWcoM3h4Ovyp7vagap0-MdHCMwdqJwMOKx6Ud79svf098ouhSNOeFOJzCl-g_qXr1GTGdhyikaJSubHwO2HCrCTEVUtsczZJM66h3CkwKM7Z3QGhUUOwQDyNyL6j3brUSE0JWg6Wkbd3WJEV3HeBdf2e8ooayq15kYccRUxvqiTQfQ5SwWnnVxGN5wsaeEUvidWlSYmQ60HW7UBi2Hc_OyNF000ghazpJz9Pvpjq9szcvzrPR-ETwCY5ZgQ0oOAAAchUu4TbZQb8ZwgnoIxcvjwyE2uI9jJyodP_5Q-s8_RgMgefhlSNRmMxhwHeSXGRbCRLjKZ6u-Z88O9h9UW1aO9pkiddMqEREiFKH6zqqSWFYNbpIduNGnHCc9xlsWM-y6W-lmick8euElmLeHRQ33zt0Ztheg_sopSl2P8KMPMfWhhpakUb067I78HxNBFE1mWn5U6d4W_g9z5Gp4ljY80C9HvhldcYVP8iGod1rR3hoSszLvHpP3DU7mblezXHbOGNqOgu0bHKlmxS6YMMI1vrlOandnkKE5_oK-XDTPq4xllYLbT8qNQXjDZKYZDIqkETmgcamfjZzMJl6vbHLPIvAkpvH49q1ERuDKyE1gYKt9WFHGPvGBRbSvr4dL5q_ExrTubsw82VrJlImyw9IsHxGnV8plsRNK5Gip4Gt5sE9cMqZfmbGFrfTQUXyZkv3BYVqsyel9pghryJQ9FFvWmNWDrX3dtAFGFHUZ3Xy-rULKg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8BA1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 19:11:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4C79 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 19:11:01 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 23 Dec 2022 19:11:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
224139
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		348 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2012105ac978c62e575894c1199358b7f7c1e34cf337780596ee119520a1f6a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1148191
expires
0
rid
match.adsrvr.org/track/ 		108 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
330c3d58f45f0f4881b919b21e8d52b64b771cea5c8a6e7a3bb4242a48890b43

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 22 Jan 2023 19:11:01 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame F8E2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
327
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e366965a881c4e-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 19:11:02 GMT
expires
Fri, 23 Dec 2022 23:11:02 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 5707 		533 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8cb9da1fc81dfbe95c1c600707c7c883ed5bf6bad1990ef33f4885c43089c2ff

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
323
content-type
text/html
date
Fri, 23 Dec 2022 19:11:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame 3A78 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
84775
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 22 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-id
kbk9dAk0Y6HSdPwxY88635_bprmrfsj5kkw-oXymYIjg5TGP9qnYRw==
x-amz-cf-pop
DUS51-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 68C3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1671822658605
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
4f0d5e5e64ae4f984d3b862c6989277c01d12e8c70fc20fd4ad666a6ea3a5ebe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1375
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 6C02 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Dec 2022 19:11:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9A31 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
85652
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Dec 2022 19:11:02 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
11, 316087
X-Served-By
cache-lga13626-LGA, cache-fty21351-FTY
X-Timer
S1671822663.637391,VS0,VE0
sync
eb2.3lift.com/ Frame 8B5C
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bc729d2d22db6d55e5ecef95ea6c2d7220cf6b8e10a6002d7c34761321cb7d70

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1138
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:02 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 23 Dec 2022 19:11:02 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame 11AC 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8b12d0784231c48f9c1b14c103b42ae6f48de739c600c308bdb920dde106a731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11800
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 19:11:02 GMT
expires
Sun, 25 Dec 2022 19:11:02 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sd
us-u.openx.net/w/1.0/ Frame 5707
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8485249016830179443&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8485249016830179443&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8485249016830179443&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 5707
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c7deb08e-700a-759d-faad-f67a8ec61900&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e7d6388c-cd9c-4f9c-9732-804cc5882e21&ttd_puid=c7deb08e-700a-759d-faad-f67a8ec61900&gdpr=0&gdpr_consent=
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e7d6388c-cd9c-4f9c-9732-804cc5882e21&ttd_puid=c7deb08e-700a-759d-faad-f67a8ec61900&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e7d6388c-cd9c-4f9c-9732-804cc5882e21&ttd_puid=c7deb08e-700a-759d-faad-f67a8ec61900&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 5707
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y6X9RsCo5sAAAJ4DCb0AAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y6X9RsCo5sAAAJ4DCb0AAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 23 Dec 2022 19:11:02 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.197","key":"Y6X9RsCo5sAAAJ4DCb0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad208"}
X-SO-Key
Y6X9RsCo5sAAAJ4DCb0AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad208
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y6X9RsCo5sAAAJ4DCb0AAAAA
Cache-Control
private
X-SO-HostName
m-ad208.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
a-tgng40002.dc2p.scaleout.jp
X-SO-IP
116.90.74.197
sd
jp-u.openx.net/w/1.0/ Frame 5707
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATB5jcBa0MHxks8ADzHosMBdKc8AAAGFQGVeug
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATB5jcBa0MHxks8ADzHosMBdKc8AAAGFQGVeug
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
via
1.1 706c647442c234a140558b049b967cc4.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
BLR50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATB5jcBa0MHxks8ADzHosMBdKc8AAAGFQGVeug
cache-control
no-cache
content-length
0
x-amz-cf-id
KsXWpmEH-PK4ciZZ1kEKkTTeMjhzjyWa5pwV_Ql0q0_6tSFPynJ5RA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5707 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWJiMTYzNDQtYjk3ZC0yYjM5LWVmNGQtYWNjMzQ0MjRkNzYw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5707
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvH63tTOrW8OjHCerc41lI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvH63tTOrW8OjHCerc41lI&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvH63tTOrW8OjHCerc41lI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B84 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
126409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 08:04:13 GMT
expires
Fri, 22 Dec 2023 08:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5A67 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
457286a1e316aabd1e27f835fbbb1d08c1c8d97e07cc837bc82c50af95cb54f6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H-CaYzbBu3Qv6Oau-gOSjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-H-CaYzbBu3Qv6Oau-gOSjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:02 GMT
expires
Fri, 23 Dec 2022 19:11:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63A0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
126409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 08:04:13 GMT
expires
Fri, 22 Dec 2023 08:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 81F3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
d3a8e56a23194475a4a9e63cea4ccbb596db7d72c2e9fc4449e71ff513425aef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AThj4om0UhPQqkIJUvMZcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-AThj4om0UhPQqkIJUvMZcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:02 GMT
expires
Fri, 23 Dec 2022 19:11:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
126409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 08:04:13 GMT
expires
Fri, 22 Dec 2023 08:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A9EC 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
f69190c3a9d93bd3e7c6910f9c036ce5d4b858ef0634d427af9153715f812e81
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ho6XFET4XLC-UWW2rkoh5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-ho6XFET4XLC-UWW2rkoh5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:02 GMT
expires
Fri, 23 Dec 2022 19:11:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usermatch
ssum-sec.casalemedia.com/ Frame 4E63
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7e37aae5408b90e5f52a212fea523de51697f3e2532d7d687dd5e409cb5419

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e3669b9a81a979-SYD
content-encoding
br
content-type
text/html
date
Fri, 23 Dec 2022 19:11:03 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMPlb1PECtcpP%2FacL9R1czc5QEhOyYD4o4IFC9QnnMoqO8aUXPegcKgRH77oU%2B75jTeLB4%2FnO6zIJcutQLAhPpZIuR29s0PZ5ufkVCTamWgpWhH%2FMuzH%2BHObk3TQS9ep1rXg2shhZFS7Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e366991f3eaae3-SYD
content-length
0
date
Fri, 23 Dec 2022 19:11:02 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aO2Z9qhY8R8Tc9ddd0i5OuOaH8KHHUCoqwCSGkZFx2uWlWY%2Bd%2BMMeGpRi7EtqUSZCOmQGoxknYgqAqZs%2FVLffOv3vTP4g8KJavopWKC3gELSOOpPwNmvtz%2BkBr%2B2H0x0hJBWmn72qt%2FpXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/match/ Frame 68C3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 23 Dec 2022 19:11:02 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Dec 2022 19:11:01 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 68C3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 68C3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1466969437089447570
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1466969437089447570
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 23 Dec 2022 19:11:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dcd19556-3512-4ff6-841d-a551a30cccee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 68C3 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=LAihZcEHqJiFAb0ijyQILhoI4UTUIFpRJa4p0MVGQJY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 68C3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBk1Pu7_L0OXbGY2Aumsor7vuPxTFo_bg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBk1Pu7_L0OXbGY2Aumsor7vuPxTFo_bg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBk1Pu7_L0OXbGY2Aumsor7vuPxTFo_bg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 68C3 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:01 GMT
content-length
0
/
onetag-sys.com/match/ Frame 68C3
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCMb6l50GEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Fri, 23 Dec 2022 19:11:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 68C3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
95R2WZ8T8MBFH31M4B83
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 68C3 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
content-length
0
/
onetag-sys.com/match/ Frame 68C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 68C3 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 68C3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 68C3 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1671822658605
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:11:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 5A67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1014390714682019&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 8B84 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 07:18:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 81F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2123180810527031&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
all
csm.as.criteo.net/ Frame 5CC3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=DbAZ2vleI6Zml46c_pWPUuscwWLd22Qao1JHmshw14eK7REFbqe4xMWbINLMhifQNYMZrDjVbFehim8iInd4JJSEB8jXaMRVNnW8raXmzADUi_fGR_WiXrgBLqAnrnBYIkppv0LGbHWvUhZSBglqC3DKDLZIiWW2G9efMqUhBtN3grOZoDgNCus9dvXd-vW5JG_mVqemrg_Mjg8b9kfNL-weKb2qWIVsSAyHv5ln-KNA48RKtaMUJ7qzpayXZvuoPF7vWA&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QwAL1oMBc9KtAA7oRy5ACSItk2F9z21YmQ&u=%7CVDQHS9q2TnIOuUtJ1cfjKko%2BMoGQjEAIrkxfckvuopk%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40a8qknMALcP--yYfpHn0d3XtK4C0pnMEPLxgcUhVBWnBdwkfCaNmEeXDUhlgWLRZodRLhJNFuD2ZQPnl-WAWwDy1vgUlDvmIABb52EiHRmt7MA8eAHksZvNIyzTWQ7SL7kr0onW_aflIAvK-WGIY7N9DuXQCcTgfcMuV6EG9Ix1eSpHCEyBCy9Pov2Yyc3XgZzH6E1kTWv27sym9JH159qPm1gsuXz5OduhA4ahHAGEzCqhV4Jqm0nGQ26zyC2THtczCHuVbHDhk9VYCxqn6du8O_zAqsb9mm7PpI3w8qMJDcjhluMZ21v5qyGkRGdiyqdf_60N2NF7lThspw8hQ_OEWoafUpAK-NRarX9X5aDG14sk9hukasPU9FfSS50z6oAhUFJ-sbgO7sP98urC6vBGx8HwYQz_Dh58Rl33zjZXyoOGRIQgx_fDBZEXZ6yC6n46wIVp5LnSwMXvKlHGZF6WuaE9THfUViWrEvK4g4xxmU800jx54q9Jg6P2aB5OcJe4cHLKg8bbaFCduliT2eYSDI7tEf3uPX8vWI1uoYyu0VThr3-sezVMjikdZC-qh9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2eQlQ_2lY4OtL62lz7sPx9C76AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQK7hVL8eHmmPuACAKgDAaoEyAJP0H3BpxecePpK3cuqbx6ReEib5TmzWS8zUN6vrDEzQps-IesTXCz6MoDBhsKA2KD28_vUPZgPYcy3syKakv1NrKEy2UBZqNw_HRh9FJOMKQoZx14A9T84JVCGgpjnqGg7j1soxdSPDNDPHK_IdCGMljp9MhhsqKi376CXppc6hCVRfcvEkrNcQV2cQIqqPHaYQbKUxxj0IE_UjjaIym956oH65naUv1VAu1s7My3sYzB8ChPTeFyV9V3td5iTTESiyb8alDIBgSTdwq-YvTRxf551b81-AgPsO2wNonlZ49SG66U4Kik2puBC30o_-8Pax7TTejTzUP9GJAnL3mIfCmqX9YYS2g1vh99iNzA25ZMugNZf8JlNbqVej6yqRI0mFvpTcXJ1ST4BKVE1-N2sIhnvR1UlXv9pL-F7sf1vDoxZH_oV0odC4AQBgAbUk42X87_1mH2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1bhQy7AllOQ5WuPKshIE3zY6-PgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 23 Dec 2022 19:11:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 63A0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 07:18:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A9EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3319466712055294&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 18D0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 07:18:45 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F81A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvalhsS_iTpm-tMI1FCLdqA-8VIcLGnF5dq-n9xo-UODf0N4ZWQxI_pOpqpVjyTRNddyioU3BzzG9_0BYXjQRAkrf6c&sig=Cg0ArKJSzMesYjx6fOsJEAE&cid=CAASFeRoyyJ8DVafWhLYVdo5mi8MR4R4QA&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671822660386&rpt=1105&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6C02 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
76026170472fbc7288cccbe2866a01a523546553c6c0720a680be8c9a86a7a54

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:11:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Dec 2022 03:56:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31538
Connection
keep-alive
Content-Length
10066
Expires
Sat, 24 Dec 2022 03:56:40 GMT
sync
gum.criteo.com/ Frame 11AC 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
724608
expires
60
usync.html
eus.rubiconproject.com/ Frame 8183
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 19:11:03 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Dec 2022 19:11:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 681D
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Drkt%26refUrl%3D%26vid%3D182266260331482426274437420...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=rkt&refUrl=&vid=18226626033148242627443742000V10&ovsid=1978557980663158451
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=rkt&refUrl=&vid=18226626033148242627443742000V10&ovsid=1978557980663158451
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 23 Dec 2022 19:11:03 GMT
expires
Fri, 23 Dec 2022 19:11:03 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 23 Dec 2022 19:11:03 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=rkt&refUrl=&vid=18226626033148242627443742000V10&ovsid=1978557980663158451
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C97F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51052
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 23 Dec 2022 19:11:03 GMT
expires
Sat, 24 Dec 2022 09:21:55 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 11AC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dapx%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=apx&refUrl=&vid=18226626033148242627443742000V10&ovsid=1466969437089447570
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=apx&refUrl=&vid=18226626033148242627443742000V10&ovsid=1466969437089447570
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:03 GMT

