urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Submission: On December 30 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 12 countries across 113 domains to perform 597 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 54371.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 142.251.10.132 15169 (GOOGLE)
47 142.251.10.157 15169 (GOOGLE)
1 3 209.58.188.181 133752 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
2 19 142.251.12.156 15169 (GOOGLE)
15 172.67.72.16 13335 (CLOUDFLAR...)
3 64.120.88.131 133752 (LEASEWEB-...)
2 69.16.175.42 20446 (STACKPATH...)
3 74.125.68.154 15169 (GOOGLE)
4 74.125.24.154 15169 (GOOGLE)
9 142.250.4.157 15169 (GOOGLE)
14 74.125.24.156 15169 (GOOGLE)
2 142.250.4.97 15169 (GOOGLE)
3 74.125.68.101 15169 (GOOGLE)
1 142.250.4.94 15169 (GOOGLE)
2 13.33.33.118 16509 (AMAZON-02)
8 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
33 74.125.24.132 15169 (GOOGLE)
4 182.161.74.19 55569 (CRITEO-AS...)
4 182.161.73.148 55569 (CRITEO-AS...)
1 12 142.251.12.99 15169 (GOOGLE)
6 172.217.194.156 15169 (GOOGLE)
3 6 103.229.10.247 16509 (AMAZON-02)
3 3 34.83.125.63 396982 (GOOGLE-CL...)
13 48 142.250.4.154 15169 (GOOGLE)
2 2 18.176.5.180 16509 (AMAZON-02)
3 3 124.146.215.50 2514 (INFOSPHER...)
1 202.241.208.4 4694 (IDCF IDC ...)
4 10 172.64.154.237 13335 (CLOUDFLAR...)
8 10 52.74.13.196 16509 (AMAZON-02)
13 15 35.213.12.39 15169 (GOOGLE)
4 4 18.138.91.242 16509 (AMAZON-02)
2 3 35.186.193.173 15169 (GOOGLE)
8 8 64.74.236.127 22075 (AS-OUTBRAIN)
1 1 13.33.88.107 16509 (AMAZON-02)
7 38 139.99.49.250 16276 (OVH)
2 2 52.76.217.175 16509 (AMAZON-02)
1 35.213.109.249 15169 (GOOGLE)
38 182.161.73.129 55569 (CRITEO-AS...)
4 182.161.73.132 55569 (CRITEO-AS...)
3 104.17.24.14 13335 (CLOUDFLAR...)
21 182.161.73.135 55569 (CRITEO-AS...)
8 182.161.73.142 55569 (CRITEO-AS...)
1 151.101.65.229 54113 (FASTLY)
1 13.251.111.79 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
1 23.50.119.72 16625 (AKAMAI-AS)
8 35.244.159.8 15169 (GOOGLE)
12 15 104.254.151.60 29990 (ASN-APPNEX)
1 54.69.44.22 16509 (AMAZON-02)
1 2 145.40.88.5 54825 (PACKET)
1 35.213.117.18 15169 (GOOGLE)
1 34.107.148.139 396982 (GOOGLE-CL...)
12 54.154.5.50 16509 (AMAZON-02)
2 18.180.33.210 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
2 104.18.33.19 13335 (CLOUDFLAR...)
1 3.233.146.44 14618 (AMAZON-AES)
1 13.33.33.127 16509 (AMAZON-02)
1 18.155.70.32 16509 (AMAZON-02)
1 139.5.86.127 27381 (CASALE-MEDIA)
10 10 103.229.206.241 30419 (MEDIAMATH...)
1 3 104.18.25.173 13335 (CLOUDFLAR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
6 6 35.227.202.26 15169 (GOOGLE)
4 5 107.178.244.193 15169 (GOOGLE)
2 2 18.155.68.53 16509 (AMAZON-02)
5 5 185.84.60.30 198622 (ADFORM)
4 4 35.174.181.179 14618 (AMAZON-AES)
6 6 174.137.133.49 27257 (WEBAIR-IN...)
5 8 18.140.36.219 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 8 209.54.182.161 16509 (AMAZON-02)
1 17 139.5.84.243 27381 (CASALE-MEDIA)
16 17 3.33.220.150 16509 (AMAZON-02)
5 5 151.101.130.49 54113 (FASTLY)
3 172.64.151.162 13335 (CLOUDFLAR...)