Redirect headers

Date
Fri, 23 Dec 2022 19:11:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9e737d0c-9409-44fa-9384-9bc168991014
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=apx&refUrl=&vid=18226626033148242627443742000V10&ovsid=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 11AC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3148242627443742...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=opx&refUrl=&vid=18226626033148242627443742000V10&ovsid=0ff2d911-db0a-4f7d-99e2-88143c298bdc
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=opx&refUrl=&vid=18226626033148242627443742000V10&ovsid=0ff2d911-db0a-4f7d-99e2-88143c298bdc
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:03 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:03 GMT

Redirect headers

date
Fri, 23 Dec 2022 19:11:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3148242627443742000V10&type=opx&refUrl=&vid=18226626033148242627443742000V10&ovsid=0ff2d911-db0a-4f7d-99e2-88143c298bdc
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 11AC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dmma%26refUrl%3D%26vid%3D182266260331482426274437...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=mma&refUrl=&vid=18226626033148242627443742000V10&ovsid=497863a5-fd41-4500-a891-91e4314bf8e0
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=mma&refUrl=&vid=18226626033148242627443742000V10&ovsid=497863a5-fd41-4500-a891-91e4314bf8e0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:03 GMT

Redirect headers

Date
Fri, 23 Dec 2022 19:11:02 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x4 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=mma&refUrl=&vid=18226626033148242627443742000V10&ovsid=497863a5-fd41-4500-a891-91e4314bf8e0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Dec 2022 19:11:01 GMT
usersync
usersync.gumgum.com/ Frame 11AC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D18226626033148242627...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D18226626033148...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=409079048
  • https://sync.1rx.io/usersync/tradedesk/e7d6388c-cd9c-4f9c-9732-804cc5882e21
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
date
Fri, 23 Dec 2022 19:11:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe46199c106e74c9183ba6c78e18e4f68004
content-type
text/html
cksync
cs.media.net/ Frame 11AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE0ODI0MjYyNzQ0Mzc0MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBGzi_eHpXOpBrMtHBtFExo&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBGzi_eHpXOpBrMtHBtFExo&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.25.248.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:03 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 23 Dec 2022 19:11:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBGzi_eHpXOpBrMtHBtFExo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 11AC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Ddxu%26refUrl%3D%26vid%3D18226626033148242627443...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Ddxu%26refUrl%3D%26vid%3D18226626033148242...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=dxu&refUrl=&vid=18226626033148242627443742000V10&ovsid=bk55uvAO1P8NrF5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=dxu&refUrl=&vid=18226626033148242627443742000V10&ovsid=bk55uvAO1P8NrF5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:03 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:02 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0b36527b7fe623843@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=dxu&refUrl=&vid=18226626033148242627443742000V10&ovsid=bk55uvAO1P8NrF5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 11AC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=151452e9-6d70-4058-8792-5838814346d4
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=151452e9-6d70-4058-8792-5838814346d4
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=151452e9-6d70-4058-8792-5838814346d4
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1684338
content-length
0
expires
Fri, 23 Dec 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 11AC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedi...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=01deffd0c283413da658a3bd239f87b8&ssp=medianet&bsw_param=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&consent=&gdpr_pd=1&expires=7
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&gdpr_consent=&gdpr_pd=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:05 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&gdpr_consent=&gdpr_pd=1
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 11AC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dzem%26refUrl%3D%26vid%3D18226626033148242627443742...
  • https://stags.bluekai.com/site/23178?id=aAT3GSHLh7PSRytorJvK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBIFKDGR2TJBGGQN2QKNJHS5DPOJFHM...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=aAT3GSHLh7PSRytorJvK&refUrl=&type=zem&vid=18226626033148242627443742000V10&vsid=3148242627443742000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=aAT3GSHLh7PSRytorJvK&refUrl=&type=zem&vid=18226626033148242627443742000V10&vsid=3148242627443742000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=aAT3GSHLh7PSRytorJvK&refUrl=&type=zem&vid=18226626033148242627443742000V10&vsid=3148242627443742000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 11AC
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3148242627443742000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3148242627443742000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:05 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff&cs=1
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame 11AC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e7d6388c-cd9c-4f9c-9732-804cc5882e21
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e7d6388c-cd9c-4f9c-9732-804cc5882e21
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.25.248.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:03 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 23 Dec 2022 19:11:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e7d6388c-cd9c-4f9c-9732-804cc5882e21
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
xuid
eb2.3lift.com/ Frame 8B5C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 23 Dec 2022 19:11:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 8B5C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjAxOTkxNzMyNzQ0ODQyNzMzNzM%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 8B5C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBwoa373qBOvudL6E11BhWU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBwoa373qBOvudL6E11BhWU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 23 Dec 2022 19:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBwoa373qBOvudL6E11BhWU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8B5C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjAxOTkxNzMyNzQ0ODQyNzMzNzM%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjAxOTkxNzMyNzQ0ODQyNzMzNzM%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjAxOTkxNzMyNzQ0ODQyNzMzNzM%3D
date
Fri, 23 Dec 2022 19:11:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 8B5C
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=60199173274484273373&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=60199173274484273373&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=60199173274484273373&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B46E5CC7FB744F6C9B8A02EDCB33E32A Ref B: SYD03EDGE1118 Ref C: 2022-12-23T19:11:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwg4v9ytJ4ktQ69xiz8A==

Redirect headers

date
Fri, 23 Dec 2022 19:11:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7630593DE11243509361B10683733E3A Ref B: SYD03EDGE1118 Ref C: 2022-12-23T19:11:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/setuid?partner=tripleliftdbredirect&tlUid=60199173274484273373&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwg4v3TBIdtUcYTUtjxg==
xuid
eb2.3lift.com/ Frame 8B5C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=60199173274484273373&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4902551777188804151&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 23 Dec 2022 19:11:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 23 Dec 2022 19:11:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 8B5C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/60199173274484273373?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ChsU6V5E2oS5vaGAODgLPOH43E84N11BU4uEqp0tmA--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ChsU6V5E2oS5vaGAODgLPOH43E84N11BU4uEqp0tmA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 23 Dec 2022 19:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 23 Dec 2022 19:11:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ChsU6V5E2oS5vaGAODgLPOH43E84N11BU4uEqp0tmA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 8B5C
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=60199173274484273373
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=60199173274484273373&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=60199173274484273373&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5W98GRHGB7CFX752ZRM8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=60199173274484273373&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 8B5C 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=60199173274484273373&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
last-modified
Tue, 13 Dec 2022 19:05:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F6F9F58F08941AEA64DC1AC18D420F7 Ref B: SYD03EDGE1010 Ref C: 2022-12-23T19:11:03Z
etag
"66efadef25fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 8B5C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1466969437089447570&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1466969437089447570&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 23 Dec 2022 19:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 23 Dec 2022 19:11:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bb36e862-8c6d-4d4f-81c2-dc8303f7b2ef
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1466969437089447570&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8B84 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kEcF5w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
async_usersync
ib.adnxs.com/ Frame 9A31 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:03 GMT
AN-X-Request-Uuid
c99745c1-2e0f-44a4-a85a-b460190d821e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 63A0 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yIE8WQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 18D0 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RcvBbg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6C02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3rWTgagwt-60zli1sHuNRQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aM2vBSxE2oJFjJHItPanvIJx_DNzYv3eNezBJA--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aM2vBSxE2oJFjJHItPanvIJx_DNzYv3eNezBJA--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 23 Dec 2022 19:11:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aM2vBSxE2oJFjJHItPanvIJx_DNzYv3eNezBJA--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6C02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENHyuLbn2ZJCg3jyFelGP5w&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENHyuLbn2ZJCg3jyFelGP5w&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENHyuLbn2ZJCg3jyFelGP5w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 6C02
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2IAl38KuQAyXRI1A5FUuTg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2IAl38KuQAyXRI1A5FUuTg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2IAl38KuQAyXRI1A5FUuTg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GXMVHED4360CPDNPYW1P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2IAl38KuQAyXRI1A5FUuTg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6C02
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AZENas7ARKagNkJJG3TSvg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AZENas7ARKagNkJJG3TSvg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AZENas7ARKagNkJJG3TSvg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AYPBW8W8WSN32CVK1E97
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AZENas7ARKagNkJJG3TSvg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 6C02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC0W1N2T-Y-994A
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC0W1N2T-Y-994A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 410F5E2F0CE24C70B8C29B93B3AB27E3 Ref B: SYD03EDGE1118 Ref C: 2022-12-23T19:11:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwg4wFiVP2QQXEgPPg4g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC0W1N2T-Y-994A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6C02
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 6C02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwVzFOMlQtWS05OTRB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwVzFOMlQtWS05OTRB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMwVzFOMlQtWS05OTRB
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6C02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ1MTFhOTU1MTdlYWNiNjMwOGUyMjgxNmY2NjE5YjdlZDg3YmY2OA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ1MTFhOTU1MTdlYWNiNjMwOGUyMjgxNmY2NjE5YjdlZDg3YmY2OA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ1MTFhOTU1MTdlYWNiNjMwOGUyMjgxNmY2NjE5YjdlZDg3YmY2OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
13926
g2.gumgum.com/usync/ Frame 2ECC 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.216.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-216-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0e4eaeda131fe5d348aff603a01dd4102a403c9953177bebda06d586e885db0d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 23 Dec 2022 19:11:03 GMT
etag
W/"08fc8d05f5b6a93beaed788037dcd929e"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame E9CA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
3b695510fe97d18b473233ec9cb4f377ea41749b4d61cca7f840ab4ad2c02672
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1395
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 6F3B 		810 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
b8a6d3554038ea2506a3eb8a0fed74e3325692ebf677eabadf295e4b8833c5dd

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
810
content-type
text/html
date
Fri, 23 Dec 2022 19:11:03 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FE4B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75889361bb32ab159d74985967ad3b69037e95c8b53cd42284682a2c255fb9a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e3669c5b13a979-SYD
content-encoding
br
content-type
text/html
date
Fri, 23 Dec 2022 19:11:03 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiLLesfeZu1oP8fBvHxK7P3IstD62ua9FLTWVIyJBeKKXFlHoTV7juXZimgxHBXI6oG%2Bf4dz9cdj3r3CD5oGoHmjnYJ2tCTW3hqD9V51fG5m%2Bt7lDDz7Dzup0UYEwc09QXZdJugmtcWpag%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4CC9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Dec 2022 19:11:03 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Dec 2022 19:11:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C95 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51052
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 23 Dec 2022 19:11:03 GMT
expires
Sat, 24 Dec 2022 09:21:55 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 7394 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.221.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-221-60.blr50.r.cloudfront.net
Software
/
Resource Hash
8d35b84cf45a3f97f9965f52fb916fd68203984a3a4dfd697d60fe63bc48a637

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Fri, 23 Dec 2022 19:11:04 GMT
via
1.1 5196cd529b87c82cc7f4912d00bad03a.cloudfront.net (CloudFront)
x-amz-cf-id
nLp6lR61tvrf3ty-Y0e7HHotJn8SJXSldRe20_pHSDoINWeWWX_jxQ==
x-amz-cf-pop
BLR50-C3
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 3A78
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1466969437089447570
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1466969437089447570
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 23 Dec 2022 19:11:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
17bf746b-4726-4155-8350-f2f21fd3b6b7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3A78
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=F3ZfCLZH7pfFOzTDQjOuGxL1
0
0
sync
ads.servenobid.com/ Frame 3A78
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=F3ZfCLZH7pfFOzTDQjOuGxL1
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=F3ZfCLZH7pfFOzTDQjOuGxL1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 23 Dec 2022 19:11:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=F3ZfCLZH7pfFOzTDQjOuGxL1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
usersync.gumgum.com/ Frame 3A78
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1671822663509
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=248945958
  • https://sync.1rx.io/usersync/tradedesk/e7d6388c-cd9c-4f9c-9732-804cc5882e21
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
date
Fri, 23 Dec 2022 19:11:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe46199c106e74c9183ba6c78e18e4f68004
content-type
text/html
sync
ads.servenobid.com/ Frame 3A78
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1975180290470519937
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1975180290470519937
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1975180290470519937
Date
Fri, 23 Dec 2022 19:11:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 3A78
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=ae25df34-c4a0-496f-812f-38ebd6e56f79
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=ae25df34-c4a0-496f-812f-38ebd6e56f79
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:07 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-45
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=ae25df34-c4a0-496f-812f-38ebd6e56f79
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame 3A78
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29046%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D...
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1...
0
0
sync
ads.servenobid.com/ Frame 3A78
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
date
Fri, 23 Dec 2022 19:11:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame 3A78
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kM...
0
0
sync
ads.servenobid.com/ Frame 3A78
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
0
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Dec 2022 19:11:03 GMT
dcm
s.amazon-adsystem.com/ Frame 4E63
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DMF0SFAMDNMCRM8ASAEW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K30FARXVPDQ0JD0C91JT
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4E63
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e7d6388c-cd9c-4f9c-9732-804cc5882e21&expiration=1674414663&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e7d6388c-cd9c-4f9c-9732-804cc5882e21&expiration=1674414663&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e7d6388c-cd9c-4f9c-9732-804cc5882e21&expiration=1674414663&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 4E63
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6X9Rn0Afu4XBxBh04GXqQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFpq5QY77XBhsVpyMTI1hik&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFpq5QY77XBhsVpyMTI1hik&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFpq5QY77XBhsVpyMTI1hik&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4E63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBZsSPFvt2D4h-LQtT6xFYM&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBZsSPFvt2D4h-LQtT6xFYM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyZFwQH4SSdUxd7FlXmcboVLAgDbnba3Rs4aFwY7gJKrWMSdrbY7Sn1kECU6lBxChPm2DG41ygOXrQ%2BmaFhhYabneAVQt5d33J0fbo6ZMx7mtbmqZcBKvdT7IzoLivbHmwAqE%2BbVaMbivA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e3669ffd89a979-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBZsSPFvt2D4h-LQtT6xFYM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4E63
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=aAT3GSHLh7PSRytorJvK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2YKBKQZUO...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=aAT3GSHLh7PSRytorJvK
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=aAT3GSHLh7PSRytorJvK
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=aAT3GSHLh7PSRytorJvK
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4E63
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxlk7HS_sAACDXnwqAiw&expiration=1673032264
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxlk7HS_sAACDXnwqAiw&expiration=1673032264
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxlk7HS_sAACDXnwqAiw&expiration=1673032264
Date
Fri, 23 Dec 2022 19:11:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 4E63
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6X9SAAGMqokywAo
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6X9SAAGMqokywAo&_test=Y6X9SAAGMqokywAo
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6X9SAAGMqokywAo&_test=Y6X9SAAGMqokywAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fty21355-FTY
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671822664.480382,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6X9SAAGMqokywAo&_test=Y6X9SAAGMqokywAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum.casalemedia.com/ Frame 4E63
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7c27c712-fc9f-3033-76c25c46
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7c27c712-fc9f-3033-76c25c46
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9q2Rp4MnUz%2FkUHUn5pBfawqqInGD5PwDfpUgQwxG1CZrPVvoc7TudCEZgmKYm%2BaoruoQmW025g%2B3SBgb%2BWcX9dXkq4%2FL1ql53RmNKadCrwDfsT845GdVRTTHYptrrsFoeSCEJod"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e366a379f1ee92-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Dec 2022 19:11:03 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7c27c712-fc9f-3033-76c25c46
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4E63 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
24814
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e366a308811c50-AKL
content-length
43
expires
Sat, 24 Dec 2022 19:11:04 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0C95 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63875424&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7cf66eac17a30792170003ea6bd75ec2e1f41053bbd3997a18e081f1ace57ab2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 19:11:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5CA2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
126410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 08:04:13 GMT
expires
Fri, 22 Dec 2023 08:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FFFD 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
48cb83248a41a49185737b37c0bf29dd0e1ad95b2b902a31664ed0ea7a076d65
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b0FcoAbWDodDmF3CAimnSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-b0FcoAbWDodDmF3CAimnSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:03 GMT
expires
Fri, 23 Dec 2022 19:11:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
crum
dsum-sec.casalemedia.com/ Frame FE4B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1466969437089447570
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1466969437089447570
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 23 Dec 2022 19:11:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a189c0a9-4028-46e6-86ef-1bbb74a98d3a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FE4B 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.177.10 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-177-10.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame FE4B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8485249016830179443
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8485249016830179443
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8485249016830179443
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FE4B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
13.250.177.10 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-177-10.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
date
Fri, 23 Dec 2022 19:11:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame FE4B
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=7a2ae2e5-fbc4-4cd8-8a60-8f366bdbb277&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=7a2ae2e5-fbc4-4cd8-8a60-8f366bdbb277&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=7a2ae2e5-fbc4-4cd8-8a60-8f366bdbb277&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 23 Dec 2022 19:11:04 GMT
server
_
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame FE4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBZsSPFvt2D4h-LQtT6xFYM&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBZsSPFvt2D4h-LQtT6xFYM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuPhPxzXJBonrgDNqSziJkfN6gdcLjYqQpFONAfGl0oduxFa6YcM3hxB8GhmKlYzBqdlIfMZXdoiZukZoOmoF9ZP0vujFhh0jAGqbEAndwSfOTqlKmbq5ZCeAH5DmGhtHG1xyGcJYyH%2F%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e366a07de7a979-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBZsSPFvt2D4h-LQtT6xFYM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame FE4B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6X9Rn0Afu4XBxBh04GXqQAA%264759?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.25.196.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-196-209.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0c7928642.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
M8IISMtyS4Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v041-039bf2bc9.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
oGAhzB1KS5I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.php
gu.dyntrk.com/adx/ie/ Frame FE4B 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.106.69.73 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
12
server
proxy
content-length
0
content-type
text/plain
sync
ads.servenobid.com/ Frame FE4B 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame E9CA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBlX8dTQo4Qsyhj8rX5ypPi6sek3NEtKQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBlX8dTQo4Qsyhj8rX5ypPi6sek3NEtKQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBlX8dTQo4Qsyhj8rX5ypPi6sek3NEtKQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame E9CA 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame E9CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame E9CA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 23 Dec 2022 19:11:03 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Dec 2022 19:11:02 GMT
/
onetag-sys.com/match/ Frame E9CA
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LC0W1N2T-Y-994A&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LC0W1N2T-Y-994A&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LC0W1N2T-Y-994A&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
/
onetag-sys.com/match/ Frame E9CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1466969437089447570
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1466969437089447570
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 23 Dec 2022 19:11:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dde51a86-6d54-48d5-9373-8df7bb03f700
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E9CA 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame E9CA
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3674039149954260899
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3674039149954260899
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3674039149954260899
date
Fri, 23 Dec 2022 19:11:02 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E9CA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7C0W8C4VYYXPE5QY2RGQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Pug
simage2.pubmatic.com/AdServer/ Frame E9CA
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2d75b6c6-4cd2-4071-b3af-4e4f3f402a50&user_group=1&ssp=pubmatic&bsw_param=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=&gdpr_consent=&gdpr_pd=
1 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 23 Dec 2022 19:11:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame E9CA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
date
Fri, 23 Dec 2022 19:11:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame E9CA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame E9CA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=xGPsz5Q0uc_fZeuckTagwpNiu5vfYb7IkzNnln_t
  • https://onetag-sys.com/match/?int_id=30&uid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=0&gdpr_consent=&us_privacy=
Date
Fri, 23 Dec 2022 19:11:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame E9CA 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 87BD 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst97_wg4Q3aD_AYQTaCIZ5P6CISOP6VL7NmY2_FDSgqXQc02mvJY3bLh54h6jjuHlkfOCKgAqTywULRRieqc5VYDtYs25OGEXG0tgPucbmNjcogW6Ikz61ikP7ZfIZB6_J2CeWocEK3hybF1QChvxuy5eZLQUfBog&sai=AMfl-YT5GejAMfjpMrCRmGDi8JrSALcZc5jO14--OkDrN-W3yCfIwYRPVX4X_uh4kjlFA7hEUSMObNXvrZcQXTy3Gm3ha9oK7FCP2Uo3WDm0Sx0EHadGxLmrs30ER0LFoA&sig=Cg0ArKJSzNLvNUiCo1EeEAE&cid=CAQSOwDq26N9Er7Gn_LcUDGxgF0F6GRUnaeCCG2fbcvwfUb-V9jmJqFtQ-TUFgU_FK7yDdSYQszcVOYskiAgGAEgEw&id=ampim&o=450,60&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=2127&tls=3127&g=100&h=100&tt=3127&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4CC9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
76026170472fbc7288cccbe2866a01a523546553c6c0720a680be8c9a86a7a54

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
content-encoding
gzip
last-modified
Fri, 23 Dec 2022 03:56:28 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=31537
content-length
10066
expires
Sat, 24 Dec 2022 03:56:40 GMT
usync.js
eus.rubiconproject.com/ Frame 8183 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
76026170472fbc7288cccbe2866a01a523546553c6c0720a680be8c9a86a7a54

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:03 GMT
content-encoding
gzip
last-modified
Fri, 23 Dec 2022 03:56:28 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=31537
content-length
10066
expires
Sat, 24 Dec 2022 03:56:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FFFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4264461977351164&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 5CA2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 07:18:45 GMT
sync
ads.servenobid.com/ Frame 6F3B 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3154994645745196841&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 6F3B
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=9267177e-2359-4d50-a165-d21d174e4105&gdpr_consent=null&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=9267177e-2359-4d50-a165-d21d174e4105&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=9267177e-2359-4d50-a165-d21d174e4105&gdpr_consent=null&gdpr=0
date
Fri, 23 Dec 2022 19:11:04 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 6F3B
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08862204195d2cb57cc7ebdb&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08862204195d2cb57cc7ebdb&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08862204195d2cb57cc7ebdb&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 19:11:04 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 6F3B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=PLOBkCGJjS3y&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=PLOBkCGJjS3y&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=PLOBkCGJjS3y&ev=1&pid=560288&gdpr_consent=&gdpr=0
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7675cfbcb7-rggq9
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 6F3B
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=08875dea-95db-4aa3-a9ab-8bfe2fe05575&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=08875dea-95db-4aa3-a9ab-8bfe2fe05575&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=08875dea-95db-4aa3-a9ab-8bfe2fe05575&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E228 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstQL7womVWmGWcyyX8OhRfgGIspGz2PKHEJgg7n6OGDyJbSqbhtpbWUK17iWNVdBYoLXf3DcK6BoNq7y3ZrvGI4IEb3Bz-3XjcWEAKpGRovIUUBSxGtfOYBRTsPBmtrSD7bs8&sai=AMfl-YRJHBsMBlCjtfBzX26S9e7bTwSaYgcWNkM2qVuMvq1l2amJ_l3-vJL60T75aDtIVcEWO0wqyO-V6n58LAl64vpmqSSoXR83XKm7hl7eCbeqFL9hsEFqt9KMVq5lxw&sig=Cg0ArKJSzNodoh1bXtnKEAE&cid=CAQSOwDq26N9Er7Gn_LcUDGxgF0F6GRUnaeCCG2fbcvwfUb-V9jmJqFtQ-TUFgU_FK7yDdSYQszcVOYskiAgGAEgEw&id=ampim&o=640,1110&d=320,50&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=2389&tls=3389&g=100&h=100&tt=3390&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 4CC9
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LC0W1N2T-Y-994A
  • https://ads.servenobid.com/sync?pid=323&uid=LC0W1N2T-Y-994A
0
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LC0W1N2T-Y-994A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:07 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LC0W1N2T-Y-994A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
cksync.php
contextual.media.net/ Frame 8183
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LC0W1N2T-Y-994A
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LC0W1N2T-Y-994A
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LC0W1N2T-Y-994A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 19:11:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Dec 2022 19:11:04 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LC0W1N2T-Y-994A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1466969437089447570
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1466969437089447570
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 23 Dec 2022 19:11:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c877c060-d843-4187-8033-d06441c114fa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524912331894634775&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3&ssp=gumgum2&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524912331894634775&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209760804374005613698&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524912331894634775&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
Date
Fri, 23 Dec 2022 19:11:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2a62e559-3083-4bd9-54c9-6504b6247337$ip$116.90.74.197
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-2a62e559-3083-4bd9-54c9-6504b6247337$ip$116.90.74.197
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-2a62e559-3083-4bd9-54c9-6504b6247337$ip$116.90.74.197
Date
Fri, 23 Dec 2022 19:11:05 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=aAT3GSHLh7PSRytorJvK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKBKQZUOU2IJRUDOUCTKJ4XI33SJJ3EW...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aAT3GSHLh7PSRytorJvK&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aAT3GSHLh7PSRytorJvK&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aAT3GSHLh7PSRytorJvK&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5346833462
  • https://sync.1rx.io/usersync/tradedesk/e7d6388c-cd9c-4f9c-9732-804cc5882e21
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
date
Fri, 23 Dec 2022 19:11:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe46199c106e74c9183ba6c78e18e4f68004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=XAv1EWZXnW7f&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=XAv1EWZXnW7f&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=XAv1EWZXnW7f&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7675cfbcb7-7257j
expires
-1
cookie-sync
sync.outbrain.com/ Frame 2ECC
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7&obuid=ENC(hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7Bus...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26u...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=b646f6bb-86ce-4c5d-8d09-9c552fe616cf-63a5fd4a-4e5a&obUid=hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD&gdpr=$GDPR_APPLIES&gdpr_...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=b646f6bb-86ce-4c5d-8d09-9c552fe616cf-63a5fd4a-4e5a&obUid=hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:11:07 GMT
Cache-Control
no-cache
X-TraceId
e303a7a7604800e1326ad8c7c3bf34cf
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:06 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=b646f6bb-86ce-4c5d-8d09-9c552fe616cf-63a5fd4a-4e5a&obUid=hZPdsYBlFlxKD1yAWXO-PmKk6ropvVPix34aNzEzrq54PlJVoWOMnYQQSlPviAMD&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=30e314fe-581f-4dcb-9dd6-e69746961846
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=30e314fe-581f-4dcb-9dd6-e69746961846
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 23 Dec 2022 19:11:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=30e314fe-581f-4dcb-9dd6-e69746961846
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Sq4t5jJE2pfEwHz8sptCGRT9KGD4ptYTMX8N~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Sq4t5jJE2pfEwHz8sptCGRT9KGD4ptYTMX8N~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 23 Dec 2022 19:11:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Sq4t5jJE2pfEwHz8sptCGRT9KGD4ptYTMX8N~A
content-length
0
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=d701e5f6-6718-45b4-85cf-c24bb18992fd
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=d701e5f6-6718-45b4-85cf-c24bb18992fd
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=d701e5f6-6718-45b4-85cf-c24bb18992fd
Date
Fri, 23 Dec 2022 19:11:06 GMT
Connection
keep-alive
X-CI-RTID
7aa9110c-d729-4789-ab2f-13374d7618c6
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 2ECC 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:05 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
479523470
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 2ECC 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.3.3.8 , United States, ASN399183 (DEEPINTENT, US),
Reverse DNS
Software
b4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:05 GMT
content-length
0
server
b4
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=7376c891-576b-49c1-ba46-77a25cd71e32
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=7376c891-576b-49c1-ba46-77a25cd71e32
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=7376c891-576b-49c1-ba46-77a25cd71e32
access-control-allow-origin
*
date
Fri, 23 Dec 2022 19:11:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 2ECC
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3154994645745196841
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3154994645745196841
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3154994645745196841
date
Fri, 23 Dec 2022 19:11:04 GMT
content-length
0
sync
ads.servenobid.com/ Frame 2ECC 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 1F6F
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-085aL0wq_EV-syd-k1N1auOz2IvbFjp6rUb_HzGIrg
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-085aL0wq_EV-syd-k1N1auOz2IvbFjp6rUb_HzGIrg
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Dec 2022 19:11:06 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Fri, 23 Dec 2022 19:11:06 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-085aL0wq_EV-syd-k1N1auOz2IvbFjp6rUb_HzGIrg
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E687 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51051
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 23 Dec 2022 19:11:04 GMT
expires
Sat, 24 Dec 2022 09:21:55 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 375E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=e7d6388c-cd9c-4f9c-9732-804cc5882e21
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=e7d6388c-cd9c-4f9c-9732-804cc5882e21
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Dec 2022 19:11:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 23 Dec 2022 19:11:03 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=e7d6388c-cd9c-4f9c-9732-804cc5882e21
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame B990
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Dec 2022 19:11:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 23 Dec 2022 19:11:04 GMT
Expires
Fri, 23 Dec 2022 19:11:03 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master nrt-pixel-x16 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame E06B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y6X9SAAGM04kzQAo
85 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y6X9SAAGM04kzQAo
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1514
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 23 Dec 2022 19:11:04 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
32424
x-served-by
cache-fty21355-FTY
x-timer
S1671822664.480417,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 23 Dec 2022 19:11:04 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y6X9SAAGM04kzQAo
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fty21355-FTY
x-timer
S1671822664.139632,VS0,VE17
pixel
cm.g.doubleclick.net/ Frame 618D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hNGJmYzU5Ni1jYmM5LTQ0ZDQtYTAwMS0yY2MxYWExODVhZTc=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame AFA0 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.56.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-56-33.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 23 Dec 2022 19:11:04 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame C958
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y6X9SMCo5sAAAJ4DCekAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y6X9SMCo5sAAAJ4DCekAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Dec 2022 19:11:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Dec 2022 19:11:04 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y6X9SMCo5sAAAJ4DCekAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40190.dc2p.scaleout.jp
X-SO-IP
116.90.74.197
X-SO-Key
Y6X9SMCo5sAAAJ4DCekAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.197","key":"Y6X9SMCo5sAAAJ4DCekAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40190"}
X-SO-LB-Hostname
a-tgng40002.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40190
gumgum
cs.admanmedia.com/sync/ Frame E2DE 		0
0
usersync
usersync.gumgum.com/ Frame B67B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Dec 2022 19:11:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e366a1eec5a979-SYD
content-length
0
date
Fri, 23 Dec 2022 19:11:04 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjyQmfKXn1OeSKFLNNATzJFIyDxx3zrwC1BRIzUzKV6HXoeP1xjdc2Ra%2F4HbzqWqo%2F%2Bex5KCS7g1jADpP277GJErCdwwUWsLFBNvDIe0OOqkn%2BWk4UtIT8nEv1GcOd5TOdOrLxpUEbXghw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 7582
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=8GuG0PZ8zNiyHWmR7h00&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=8GuG0PZ8zNiyHWmR7h00&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Dec 2022 19:11:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 23 Dec 2022 19:11:05 GMT Fri, 23 Dec 2022 19:11:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=8GuG0PZ8zNiyHWmR7h00&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 08C3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 19:11:04 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Dec 2022 19:11:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
async_usersync
ib.adnxs.com/ Frame 9A31 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:04 GMT
AN-X-Request-Uuid
002b7d1b-4dc0-4a97-ae78-485ece1f9f13
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5CA2 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1KEo1g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 8A0A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 23 Dec 2022 19:11:06 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:05 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame C481
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6X9SAAGL5onIwAo&gdpr=0&gdpr_consent=&_test=Y6X9SAAGL5onIwAo
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 23 Dec 2022 19:11:06 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:05 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame D598
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yarx6wlg0ae
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 23 Dec 2022 19:11:06 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:05 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame 7198
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1466969437089447570&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 23 Dec 2022 19:11:06 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:05 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame 3906 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.191.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-191-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 23 Dec 2022 19:11:04 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C95
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rNXNJq5fTYagj33cMrhdLg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.44.0.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=51051
accept-ranges
bytes
content-length
5554
expires
Sat, 24 Dec 2022 09:21:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 0C95
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7d6388c-cd9c-4f9c-9732-804cc5882e21&ttd_puid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7d6388c-cd9c-4f9c-9732-804cc5882e21&ttd_puid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e7d6388c-cd9c-4f9c-9732-804cc5882e21&ttd_puid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
qmap
sync.crwdcntrl.net/ Frame 0C95
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=&ct=y
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.1.116.111 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-116-111.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.27.239
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.10.53
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 0C95
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:10:57 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 0C95
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUNENUNEMjYtQUU1Ri00RDg2LUEwOEYtN0REQzMyQjg1RDJF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Fri, 23 Dec 2022 19:11:06 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
date
Fri, 23 Dec 2022 19:11:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 0C95
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFcue8fm2HlfBw_h5XNd6xg&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Fri, 23 Dec 2022 19:11:06 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
date
Fri, 23 Dec 2022 19:10:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 0C95
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B5B9AA53CD9C45FDB0CBBEF0C3D32AF3
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Fri, 23 Dec 2022 19:11:06 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
date
Fri, 23 Dec 2022 19:11:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0C95 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.177.10 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-177-10.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cs
cs.minutemedia-prebid.com/ Frame 0C95
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4902551777188804151
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Fri, 23 Dec 2022 19:11:06 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
date
Fri, 23 Dec 2022 19:11:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 0C95
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KXcx5xVE2uXV67AaAggocJJqVxh6.jI-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KXcx5xVE2uXV67AaAggocJJqVxh6.jI-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KXcx5xVE2uXV67AaAggocJJqVxh6.jI-~A&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 19:11:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=7376c891-576b-49c1-ba46-77a25cd71e32
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=7376c891-576b-49c1-ba46-77a25cd71e32
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21489&id=7376c891-576b-49c1-ba46-77a25cd71e32
access-control-allow-origin
*
date
Fri, 23 Dec 2022 19:11:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pug
simage2.pubmatic.com/AdServer/ Frame 7394
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2dffdbac-baa2-4c1e-a81c-e709eee665da&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 23 Dec 2022 19:11:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
minute_media
cs.admanmedia.com/sync/ Frame 7394 		0
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=F3ZfCLZH7pfFOzTDQjOuGxL1
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=F3ZfCLZH7pfFOzTDQjOuGxL1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Fri, 23 Dec 2022 19:11:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=F3ZfCLZH7pfFOzTDQjOuGxL1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=2VyLuRDujHeg&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=2VyLuRDujHeg&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=2VyLuRDujHeg&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7675cfbcb7-76j9m
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=5e87528a-0f98-4ac9-8235-ef8dcec593e5
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=5e87528a-0f98-4ac9-8235-ef8dcec593e5
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

date
Fri, 23 Dec 2022 19:11:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=5e87528a-0f98-4ac9-8235-ef8dcec593e5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A&gdpr=0&gdpr_consent=
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 19:11:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=175b6d2f-eee4-5465-8828-3738eb8dca71
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=175b6d2f-eee4-5465-8828-3738eb8dca71
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=175b6d2f-eee4-5465-8828-3738eb8dca71
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004&rndcb=8969712032
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&google_hm=M2QwZDRkODMtNzFmNy00YjNlLWE4NGUtMTQzMzUyNGIx...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBL1XDO5PJ4C1AsVytYzQU0&google_cver=1&ssp=adconductor&bsw_param=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
  • https://sync.1rx.io/usersync/bidswitch/3d0d4d83-71f7-4b3e-a84e-1433524b13d9?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-e46199c1-06e7-4c91-83ba-6c78e18e4...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
date
Fri, 23 Dec 2022 19:11:07 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe46199c106e74c9183ba6c78e18e4f68004
content-type
text/html
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=aed2cc87-03cb-4d85-88dd-60622c503e94
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=aed2cc87-03cb-4d85-88dd-60622c503e94
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:06 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:06 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=aed2cc87-03cb-4d85-88dd-60622c503e94
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7bdff88a46edbfb7644&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7bdff88a46edbfb7644&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:06 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:06 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7bdff88a46edbfb7644&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3d0d4d83-71f7-4b3e-a84e-1433524b13d9&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524912331894634775&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=73d27b72-b5d1-4aec-a3f0-16eade86f0f3&ssp=minutemedia&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524912331894634775&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209760804374005613749&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524912331894634775&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
0
0
3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame 7394 		0
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212062442102972
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212062442102972
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:06 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:05 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212062442102972
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cookie
cm.adform.net/ Frame 7394
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dtriplelift%26...
  • https://prebid.a-mo.net/cchain/0/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=triplelift&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1a...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dappnexus%26cbx%3DaHR...
  • https://prebid.a-mo.net/cchain/1/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045...
  • https://prebid.a-mo.net/cchain/2/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a...
0
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21503&id=1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff
Date
Fri, 23 Dec 2022 19:11:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moeOC3OUW9VYj7etRXFMq1bv7MgkA%2BXMisAx28b3CC0vgjNI4I8hCeU%2FWnUEoj4Fb5limRL2sRdAD98%2FMe6AagVKvLbq%2FVWzhs%2BSeg02YG3GA6x9FGSCXteeC4sd9WwMPX7%2FYTMz7S4v6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y6X9Rn0Afu4XBxBh04GXqQAA%264759
cache-control
no-cache
cf-ray
77e366b44b42a979-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=60199173274484273373
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=60199173274484273373
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=60199173274484273373
date
Fri, 23 Dec 2022 19:11:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cookie
cm.adform.net/ Frame 7394
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQQ____________ASpZa...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F25535%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a...
0
0
us
sync.go.sonobi.com/ Frame 7394 		0
0
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=1466969437089447570
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&id=1466969437089447570
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Fri, 23 Dec 2022 19:11:07 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
406d25d1-ce9c-4c7b-a82b-8efbbe7a1b57
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cs.minutemedia-prebid.com/cs?aid=21484&id=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 7394
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=3154994645745196841&gdpr=0&gdpr_consent=
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=3154994645745196841&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 23 Dec 2022 19:11:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=3154994645745196841&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 19:11:06 GMT
content-length
0
v1
match.sharethrough.com/universal/ Frame 7394 		0
0
sync
ads.servenobid.com/ Frame 7394 		0
0
/
onetag-sys.com/usync/ Frame D6B8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
1ba1f130b2311510bb4fd92b3b0989dda33c1687632cbc34ac5d8fbe33a0e922
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1405
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 29BE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 19:11:04 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Dec 2022 19:11:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 08C3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
76026170472fbc7288cccbe2866a01a523546553c6c0720a680be8c9a86a7a54

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
content-encoding
gzip
last-modified
Fri, 23 Dec 2022 03:56:28 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=31536
content-length
10066
expires
Sat, 24 Dec 2022 03:56:40 GMT
usersync
usersync.gumgum.com/ Frame 08C3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LC0W1N2T-Y-994A
  • https://usersync.gumgum.com/usersync?b=mag&i=LC0W1N2T-Y-994A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LC0W1N2T-Y-994A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LC0W1N2T-Y-994A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame D6B8 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D6B8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBlZZT_GTkA8sWZK7ugmA1huW3T2zA37A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBlZZT_GTkA8sWZK7ugmA1huW3T2zA37A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhUBlZZT_GTkA8sWZK7ugmA1huW3T2zA37A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame D6B8 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ecm3
s.amazon-adsystem.com/ Frame D6B8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=EF2B9BwoSqcm308TdJogu1RB9wlyds43lQR7y0L29aY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=EF2B9BwoSqcm308TdJogu1RB9wlyds43lQR7y0L29aY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 19:11:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4Q9DZ12H044HSBBWRDB8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=EF2B9BwoSqcm308TdJogu1RB9wlyds43lQR7y0L29aY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
x.bidswitch.net/ Frame D6B8 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 19:11:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame D6B8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 23 Dec 2022 19:11:04 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=497863a5-fd41-4500-a891-91e4314bf8e0&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Dec 2022 19:11:03 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D6B8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame D6B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1466969437089447570
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1466969437089447570
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 23 Dec 2022 19:11:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7d51df35-2ff2-4c2b-af61-eeaff6afc98c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync-global.smartadserver.com/api/ Frame D6B8 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame D6B8 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:22 GMT
content-length
0
/
onetag-sys.com/match/ Frame D6B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECgBigy1_XtgWEyKlPc-OCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame D6B8 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame D6B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=e7d6388c-cd9c-4f9c-9732-804cc5882e21&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
cs
cs.minutemedia-prebid.com/ Frame D6B8 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://onetag-sys.com/
date
Fri, 23 Dec 2022 19:11:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
usync.js
eus.rubiconproject.com/ Frame 29BE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
76026170472fbc7288cccbe2866a01a523546553c6c0720a680be8c9a86a7a54

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:04 GMT
content-encoding
gzip
last-modified
Fri, 23 Dec 2022 03:56:28 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=31536
content-length
10066
expires
Sat, 24 Dec 2022 03:56:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C955 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1014390714682019&bg=!3N-l35vNAAYgquz3AKo7ACkAdvg8Wu6wLDl09NlHG2XqKU8fhOdDVyJnNpO0LUG3CRniHrPD7X_pwQIAAADAUgAAAANoAQeZArhtZvp5hejZH_ndCumF5V9vidxsnPGlVYSnh58QokwL8p6llzRQ3ziqtAJC5R6Xjsnn4VH2plYMmSu27g1aRq7iAJIBzfqeRCYxCpkMflSYzb523LOfXuhHbtlNV3S_UTxL_aj_N39dH4RwGUUJyw6D7mjd8FaiGMCsD-dAU8k06ZxPzp7pmjHoGxX8RxTM7sZb4nopgBiUAujcjHjOwYQ6T0TmQqK8I_YKAPdNIApCHIk0IXg4X45Px0zSMas8Zl2V_H5MqfzCoiLIwUtFo9uGA0D179q9ogXUHpwtuRCKtpLeMO84gaNqUR6fNkgOdME8UZF74oYC0LoAVzRULIZx333kdk7IOjVbJdrrpaOUGq0KiNzB-T5eSoL0HS101ypzuIoN1m_kCgbH40_6gONiFBEhKDJvcKGYN3aal1MKMyLif-IquC_hQDhJoh8HycVTDGFxJgYmcOo1HCwrGl_q9DF16cPJxB0pxCpsL0jAEfzEH42MkCOvE1xYxuE4aofpOhViecQBbSLEA5WbfCiA22oX4SqETrsMJ3Jckaz2ZzTEuK6dJRbHBPd1H-n5IQX4tpR-jdDjMs_YksvrYA-gdgQ_MHIE5pvQdw4Jj6BP81kCh7y8tXct_QL1uBslUn_2qVxMAI12w6yczWHy9-4VsqNTShVrtTLkXNC5zT7iFeY1D1yuUXC5E3-ZoUGHxmRG7maZ3BnuVBnFJffCX3lnz4wG5x5sVt20pnU5hzUDbiHAHOiAj6chINc0YIR0axUChW0k1Kmxbm_AMsuRKS87x-Z7nXytAOBfdhPiJcsd4b3cFBicnr9dO4uDJS0VQ-XdG8rzi-vI-oHOSXqZ3Rjr_8oVqr7GZiEVxJth28BaIhL1ktx6j2SpdF4xIvIyn2UMNZ2g-f2XH3tVV8yoPKMJ6VrFO6EzGAw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 49A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2123180810527031&bg=!9vWl9bHNAAYgquz3AKo7ACkAdvg8Wgr4EdUz7vYs-KZLFijYxXCJ-OqebXwRXCwXbguUgnXn1K-v1gIAAADRUgAAAANoAQcKAFEY80s9sctFFMMxP3bD-oV3gaEXg2fyw6rpSLtxqWSiM0u0sLeoryanj51rFaRbXimkCo8sXL4WIrZmW9q5WRMw2Ol0r7d-47X3aS6T01Puhy6ZAukZEKsjUaIn33slgy_yrMUyBPf8kl1OeG9ArrVIOiqVrpOqUvm-7_odaH1wJZ7JoPAokXC4gVU3rw7MELoe-yYPZ45bEkbPvhtQRA2EO2HfC95VjQiCB33DfjxicgiN4HR5XuQLRowS-DFDDCPzDS1jfHrm8Vul9oa76hLa-pN0Qv1B0PzGiw6dE3qQiU0BM2T8j7016lZ5FVcPg3rOvdZ2YGNBJ8Jbp9lIuqz9w6BgHCNEl0PfmEypH9-mVN-1G0JyIwvFHxAzxktt4hTbru5rierr-dzqcpNPD6Q67dnVpMc44-DijS4eVXV0_PHdEcXyNXLeS1Btq0lKfvaYJFvQ7Ez71DN0J0f3l7YpVX2aOlalkKwLu9JW2uVcc549H40chN6MHOpShvNTzO1JTkAwfU5rZFihyyLT-NVq_U11FtmHVZkuOUV0uuRK9C-HKrHlO5JUZKs-AGTXmNcC8ATYy-EdiBhqGAFsZIpZcN0lZ8xiklAb6ZPAn_nNTICWtqXdlsu7XPmqaiqBRCTJW6lAIhmd0TSHcOuoCGHIOWPihJxLk1nUNmrqGozVON37atfMwEaXUV_YcI3Xq2ZaxfvPZbA7OzMRFlVADwSGXOwAvIJrw1ut7FG0fswsN_PJ7ui_EovNE8k090o23VuWVB2F_Gx_l7ro3ztuBemGXg7oCw9EasQnomzGoDXWbrNS3RiEQSUEb8je8RjV5DQC63KswPRjR31LAsUVuOgbpqoUrg2D-m_lrr8oUMMSQj-NU8-5LpSVE5M9FFOXucql7LwFNd2P3eKjiRQ3-IeGu0Ze5G0tVTc7qcX0Uptpd25fm8LmnhO1dmQ162TkcdxEZ14SEIdCRZtr7iHbkGqidURbB3OStw-tTDLa5STYc4dXKNcAMhMQBD9cJ1Lb_JR6QxvD83Lir9VLR6aMaZDepWRzkzlPCt4Z_81qxcgYkI567K9_95_B19h2Gzs4NVlFZLNaV5Rv-5K-IdCB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3319466712055294&bg=!2Nul25_NAAYgquz3AKo7ACkAdvg8WgShfql5HeKMkDvP7kiadsoW7gkcyoR7Ltx0MVPAA2L6eKjX-AIAAADAUgAAAAJoAQeZAtsc3MILp3MswIArhdTYSUFUrtlcmtHBz_DvJRf6urY9BFi2nbcTvMblVs2fZh-8EIN8gm0oP1nw238O1VqOccQ5Sv3eK8N7iOMa3umVD5h2loiwxXH2T8vtp7t0gAlUI-xZA0Pwg1Y3u0dVKhaEA2Rk_sNAo3tXB10G1ARBCfU3CVo9VG5Q-t2j8X7UbTzGpq6ag4JGuorge3hHqfQsZMCuNJZJ84pPDqWwtgAnxbYIaZhRttdIrH8it3ciTPakh64B0ErHmjWnAcSQCq73yowYUK9AXs0c5BYbooDi6WKVA0_ZJCgiQN60yzi6yDvunvgLNssCAx0BUH0xehR6-TPJA4cBjZrROtUBcqOWyGDLhdohgZ-8IdbwRdmqyYCFfVohEeQWPpiXRGsRVSHAq1fsKyNu_fgpZMiG9snsNTrqxbKl2PmWdCodIpaRvR9D0voA49LmH77nm3Bh5PtTFV0kQJULVaXZB_hLhCo6vgKn9O46fdKrPKgLg7fTcpMJXBL4fRR1VpI5pUwUGNaB_3wFnXfj_a-GWkMyfzuKTEe_TQsQZr9ZLokHQDweRuA9bDcINRZ2MKn0HOkbmub7oqr5oH4l0QZpF9t37wISLgThvsfJyXs8hF0W40Q2FIrUjQ9ItdEtwjRp-y2rgn7IpKdwTbpTva8QAqCg-QKBeuZYe91OZankWUa0uATXdF0NkM1a9SJnt0Q7uimFMbcysCpFpLyle_4DoW3SEdrtXrYi-CyYQEmVBSe62MfJAQU7aC8TWnhxSc_9skJAxcTJplF7v8XxyGBfJ0Z5yPbKt_o3PQwcXl4dfH4-HGQE9zkkq98xMs43CWbpGXTL9ptDaplDFil0rUjw5MJtq10Uk7DumOplpohMFTcCtT8cZFSJYqpqhzz-_Gq_MF3tr-QHBvVqOQpn_LGQP3AJ2eYw-aEEbuGewq5frcJ2s-HDg61qC9pSKeJrAcoye8uoUA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cs
cs.minutemedia-prebid.com/ Frame 29BE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LC0W1N2T-Y-994A
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LC0W1N2T-Y-994A
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LC0W1N2T-Y-994A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
3.234.66.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-66-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://eus.rubiconproject.com/
date
Fri, 23 Dec 2022 19:11:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LC0W1N2T-Y-994A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
f910b93bf13b49e59bb06286e9cf623a_cpn_120x600_1.jpg
static.criteo.net/design/dt/85833/221214/ Frame 5CC3 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221214/f910b93bf13b49e59bb06286e9cf623a_cpn_120x600_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
84431b09673903e5a29eb60e990cba3993be8d86653aa00f29b452c0a9ae36ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 14 Dec 2022 10:25:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6399a487-b9f3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
47603
expires
Mon, 18 Dec 2023 19:11:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8BA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4264461977351164&bg=!BwSlBEDNAAYgquz3AKo7ACkAdvg8WspOG04e-S5d4qpVzq2iKwUpSTKJNZdlSIdPpoC7nnqo3YXz3AIAAABmUgAAAARoAQeZAsw0k5lbWtcXV3xIyttHKoA00J3oUuTBUmD827Xh5cpl8gNRX67jIMkcs4qQcCll2WvDqVX9akBKZ5Ca_9kg_vcAAW2ocHW4wJib3vtOuRL7_XanWzmeQR88Dnf3y6OQHBGrSVtIcWeDFjVuMkjCX75Ytkf-0sVhE2Kw-xvsotMAa7erK2mqAqcAE8AXsJX9jn0eIU5N3MkrC7sq4w0WmoxvW6kTphL7Hwu5IObwjGBWz8db1KIgDNQt5coEuTjBGsYY4mELdcwpXDUzREbg2WLamz-XwI_KAi1XJUpQk5FRcY9hlVA1MyrZSx_WN9kxRfixIkLbOx1p1EwudL6mXv8ADS9bIUCm-QI72ACASz2Tk2keS7fDscQzHEhqvmxavIcO-lSzhguCWPBGyRpyJ6W1QCIDunNfxZKRVhdh7yQhSZL1qj1Zq-uq_hFJHgzJvPcQr9A1SIZc9U5pNLFgaC-AEF3OlAk8PcSY1cdbTBQeaaigoqdmucSo4KrDwHvTBPwJiaTDmI0HsRGNyKBZPGbKh1WpGEyzQDvJmcS5orGLhQm7UhRYThzXfoUWw-_e96EtOdM_QeFJbqyek2_r2kU88kvUC9-TPMyap5nwK27ZDSZkq6xENiJGpY9ubGFjMwlFTR3OTNN29twGva9BWxjDsANNFjsBsB5sIaddIPh2xJcQJgPHTZfaEP_6dXTqLTX_HxnaLf9c7vnvLK-WsfgzMZIBME1fXyXbZPN_ICdoPBFsSv7BKg71rZxg_Kb53UxvGW8GJDiwcXCrcoLDXJtBLIqHmAQZt_lsaUGYZ3iirWdyJ2XrpszLwsWo73HOmzCSL6inNb-TJLOJhQNZy6bKF6oWRwqY8yTbKSUmd1MT1EmRd8Hvur2isP6hKwEhOo5NvXhirbOteRYbG3YxtMyfD1ng_LPbvAz-O_Dgg5le_m1MDHWUGuXXynd32A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 0C95 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=1419883430&cid=1356302602.1671822654&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671822661&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&dt=%E8%BE%B2%E5%A7%94%E6%9C%83%E6%92%B2%E6%BB%85%E7%BE%8A%E7%97%98%EF%BC%81%E6%98%8E%E5%B9%B4%E5%85%83%E6%97%A6%E8%B5%B7%E5%85%A8%E5%9C%8B%E5%81%9C%E6%89%93%E7%96%AB%E8%8B%97%E3%80%8C10%E6%9C%88%E8%81%B2%E6%98%8E%E9%9D%9E%E7%96%AB%E5%9C%8B%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 19:11:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C97F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16246010&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f5602630189c2f10568735af7608db931b179377c0ace7ed7e2e333a28c9d061

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 19:11:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame E11C 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 23 Dec 2022 19:11:06 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame B864
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw
42 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 19:11:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 23 Dec 2022 19:11:06 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5A33
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 19:11:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 19:11:06 GMT
expires
Fri, 23 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1078348
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame A1CA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KmLlWTCDS9lUyWUEtiRzN3RaSsU
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KmLlWTCDS9lUyWUEtiRzN3RaSsU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 19:11:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Dec 2022 19:11:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KmLlWTCDS9lUyWUEtiRzN3RaSsU
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame FFC3 		0
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
Date
Fri, 23 Dec 2022 19:11:07 GMT
Pragma
no-cache
Server
nginx
expires
-1
30548
prebid.a-mo.net/cchain/2/ Frame 9647
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Bqu8dth2AP2XvpsCS_2lYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045...
  • https://prebid.a-mo.net/cchain/2/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1CEF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bk55uvAO1P8NrF5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bk55uvAO1P8NrF5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 19:11:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Dec 2022 19:11:06 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bk55uvAO1P8NrF5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-08b2c31c800dc1f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
cm
ipac.ctnsnet.com/int/ Frame F8BD 		43 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 23 Dec 2022 19:11:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 090A
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f512bd2366fb4bfbb8909b18acbafc3a
42 B
271 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f512bd2366fb4bfbb8909b18acbafc3a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 19:11:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Fri, 23 Dec 2022 19:11:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f512bd2366fb4bfbb8909b18acbafc3a
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
pxd
dps.jp.cinarra.com/ Frame AC83 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.187.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Fri, 23 Dec 2022 19:11:07 GMT
RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
sync.targeting.unrulymedia.com/csync/ Frame 6C6C
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004&rndcb=6577379227
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2dffdbac-baa2-4c1e-a81c-e709eee665da&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/3d0d4d83-71f7-4b3e-a84e-1433524b13d9?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 3175 		0
0
bridge
cm.adgrx.com/ Frame DDD3 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Fri, 23 Dec 2022 19:11:07 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
141
match.deepintent.com/usersync/ Frame EBC7 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.3.3.8 , United States, ASN399183 (DEEPINTENT, US),
Reverse DNS
Software
b4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Fri, 23 Dec 2022 19:11:05 GMT
server
b4
Pug
simage2.pubmatic.com/AdServer/ Frame 640F
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 23 Dec 2022 19:11:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 9706
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77e366b61ec61c4d-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 19:11:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77e366b46dae1c4d-AKL
content-type
text/html
date
Fri, 23 Dec 2022 19:11:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1322
cookiesync
core.iprom.net/ Frame 1A1B 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7A8C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 23 Dec 2022 19:11:06 GMT
expires
Thu, 22 Dec 2022 19:11:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B5B9AA53CD9C45FDB0CBBEF0C3D32AF3&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
cksync.php
contextual.media.net/ Frame 527F 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3148242627443742000V10&type=pba&refUrl=&vid=18226626033148242627443742000V10&ovsid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3148242627443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D18226626033148242627443742000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 23 Dec 2022 19:11:06 GMT
expires
Fri, 23 Dec 2022 19:11:06 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
SPug
image4.pubmatic.com/AdServer/ Frame C97F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=497863a5-fd41-4500-a891-91e4314bf8e0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=497863a5-fd41-4500-a891-91e4314bf8e0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:11:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 23 Dec 2022 19:11:06 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=497863a5-fd41-4500-a891-91e4314bf8e0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Dec 2022 19:11:05 GMT
ddp
pippio.com/api/sync/ Frame C97F
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f10b2582248b45e03c31a98b56485cf9034de10b9cf7ecd9d4c1162c859b7e12791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmMTBiMjU4MjI0OGI0NWUwM2MzMWE5OGI1NjQ4NWNmOTAzNGRlMTBiOWNmN2VjZDlkNGMxMTYyYzg1OWI3ZTEyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmMTBiMjU4MjI0OGI0NWUwM2MzMWE5OGI1NjQ4NWNmOTAzNGRlMTBiOWNmN2VjZDlkNGMxMTYyYzg1OWI3ZTEyNzkxNDI2YjU0MTdkY2UyMRAAGgwIy_qXnQYSBAgCEABCAEoA&goog...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C97F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8485249016830179443&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8485249016830179443&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 19:11:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8485249016830179443&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 23 Dec 2022 19:11:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame C97F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1d79b112e7432049&is_secure=true&networkId=17100&version=1&nuid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALeFeXbSAzjgMEgYwfAAAAAAA&expiration=1671909067&nuid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:10:25 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Dec 2022 19:11:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame C97F
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1466969437089447570
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1466969437089447570
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/nong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 23 Dec 2022 19:11:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 23 Dec 2022 19:11:07 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d76cc9d2-8972-464a-8b87-547daf3b59fe
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1466969437089447570
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
all
csm.as.criteo.net/ Frame 8E85 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=bbqUvPleI6Zml46cpXPi4CHLFQhrek1nok1THKqwkOEIdg7c8Fj03xiVWUmcU0MhRXhGUyL5241bcp2wvUFVeoSrjbHeCA1zhioNJVPrHcgy7pGsVl49zU_W-1EeVBsfXN053smbNIK_BPsHg_wiAl4uYWOQ7AmBina7t5Z0PbykvWmfyFhsEtxYC-z6EASnakwKOmmDAKdPC0q6AkQOywSb_7YAT6afY2LmW1t2LDrWa09YaaKdBl_LaGA_kZiOR-hhuQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y6X9QAAEfXkKaPEBAAIjPLT8aWNIipZqv8ZxBQ&u=%7C39Qw9ycrhY72CN0ZafswF6iAqV0lXppGNq%2FlWI1M3aY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uU76DPF4kH0nK3o2y5ap8dAZ6Hn8vIhOf_cKtRzysAKQJMqq_5VxMFZ-lM9KaQXbhJORHmN9SLuN_GA7RieC3WgOhTiUyCcGcez_O4RD74vbeiEU0ex6v9bCJQEBZffc9Vkwl8tLpCbuSs0k4_KBfKCeeZ-OL0-_KWCQScDQgrdlCHCS9RpbJAEakL2BgO4dTFLMFpyf9WJmQwjjefAP_358OjDH1kjvkGhwq9tZEnkogKCS8uYKnp1FQNoINrbx0Q6jGVFtbNMqK_wkc0RCZt2NNCeaMCliizBbbf7xySCAWyo5Bv4uP40p8wJA8C6KxNLKo4zKcH9zmytuUztUtLXBRrq_SKV_5zrsbqKEf8n2djSi0hQymCrToApzLQYOFTQL5wo-tF7IqdetXAic76RNxoPqRaKxvExFOeKfOjGtfGrQzaSynTRi1SkwwqDjCW1VP7tsqgMRstle6uCDUwfwtayw4zb2ZlBYKeMb5AE8g7MNpo_NCbtmw5q9gThql9LeDUX5tmTW0QTgBNOG4mYHZ-TyEzD0hIq37nkdohQVRsyLwHCiKp4wRgpY6bJY0YwMltlafq6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu-MCQP2lY_n6EYHiowO8xojYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAsbX12DQdaY-qAMBqgSmAk_Qo-iJugoUM0odx2W_rFKxHbcAyde_Q7cS2qknyTXKJCVGcJSvBhyBKFWuydeAv44TL8gOeqwuPmdtAKYbEndvCMyc8v_PTHWRwOj3Yxdr-LMpU2ufGCht5So_1eoYiuVRiwTM5fS202ju6Rm9xc6xKjxWnk58xQdAwbuy1qfQU8XyZPpXcoOtNFPupckpUQEAs5Lrq_mZ2gp-MNLvddu_1blS30Awk-fKQH5uEGvHAnvF1XJLVdjSF6a_EYqg2JdO08nniQSoZHT-WYz5cj9jnPsUYlUHnSK19q5tmNhjyei-aDRxtPOFOYMtKxFONRorgO6GxefAXGrnnbJRqqr2ISVSdvenUn5OQd9bvOU0seQSDLyXmloS1o3RuZ22QemVHplZ2IAG1JONl_O_9Zh9oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2HvusR5JpH63VMKoLBr60BImIuIg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 23 Dec 2022 19:11:06 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E687 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68490960&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 23 Dec 2022 19:11:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame D595 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Dec 2022 19:11:07 GMT
Expires
0
Pragma
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=F3ZfCLZH7pfFOzTDQjOuGxL1
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQQASIEMVlOLSrtAWh0dHBzOi8vcHJlYmlkLmEtbW8ubmV0L2NjaGFpbi8wLzI5MDQ2P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTdmMmUzOWQ4LWZmNWMtNDdlNS05ZDMyLTQ5MmM2YTQwYTA0NSZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLWQwNDhlM2U0LWY3MjYtMzI0Yy1iNGU3LWNhZDgyNDdhYTI5ZDIBGjgB
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kMDQ4ZTNlNC1mNzI2LTMyNGMtYjRlNy1jYWQ4MjQ3YWEyOWQyAhoGOAE=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=339&uid=y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=3d0d4d83-71f7-4b3e-a84e-1433524b13d9
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F30548%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F25535%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7f2e39d8-ff5c-47e5-9d32-492c6a40a045%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFrTURRNFpUTmxOQzFtTnpJMkxUTXlOR010WWpSbE55MWpZV1E0TWpRM1lXRXlPV1FRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMxa01EUTRaVE5sTkMxbU56STJMVE15TkdNdFlqUmxOeTFqWVdRNE1qUTNZV0V5T1dReUFnWWFPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=348&uid=SPMNmTitk_mm
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/2/30548?gdpr=&gdpr_consent=&us_privacy=&A=7f2e39d8-ff5c-47e5-9d32-492c6a40a045&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
pippio.com
URL
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmMTBiMjU4MjI0OGI0NWUwM2MzMWE5OGI1NjQ4NWNmOTAzNGRlMTBiOWNmN2VjZDlkNGMxMTYyYzg1OWI3ZTEyNzkxNDI2YjU0MTdkY2UyMRAAGgwIy_qXnQYSBAgCEABCAEoA&google_gid=CAESEIkfl36ishIkA0qe8PPGToY&google_cver=1

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| AMP object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| ampAdSlotIdCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter number| ampAdPageCorrelator object| listeningFors number| 3pla object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries boolean| ampInaboxInitialized object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| noPreviewPage function| quantserve function| __qc object| ezt object| _qoptions object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

214 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQp7eVg9QwCgoIgQIQp7eVg9QwCgoI4gEQp7eVg9QwCgoI5gEQp7eVg9QwCgoIhwIQp7eVg9QwCgkICRCnt5WD1DAKCQg6EKe3lYPUMAoKCIwCEKe3lYPUMAoJCF8Qp7eVg9QwCgkIHxCnt5WD1DA=
.aralego.com/ Name: sspid
Value: 0eab936f-e555-3ade-b0c8-6ca2d00c2fea
www.bg3.co/ Name: __AP_SESSION__
Value: d1b3dec7-0a1b-4a10-af67-951f0e90d255
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkulVwikXAaG9aSLB9hXIdIj4ULZuY6ap5RIsbFhZPZqiPMKcrSTon5rOZFZAc
.adpushup.com/ Name: ap_uid
Value: 87359eb2-82f5-11ed-a9df-000d3ac7a5eb
.adpushup.com/ Name: ap_usid
Value: 87359eb3-82f5-11ed-a9df-000d3ac7a5eb
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 14728fd7-d98d-4a6a-a07b-3e92eae12afd
.yahoo.com/ Name: A3
Value: d=AQABBEH9pWMCEM_IQxOVXZLYf0d8b_RRPlwFEgEBAQFOp2OvYwAAAAAA_eMAAA&S=AQAAAv2v5CdRJQOmUc5nyK4w94Y
.mathtag.com/ Name: uuid
Value: 497863a5-fd41-4500-a891-91e4314bf8e0
.mathtag.com/ Name: mt_mop
Value: 4:1671822657
.fout.jp/ Name: uid
Value: tyevomfMTKA3dIGw11S2HMr5orA
.simpli.fi/ Name: suid
Value: B5B9AA53CD9C45FDB0CBBEF0C3D32AF3
.bidswitch.net/ Name: tuuid
Value: 3d0d4d83-71f7-4b3e-a84e-1433524b13d9
.bidswitch.net/ Name: c
Value: 1671822657
.mediago.io/ Name: __mguid_
Value: e724d9554197a8d1b5eb245147e24ca0
fksnk.com/ Name: AWSALBCORS
Value: bQ3ODXL7t3PW2R69aI/wFR2WJRFFtEo8hlpquQ38WWKWQLUIS1G6XEy9W7i+K8asg7D323AoDr42ahhaFsvGh5A706uM2k+wYDSF4sblTuGyf4wRmMIbJNb3RKen
.fksnk.com/ Name: f_001
Value: 93C8A825C4149CDF
.fksnk.com/ Name: g_001
Value: 1
.openx.net/ Name: i
Value: 14728fd7-d98d-4a6a-a07b-3e92eae12afd|1671822657
.bidswitch.net/ Name: tuuid_lu
Value: 1671822658
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwwvqXnQY4AUABSAEQwvqXnQYYAA..
.adnxs.com/ Name: uuid2
Value: 1466969437089447570
.omnitagjs.com/ Name: ayl_visitor
Value: fdc4b8e9e29da59ce7b632b1553f9066
.rubiconproject.com/ Name: khaos
Value: LC0W1N2T-Y-994A
.teads.tv/ Name: tt_viewer
Value: 41c274a3-108a-459e-8693-632075213e21
.bg3.co/ Name: __gpi
Value: UID=00000b966bbe2133:T=1671822658:RT=1671822658:S=ALNI_MZMz9Xu5wyI-vJjRL0661bYxRf-Dg
.bg3.co/ Name: __gads
Value: ID=7941c0e0b32528ba-22272e14b1d900e8:T=1671822658:S=ALNI_Ma8rNELMn9nq91tjAjK4SO76tchIA
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1671822661.1.0.1671822661.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1356302602.1671822654
.quantserve.com/ Name: mc
Value: 63a5fd45-5ffcf-8a26a-132ac
.adsrvr.org/ Name: TDID
Value: e7d6388c-cd9c-4f9c-9732-804cc5882e21
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e7d6388c-cd9c-4f9c-9732-804cc5882e21%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-23T19%3A11%3A01%22%7D
.openx.net/ Name: pd
Value: v2|1671822661|jElYiuvOiahI
.turn.com/ Name: uid
Value: 8485249016830179443
.3lift.com/ Name: tluid
Value: 60199173274484273373
.openx.net/ Name: univ_id
Value: 537072971|e7d6388c-cd9c-4f9c-9732-804cc5882e21|1671822662353510
.media.net/ Name: visitor-id
Value: 3148242627443742000V10
.zemanta.com/ Name: zuid
Value: aAT3GSHLh7PSRytorJvK
.casalemedia.com/ Name: CMID
Value: Y6X9Rn0Afu4XBxBh04GXqQAA
.casalemedia.com/ Name: CMPS
Value: 4759
.casalemedia.com/ Name: CMPRO
Value: 4759
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjcxODIyNjYyfQ
.bg3.co/ Name: __qca
Value: P0-687585939-1671822659633
.media.net/ Name: data-mm
Value: 497863a5-fd41-4500-a891-91e4314bf8e0~~8
.ladsp.com/ Name: cr
Value: 1
.media.net/ Name: data-a
Value: 1466969437089447570~~8
.bg3.co/ Name: cto_bundle
Value: xM6D0191VDRLdk80JTJGMVd3NEtWJTJCYlpSeERweFlMSHRWeDQ3VUVUNEcwZWExcCUyQjIlMkJVdjJLeUttQnFvd0wlMkZ6bGZMOEYlMkZleXhXNU1lNmk1SiUyQndCUGtQMUt6SXhJRTVjZDhHRlllWFJSQTAyMkhoM01jJTNE
.bg3.co/ Name: cto_bidid
Value: 6sAnF19BaU5LRk91MXpQZ2NQWDdZVFZ0bW50ODhWbk5mJTJGYXNnWmZzS3lPJTJCJTJGUFdFb2U5VlAwVnFHZ2x2Q1k0b3JjeUtxcDI4TzJCRFVuZDZ0T05yUiUyRkJTNzd3JTNEJTNE
.adkernel.com/ Name: ADKUID
Value: A6543217025203167527
.media.net/ Name: data-o
Value: 0ff2d911-db0a-4f7d-99e2-88143c298bdc~~8
.criteo.com/ Name: uid
Value: 151452e9-6d70-4058-8792-5838814346d4
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.a-mo.net/ Name: amuid2
Value: 7f2e39d8-ff5c-47e5-9d32-492c6a40a045
.prebid.a-mo.net/ Name: sd_amuid2
Value: 7f2e39d8-ff5c-47e5-9d32-492c6a40a045
.linkedin.com/ Name: li_sugr
Value: e2f4ae26-3e50-430e-9a56-4d73ac212973
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9512bbff-7d14-4218-866a-4090e2d187e2"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2552:u=1:x=1:i=1671822663:t=1671909063:v=2:sig=AQEVDXko7iHR_DQBIUDTaZXqy2DFhvDg"
.doubleclick.net/ Name: DSID
Value: NO_DATA
.w55c.net/ Name: wfivefivec
Value: bk55uvAO1P8NrF5
.ladsp.com/ Name: smn_uid
Value: De55vvy1TT-WlMXNxbyGaw8x6LDAXSk
.ladsp.com/ Name: lum
Value: CLq9lYPUMBIFCAMQ0AU
.media.net/ Name: data-c
Value: 151452e9-6d70-4058-8792-5838814346d4~~1
.media.net/ Name: data-c-ts
Value: 1671822663
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A6543217025203167527
.media.net/ Name: data-g
Value: CAESEBGzi_eHpXOpBrMtHBtFExo~~8
.servenobid.com/ Name: pid_337
Value: y-Xvd62bpE2uHLn9DePAwj1hQvX8xlJduMu1298fk-~A
.bing.com/ Name: MUID
Value: 3E368A094C3A67993529988A4DAA6647
.c.bing.com/ Name: MR
Value: 0
.servenobid.com/ Name: pid_312
Value: 1466969437089447570
.smartadserver.com/ Name: pid
Value: 3154994645745196841
.w55c.net/ Name: matchmedianet
Value: 5
.adform.net/ Name: C
Value: 1
.media.net/ Name: data-ttd
Value: e7d6388c-cd9c-4f9c-9732-804cc5882e21~~1
.gumgum.com/ Name: vst
Value: a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7
.lijit.com/ Name: ljt_reader
Value: F3ZfCLZH7pfFOzTDQjOuGxL1
.brand-display.com/ Name: _knxq_
Value: 7c27c712-fc9f-3033-76c25c46.1671822663.0.1671822663.1671822663
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzW0MDCyNDAxNzA1tLQ0NhfiM9T19SoI9XH3DvErLokAAFa1Mm4lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzW0MDCyNDAxNzA1tLQ0NhfiM9T19SoI9XH3DvErLokAAFa1Mm4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZm5oYWRkZmZsYWYGAALWdroQAAAA
.media.net/ Name: data-rk
Value: 1978557980663158451~~8
.servenobid.com/ Name: pid_333
Value: Y6X9Rn0Afu4XBxBh04GXqQAAEpcAAAIB
.adform.net/ Name: uid
Value: 4902551777188804151
.pubmatic.com/ Name: KADUSERCOOKIE
Value: ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
.media.net/ Name: data-xu
Value: bk55uvAO1P8NrF5~~8
.socdm.com/ Name: SOC
Value: Y6X9SMCo5sAAAJ4DCekAAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.minutemedia-prebid.com/ Name: wrvUserID
Value: SPMNmTitk_mm
.servenobid.com/ Name: pid_317
Value: 3154994645745196841
.media.net/ Name: data-r
Value: LC0W1N2T-Y-994A~~1
.servenobid.com/ Name: pid_324
Value: 1975180290470519937
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6X9SAAGL5onIwAo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tidaltv.com/ Name: tidal_ttid
Value: 08875dea-95db-4aa3-a9ab-8bfe2fe05575
.servenobid.com/ Name: pid_318
Value: xP_vQa5hGFadPZecFsEfDrvfEbNFdBnQVLjLNFS1deg
.servenobid.com/ Name: pid_316
Value: ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
.csync.loopme.me/ Name: viewer_token
Value: 9267177e-2359-4d50-a165-d21d174e4105
.servenobid.com/ Name: pid_310
Value: F3ZfCLZH7pfFOzTDQjOuGxL1
.contextweb.com/ Name: V
Value: XAv1EWZXnW7f
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hye|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a7a43ada0db546a2
.demdex.net/ Name: demdex
Value: 01692558157191112064401501975409860436
.bluekai.com/ Name: bku
Value: ikG99WM2oVw1xBLy
.bluekai.com/ Name: bkpa
Value: KJhz06NFQM9R9mO4Dtd34YrTYNkDwAoo9SVN0sVoxYqh10tRLaIdfnnepAIKrKlb5Q8TLUgdbOowgyVmYLnm3fpRMdle6az01VlEsKdz26InXOoOiY9XnKhTgt44fDl4KptgcpzWTVOqRX5fMu9XUR4tGMLWRStFN8mrnfXwCylY4gGOWi22xKv0zO6ZIvWiAzL0pLLGzNMvcPe9CJXbboIFPJ9pT95PX/G5Ku3MnHSWuN42wuG/lh2JABB5DWAOhtuEfY3juRMoUF3jl/3WnLLRTTJucYQ3ekZSkIrkGaZND8an7uCxOqOTX+DXM4ztsKp76lxFURdKRM35dQy9RjB5ty==
.tapad.com/ Name: TapAd_TS
Value: 1671822664570
.tapad.com/ Name: TapAd_DID
Value: 73d27b72-b5d1-4aec-a3f0-16eade86f0f3
.bidr.io/ Name: bito
Value: AAHxlk7HS_sAACDXnwqAiw
.bidr.io/ Name: bitoIsSecure
Value: ok
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjYxsDI0NgMAmLGu8gkAAAA="
.mookie1.com/ Name: id
Value: 10524912331894634775
.mookie1.com/ Name: mdata
Value: 1|10524912331894634775|1671822664601
.mookie1.com/ Name: ov
Value: 2f51f607e4c1d6d80d7dc5b8292e80ca
.ambientdsp.com/ Name: _aGeoIp
Value: NZ-Auckland
.ambientdsp.com/ Name: _aUID
Value: yarx6wlg0ae
.mfadsrvr.com/ Name: tuuid
Value: 1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff
.mfadsrvr.com/ Name: c
Value: 1671822664
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~290j:196n~290j:175w~290j:198o~290j:1983~290j:18z8~290j"
.dpm.demdex.net/ Name: dpm
Value: 01692558157191112064401501975409860436
.semasio.net/ Name: SEUNCY
Value: A1B57F61397E9B8
.admixer.net/ Name: am-uid
Value: 01deffd0c283413da658a3bd239f87b8
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: 175b6d2f-eee4-5465-8828-3738eb8dca71
.betweendigital.com/ Name: ss
Value: 1
.adotmob.com/ Name: uid
Value: 08862204195d2cb57cc7ebdb
.adotmob.com/ Name: uuid
Value: 08862204195d2cb57cc7ebdb
.adotmob.com/ Name: partners
Value: SMA%3A1671822664816
.360yield.com/ Name: tuuid
Value: 7376c891-576b-49c1-ba46-77a25cd71e32
.360yield.com/ Name: tuuid_lu
Value: 1671822664
.outbrain.com/ Name: obuid
Value: 84e918fd-76b9-45ce-8808-030c7872f20f
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 3eeb9d08eeecb8c76dd5d417d35d52f7
.creativecdn.com/ Name: u
Value: 8GuG0PZ8zNiyHWmR7h00
.creativecdn.com/ Name: ts
Value: 1671822664
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1466969437089447570&KRTB&23339-1466969437089447570
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y6X9SAAGL5onIwAo&KRTB&22978-Y6X9SAAGL5onIwAo&KRTB&23194-Y6X9SAAGL5onIwAo&KRTB&23209-Y6X9SAAGL5onIwAo
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:497863a5-fd41-4500-a891-91e4314bf8e0&KRTB&16736-uid:497863a5-fd41-4500-a891-91e4314bf8e0&KRTB&23019-uid:497863a5-fd41-4500-a891-91e4314bf8e0&KRTB&23208-uid:497863a5-fd41-4500-a891-91e4314bf8e0
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-yarx6wlg0ae
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e7d6388c-cd9c-4f9c-9732-804cc5882e21&KRTB&22918-e7d6388c-cd9c-4f9c-9732-804cc5882e21&KRTB&23031-e7d6388c-cd9c-4f9c-9732-804cc5882e21
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:B5B9AA53CD9C45FDB0CBBEF0C3D32AF3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFcue8fm2HlfBw_h5XNd6xg&KRTB&16514-CAESEFcue8fm2HlfBw_h5XNd6xg&KRTB&23025-CAESEFcue8fm2HlfBw_h5XNd6xg&KRTB&23386-CAESEFcue8fm2HlfBw_h5XNd6xg
.media.net/ Name: data-ze
Value: aAT3GSHLh7PSRytorJvK~~8
.amazon-adsystem.com/ Name: ad-id
Value: A_uKSkddDkCJhVJ6p-8a0gU
.mfadsrvr.com/ Name: tuuid_lu
Value: 1671822665
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2a62e559-3083-4bd9-54c9-6504b6247337.8NvZVtvvBze%2FVLf%2BVw0dCAKH406H4oaGTfPNEF%2BekMA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKmLlWTCDS9lUyWUEtiRzN3RaSsU.J7l9vKQOm8RWLTUzINxoDyoJxqtG%2BFmAWYbJuY97RR0
.betweendigital.com/ Name: ut
Value: Y6X9SAAIptjrNFaqJrOENztR15jqPlJCbxojuQ==
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCJCO2PbuyLI7EAUSFgoHcnViaWNvbhILCKqQs_nuyLI7EAUSFQoGY2FzYWxlEgsItsPF_O7IsjsQBRIXCghwdWJtYXRpYxILCMKxu4bvyLI7EAUYASABKAIyCwi28rW7hcmyOxAFOAFaB3Z3Nml5cm5gAg..
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLMZN2ZhDZWPHXrd8oPN4aCN2+sqauUYHtlSb4OqUu2lytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.media.net/ Name: data-mf
Value: 1f58e1d2-b6ac-4fdf-9767-eb316a9ca5ff~~1
.mookie1.com/ Name: syncdata_TAP
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8587
.smartadserver.com/ Name: csync
Value: 66:08862204195d2cb57cc7ebdb
.media.net/ Name: data-bs
Value: 3d0d4d83-71f7-4b3e-a84e-1433524b13d9~~1
.onetag-sys.com/ Name: OTP
Value: EF2B9BwoSqcm308TdJogu1RB9wlyds43lQR7y0L29aY
.sportradarserving.com/ Name: zuuid
Value: 2dffdbac-baa2-4c1e-a81c-e709eee665da
.sportradarserving.com/ Name: c
Value: 1671822665
pool.admedo.com/ Name: tuuid
Value: 2d75b6c6-4cd2-4071-b3af-4e4f3f402a50
pool.admedo.com/ Name: c
Value: 1671822665
pool.admedo.com/ Name: tuuid_lu
Value: 1671822665
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4902551777188804151&KRTB&23263-4902551777188804151
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004%22%7D
.prebid.a-mo.net/ Name: _sv3_11
Value: 1
.mookie1.com/ Name: syncdata_IOW
Value: 1
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.yieldmo.com/ Name: yieldmo_id
Value: g7bdff88a46edbfb7644%7C1671822666177%7C0%7C
.sportradarserving.com/ Name: zuuid_lu
Value: 1671822666
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1671822666
.servenobid.com/ Name: pid_309
Value: a_a4bfc596-cbc9-44d4-a001-2cc1aa185ae7
.ipredictive.com/ Name: cu
Value: d701e5f6-6718-45b4-85cf-c24bb18992fd|1671822666304
.33across.com/ Name: 33x_ps
Value: u%3D212062442102972%3As1%3D1671822666403%3Ats%3D1671822666403
.id5-sync.com/ Name: id5
Value: e8ab4d00-4688-7b75-a075-2b6b9397d11a#1671822665967#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.krushmedia.com/ Name: krm_usr
Value: aed2cc87-03cb-4d85-88dd-60622c503e94
.krushmedia.com/ Name: krm_r
Value: 470
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: DPSync3
Value: 1672358400%3A248_164%7C1671840000%3A174%7C1672963200%3A245_226_197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1672617600%3A63%7C1672358400%3A223_15_2%7C1672963200%3A22_8_233_179_231_71_220_3_107_56_99_234_13_214_165_21_54_204_254_7_238_176_247_96_5_209%7C1676937600%3A69%7C1673049600%3A35
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-3d0d4d83-71f7-4b3e-a84e-1433524b13d9
.quantserve.com/ Name: d
Value: EHcBFQHwJ4EO-TD9r7EA
.w55c.net/ Name: matchpubmatic
Value: 5
.go.sonobi.com/ Name: __uis
Value: ae25df34-c4a0-496f-812f-38ebd6e56f79
.media.net/ Name: data-pba
Value: ACD5CD26-AE5F-4D86-A08F-7DDC32B85D2E~~8
.rlcdn.com/ Name: rlas3
Value: fPNuyKUhbAwSwhenxHKUGaFeTVquk7d/ec/Ma3X1EKE=
.rlcdn.com/ Name: pxrc
Value: CMr6l50GEgUI6EcQAA==
.agkn.com/ Name: ab
Value: 0001%3ArjmPF1NB0DuBL4bt8uCF5JvVfwuLVw92
.mfadsrvr.com/ Name: ssh
Value: !minutemedia,1671822666!medianet,1671822665
ads.playground.xyz/ Name: connect.sid
Value: s%3AFBUe2Jo5PqteR8UkB2aT5rJ2uagStpzr.cn026n4WVTMZWR1Ed8ER%2BiYUjaVNa0jGgdv%2B5OeaSQA
.sitescout.com/ Name: ssi
Value: b646f6bb-86ce-4c5d-8d09-9c552fe616cf#1671822666899
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw&KRTB&19420-YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw&KRTB&22979-YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw&KRTB&23403-YTOFjDFk0Ix6NYLfNGbJgTYy0th6MdeLNmN93wSw
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:bk55uvAO1P8NrF5&KRTB&23421-uid:bk55uvAO1P8NrF5
.pubmatic.com/ Name: SPugT
Value: 1671822667
.tribalfusion.com/ Name: ANON_ID
Value: a1noeUMwTkU6XlyrqmkkacCEmCMdauWGPA4hZb4Fa
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8485249016830179443&KRTB&23150-8485249016830179443
.pubmatic.com/ Name: PugT
Value: 1671822667
.ads.pubmatic.com/ Name: KCCH
Value: YES
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e46199c1-06e7-4c91-83ba-6c78e18e4f68-004%22%7D
.ctnsnet.com/ Name: cid_70d3ded3992f46dc8029fef08ec1aef4
Value: 1
.ctnsnet.com/ Name: cid_f512bd2366fb4bfbb8909b18acbafc3a
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-KmLlWTCDS9lUyWUEtiRzN3RaSsU&KRTB&23334-KmLlWTCDS9lUyWUEtiRzN3RaSsU&KRTB&23417-KmLlWTCDS9lUyWUEtiRzN3RaSsU&KRTB&23426-KmLlWTCDS9lUyWUEtiRzN3RaSsU
.casalemedia.com/ Name: CMTS
Value: 4982
.prebid.a-mo.net/ Name: _sv3_4
Value: 1

20 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/9811fbfd462526f28448d6c0de16f2a7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e61fd45b784e0fa534e40e19e583b996.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/f11c028c8ff4c4e6234da3ab44f0efec.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/f38fed24d8cb62329c5de097b087556f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/64b07107d18317ea036e441884e8a233.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a193d22565cc19c48a0403096e901146.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/65a7bf5eb76453fb000c612f7f7b4ed0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e556a3c15923502b84e502da665d177b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/ff5ac374ecd3889ae6c1b4b0c85d7f73.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/508ebf13066b268877bd03893440b5bf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202112/ea11d3d7a834076444253a1c5006cddf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1671822656&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fnong-wei-hui-bu-mie-yang-dou-ming-nian-yuan-dan-qi-quan-guo-ting-da-yi-miao-10yue-sheng-ming-fei-yi-guo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822654324&bpp=14&bdt=1154&idt=1823&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6213172602284&frm=23&ife=1&pv=1&ga_vid=838217183.1671822656&ga_sid=1671822656&ga_hid=1503626652&ga_fc=0&ga_cid=amp-pehX9AjlaoJhT9qcbsBqOA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1656&biw=1600&bih=1200&isw=336&ish=280&ifk=3458580005&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1014390714682019&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptxpy3uhwl0b&btvi=1&fsb=1&dtd=1839
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2Evbm9uZy13ZWktaHVpLWJ1LW1pZS15YW5nLWRvdS1taW5nLW5pYW4teXVhbi1kYW4tcWktcXVhbi1ndW8tdGluZy1kYS15aS1taWFvLTEweXVlLXNoZW5nLW1pbmctZmVpLXlpLWd1by5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822660423&bpp=3&bdt=595&idt=379&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&nras=1&correlator=2410723168487&frm=8&ife=1&pv=2&ga_vid=459637066.1671822661&ga_sid=1671822661&ga_hid=356800596&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071220%2C44780792&oid=2&pvsid=2123180810527031&tmod=146163553&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.pxn7uwpqy68q&fsb=1&dtd=397
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671822660426&bpp=2&bdt=597&idt=404&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2410723168487&frm=8&ife=1&pv=1&ga_vid=459637066.1671822661&ga_sid=1671822661&ga_hid=356800596&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071220%2C44780792&oid=2&pvsid=2123180810527031&tmod=146163553&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.m1m12fhrwgfx&fsb=1&dtd=409
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21cf71ec9ee8ff7995fd57a080a52004.safeframe.googlesyndication.com
4b3d334961981b62d836e4f399d0d669.safeframe.googlesyndication.com
72ba63a472b23b5e7251f6aff5a23efc.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csm.as.criteo.net
csync.loopme.me
d-1132604523766099173.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
www.adtrek.co
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.servenobid.com
cm-supply-web.gammaplatform.com
cm.adform.net
core.iprom.net
cs.admanmedia.com
cs.iqzone.com
cs.minutemedia-prebid.com
match.sharethrough.com
pippio.com
prebid.a-mo.net
sync.go.sonobi.com
sync.targeting.unrulymedia.com
103.229.10.192
103.229.205.242
103.231.98.194
103.231.98.195
103.231.98.196
104.16.86.20
104.17.24.14
104.18.25.173
104.18.33.19
104.254.150.228
104.254.151.60
104.26.4.103
104.69.166.9
107.178.244.193
119.9.108.191
13.107.42.14
13.112.54.241
13.113.72.46
13.249.221.60
13.250.177.10
13.32.63.125
13.32.63.29
13.76.45.37
139.5.84.243
139.99.49.250
142.250.4.106
142.250.4.132
142.250.4.155
142.250.4.157
142.250.4.94
142.250.4.97
142.251.10.132
142.251.12.100
145.40.88.5
146.0.227.110
150.136.26.45
151.101.193.108
151.101.66.49
152.199.39.108
162.19.138.117
172.217.194.148
172.217.194.157
172.253.118.95
172.64.151.162
172.64.154.237
172.67.72.16
174.137.133.49
176.34.191.255
18.138.18.111
18.158.185.48
18.161.216.87
18.176.102.168
18.179.187.167
18.180.45.155
18.66.248.39
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.25.248.23
185.183.112.148
185.184.8.90
185.84.60.23
198.8.71.130
20.127.253.7
202.232.238.37
202.241.208.54
203.195.121.142
204.79.197.200
209.191.163.208
209.58.188.181
220.150.223.50
23.106.127.39
23.106.127.52
23.106.127.53
23.106.69.73
23.207.180.23
23.207.181.47
23.44.0.196
23.9.185.218
3.1.116.111
3.1.14.27
3.104.150.39
3.233.146.122
3.234.66.158
34.102.253.54
34.107.148.139
34.111.151.213
35.174.181.179
35.186.193.173
35.190.60.146
35.208.249.213
35.213.117.18
35.213.12.39
35.213.93.179
35.214.223.115
35.227.202.26
35.244.159.8
35.247.47.28
35.71.131.137
35.71.178.8
42.99.140.161
42.99.140.201
50.116.239.135
52.221.110.82
52.25.196.209
52.46.155.104
52.55.14.74
52.74.13.196
52.76.76.143
52.77.12.199
52.94.223.167
54.179.76.98
54.209.56.33
54.235.189.154
54.254.55.187
54.65.181.45
54.68.229.26
54.95.216.232
64.120.88.131
66.225.223.159
67.199.150.82
67.202.105.23
69.16.175.10
69.173.144.165
69.173.151.100
69.173.158.64
69.173.158.65
70.42.32.127
72.34.250.75
74.118.186.44
74.125.24.157
74.125.24.94
74.125.68.155
74.214.196.131
8.2.110.134
8.3.3.8
84.17.37.44
89.207.22.105
98.98.134.243
99.86.20.78
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
011c9f954597c8443845dd193bf7ce5eb694e36f3e46e2f23ba044c7851356e1
0162f5c2c04c2e3e06776a78e5722f4e869c308ae20d53ef91727b71b75c6783
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
04d04f0a5ea44e5c6e9a2be97dd68c1197349ba9f73e95333d6928a3818eb1f4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
066bd0ab3f03c6733036391e59f227c04a34bfb54adcc5f3c2462cde9432e4f3
06d0069e32e2c76e4461b6041eeff73b67715f095fa4d052bd7be6e48bd54042
070cacee7984313ea2a9fd4f8d55cf6c819e14781ff875d36cec31055e85511b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b0d03f54ac0ff7dfed8bebc68b9aec035c0493764a7e598160635fa702dccfa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49
0e4eaeda131fe5d348aff603a01dd4102a403c9953177bebda06d586e885db0d
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
0f8d5c432cb8c01f6ac3f2ca1b76d68ebd6cbc4c99ce038abd6e1111121e6f03
14a1b91903b8e949aa724043c8134db57a8fe9a05a6e771622e7aaa2a259f67f
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
17ad2ba9644dc2e2245219e384abf35638308374aad83151d64b9af2cd0d7e7d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1b05cef9b2e3cbb81e8b3c1fa19d6dcf4b7c88efd93ba552328e55679b7710b1
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b4d3e92c5cace200914094bd198f6dd1459847aeecd1f78407736385f171590
1ba1f130b2311510bb4fd92b3b0989dda33c1687632cbc34ac5d8fbe33a0e922
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1cb4fa3a613558a6b7c1934faaa07718877ee23bc2293cef1c8ab0dc5ddbca91
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e49d0cd3de328d065fdcb85760f40558e26350a59177910ff65ec429d27b558
2012105ac978c62e575894c1199358b7f7c1e34cf337780596ee119520a1f6a0
21295c187205746a49fa6654b6bff00a75127e2c58d51a5432802c03ec09632b
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
2400797e6cdc3aa0e87ecfcf346be3ddf2179ec973448a82a260c562061a7c0a
2481a441a4160a00cbe5fc21e2f0ca113d175f74458268b9a9816c11de9f3338
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2745b54787779a3105c5cf942f1d59297b7b311c1ff82fc7cd111aadbdf2204c
277538eb2369d9d6d75a947bd6ed5b16e38cab9056dd4cb1cdd9827e6f5841bc
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321b3e630cd5162192ca9753f956dda11f61aba3f45c8265d4604e41257c60a7
330c3d58f45f0f4881b919b21e8d52b64b771cea5c8a6e7a3bb4242a48890b43
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37f6ae60595a0d47a07f29de8025c7f9023ede6b23230df0af72a9698c7ca849
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
39285f03b342bdea0176e85d768cda56fd729b662eb6dd7434aaaa7db0e8e39e
3b1aa53419f55a91e749bf5a571ec8ff26f81bad0c3056fe380e237e081e4c09
3b695510fe97d18b473233ec9cb4f377ea41749b4d61cca7f840ab4ad2c02672
3b7e37aae5408b90e5f52a212fea523de51697f3e2532d7d687dd5e409cb5419
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
416464778048f47e9b1a1b76e793e27b180af754f50095b0fe9a8b00d69f8dfb
4168b82173ee871261a5edc235b2ea975443158831c37b0df791078d5c2a5d63
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4502750abe083fa7a911d75e5a6f83a199469c0438786bb2abd951e758561a3b
457286a1e316aabd1e27f835fbbb1d08c1c8d97e07cc837bc82c50af95cb54f6
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
46eaca8feeaefa95329b8fa1ad2f534bab954d61d9fd2b2eca99862694c730d4
47615049f5f0592554f49d2fc2810b036dec70f4fd0d4f4492cc5f50e718e604
47b91d73b2493b07a7f73e4e4fa0f8816450eb1199855102c9fe689dd3af40ec
47bc8c6022c30b4d59914893790af49f7c00436c7e9b5e0694b78e52977b4e6a
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cb83248a41a49185737b37c0bf29dd0e1ad95b2b902a31664ed0ea7a076d65
4953b6df98b0150cde8923d06dd202e9ec5fd9e37007ba99210f676fda12ea9c
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0d5e5e64ae4f984d3b862c6989277c01d12e8c70fc20fd4ad666a6ea3a5ebe
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5290e4d5773ed01be64940bcd1a9ff70ae09122c0af373bd12d47c83c3606a34
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ab1b0a057d2bd20012562459bc3bad3b1ca065f4a566cf988fa180ef5f78513
5e6f7e6b2e2ea0de9d3f380e7abf8e1b8340ca652c0f83f05e15f864237d5f64
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
649af3554cc38e3eaee5060f1d710ffb62717a0983e8f745d030e3764ab2f113
65e9b0e1f6bbfef0d60d8e35626cce51780af138794fc255930886c7d86463f4
66009e608de3ff4f950fa50020d3b3efc62b0051e2f3f69c764f5bf21ce0d029
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6716721517a253dc71068ecb8ef1b78e0a3b24a4598a46b7772045e9df0da96f
67ad5d1cae6d7b82fe6ba4008533dd6cf753d57af7cfc5d2a0aae08de058756d
6a72f7af5f417414991daeecc3325d1b5b2919edf90cf28c01ff3097e3abfbfb
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6cd9fbfb40522161db11cfdb95d9368da9ce688bf3ec81d762f0e80be60b648d
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74a728f3606e8e792cd0959126c33a0d15aa2c047e20efc083aecf408ee16fce
76026170472fbc7288cccbe2866a01a523546553c6c0720a680be8c9a86a7a54
7b803ad1dd4b7e46b45dfa6f3cdf42053ae31b0ca7e1ed7cc71ed2d098324ebd
7cf66eac17a30792170003ea6bd75ec2e1f41053bbd3997a18e081f1ace57ab2
7e55a281b9adb67b4a4873a1ef969218f6fab211ca95276746864e7bf4b7ba0c
804f3a8016e85a6d2b7804110d6343dd62b3ea82b75ad47935cda8ded9d1a855
807fc9e37ab679d6c64049ec21baebcd62decf83c3c64571aca65c209335f770
81a380442b17611f210e62cf025583f9109499681732a7fc2bf4258c8a60937d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84431b09673903e5a29eb60e990cba3993be8d86653aa00f29b452c0a9ae36ae
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
87752c29ca04281ba59e1451edceda2a01179744538a4fbc4c6c4144de98bddc
87e708d4895549290624cdda1268bba48ae78ab289a955f39b2adf8d54fdf5fc
889c8dd97d82a778b37300d54b338cd093040b2aacc208df8b2c4f5896bde98e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473
8b12d0784231c48f9c1b14c103b42ae6f48de739c600c308bdb920dde106a731
8c1f85ae6e0a5dd802e30dd00c9b7c0987ad51c5263b5f7be69a5a67767613bc
8cb9da1fc81dfbe95c1c600707c7c883ed5bf6bad1990ef33f4885c43089c2ff
8d35b84cf45a3f97f9965f52fb916fd68203984a3a4dfd697d60fe63bc48a637
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
908621395b7eb80c47e4db4d95a020ecbf7679b089ff1daa6d071f538fe9b941
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91199cb5793fd5ef3d27ece0eee46c7966cc41d4dc997ea81918db1948876306
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92d2e166aa495910bfad5ff12a4f03f8a8f063e504bb8fdaad8c9f61374df25e
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aac43007a50c3ebba3adcf81f6d8e46af67203a6338e8eb169557ac7ee404fd4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae441eebc6e80ecb695ca7331009b72a5e0970d9a25e21e5cd5f075eb8d9bec3
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b196591de27fa054b52f1a9a310fa27b1d1b71beaf99030e24361378a87826ed
b34bada35719d05dfd2186eca5611db1ee1ab052207a7d008fd0a0a47e40bffc
b5f78b0fb5d317c876a6708c5b12ee62d82058a57bd1bf36e1caab1717849b2d
b8a6d3554038ea2506a3eb8a0fed74e3325692ebf677eabadf295e4b8833c5dd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc729d2d22db6d55e5ecef95ea6c2d7220cf6b8e10a6002d7c34761321cb7d70
c036d0a0c042c04b1caf869bb1b4f357b9abb47479fb08a697fdff743c49647d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c72b9b76dd2dbdf7a9faf8f1f8775d0f1f3dffde8158be509483d4c8fb65bff4
c8c525c55cf82a2b7abf6fbfb179c7b8c21f0ae7efef5ddc53372422440444ee
c8f527a5ca341ca08eccbd601c2070bad6453df8387b58893c54c1faf0735c20
c9479f553efe22b49d84cbe56916e43e18a9681728ae30cd6ee79f80ec55ff65
d2961a246d362f458d3a5bc87dbe1dfab9afc77e71518468c763e666171d73ee
d3a8e56a23194475a4a9e63cea4ccbb596db7d72c2e9fc4449e71ff513425aef
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d890adb2cee66d5527d37756a7c31451767903ffcc0f7063cb923043db885c25
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428c3064b0321610652c2d3ded381e90372f0b2e4f3b9051f40a6e33dca4a2b
e467e4cdae1c8061b60e972cba2cf4c0e025ad75057d069e91bc8b820e0d629a
e70d35e1737bf13c05cb1b5137e47fc2fa98509970f3aa1e352be20217ca7cd6
e75889361bb32ab159d74985967ad3b69037e95c8b53cd42284682a2c255fb9a
e78cdcfdc106dabf4e1c675984596d399eba5487fc28364bc5a493e755bfaeca
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e0e3aedef1c382d8c85a95c9c68f9b061b254ac659363a6020f108a240c9ac
f5602630189c2f10568735af7608db931b179377c0ace7ed7e2e333a28c9d061
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69190c3a9d93bd3e7c6910f9c036ce5d4b858ef0634d427af9153715f812e81
f7539264b1d71b6041ec467c1bb92211b8780bfe5f5eb79a98b0645b5d9685f0
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8e1c6ee3611482a602b564e35f4b8feceb0c7859b0375a9c90aea302aaf2f36
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e