1 74.125.24.95 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
1 18.65.39.15 16509 (AMAZON-02)
12 23.50.118.44 16625 (AKAMAI-AS)
4 14 23.44.27.86 16625 (AKAMAI-AS)
4 11 35.71.178.8 16509 (AMAZON-02)
1 184.31.28.198 16625 (AKAMAI-AS)
1 142.251.12.94 15169 (GOOGLE)
4 4 50.116.239.135 6336 (TURN-US-ASN)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
2 2 13.33.88.71 16509 (AMAZON-02)
1 3 69.173.144.139 26667 (RUBICONPR...)
7 13 69.173.158.64 26667 (RUBICONPR...)
1 3 23.106.127.52 59253 (LEASEWEB-...)
2 4 35.190.60.146 15169 (GOOGLE)
16 18 103.231.98.197 62713 (AS-PUBMATIC)
5 5 13.113.72.46 16509 (AMAZON-02)
1 46.137.233.19 16509 (AMAZON-02)
3 3 23.207.185.68 16625 (AKAMAI-AS)
2 2 198.8.71.131 ()
4 184.31.28.212 16625 (AKAMAI-AS)
13 14 74.118.186.45 26120 (RHYTHMONE)
22 13.112.54.241 ()
2 184.50.20.24 16625 (AKAMAI-AS)
2 2 182.161.73.146 55569 (CRITEO-AS...)
4 4 3.127.206.75 ()
1 3 13.107.42.14 8068 (MICROSOFT...)
2 2 35.213.93.179 15169 (GOOGLE)
1 204.79.197.200 8068 (MICROSOFT...)
1 13.113.27.164 16509 (AMAZON-02)
2 3 23.106.127.38 59253 (LEASEWEB-...)
1 13.33.88.40 16509 (AMAZON-02)
2 2 209.191.163.210 14744 (INTERNAP-...)
3 4 209.191.163.208 32475 (SINGLEHOP...)
1 52.95.118.179 ()
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 35.214.223.115 15169 (GOOGLE)
1 1 185.183.112.148 60350 (VP)
5 5 67.199.150.86 ()
1 35.74.106.211 ()
1 103.231.98.196 62713 (AS-PUBMATIC)
2 2 74.214.196.131 ()
1 1 34.193.12.44 ()
1 129.80.94.115 ()
1 169.197.150.8 ()
2 2 13.251.231.199 ()
1 1 20.127.253.7 ()
2 2 162.19.138.117 ()
1 54.209.56.33 ()
1 1 80.77.87.163 ()
2 2 185.184.8.90 ()
3 23.106.127.53 ()
2 2 8.43.72.97 ()
15 35.174.148.180 ()
1 1 18.140.14.246 ()
1 1 8.2.110.134 ()
1 1 67.202.105.22 ()
2 2 203.195.121.142 ()
9 12 103.231.98.194 ()
1 1 18.138.18.111 ()
1 220.150.223.50 ()
1 18.179.187.167 ()
1 52.74.118.249 ()
1 195.5.165.20 ()
1 2 3.0.14.222 ()
1 2 119.9.108.180 ()
2 67.199.150.85 ()
597 109
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
b42aaf6a07e9ee7ac6737a1c2d04fe62.safeframe.googlesyndication.com
9fb94f345e7c082e57f78cb003f3d3b0.safeframe.googlesyndication.com
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
47    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
pagead2.googlesyndication.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
ads.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
19    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
15    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
3    74.125.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f154.1e100.net
partner.googleadservices.com
4    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
adservice.google.co.nz
9    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
adservice.google.com
14    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
securepubads.g.doubleclick.net
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
3    74.125.68.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f101.1e100.net
www.google-analytics.com
1    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
d-22684713342858665507.ampproject.net
2    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
adx.holmesmind.com
8    13.76.45.37 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
33    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
4    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
4    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
12    142.251.12.99 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f99.1e100.net
www.google.com
6    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
www.googletagservices.com
6    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
secure.quantserve.com
pixel.quantserve.com
3    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
48    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
cm.g.doubleclick.net
2    18.176.5.180 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-5-180.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
3    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    202.241.208.4 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
gdn.socdm.com
10    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
10    52.74.13.196 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
15    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
4    18.138.91.242 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-91-242.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
8    64.74.236.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    13.33.88.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-107.sin2.r.cloudfront.net
s.ad.smaato.net
38    139.99.49.250 (Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
2    52.76.217.175 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-217-175.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
38    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
4    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
21    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
8    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    13.251.111.79 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-111-79.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    23.50.119.72 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-119-72.deploy.static.akamaitechnologies.com
a.teads.tv
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
15    104.254.151.60 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    54.69.44.22 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-44-22.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
2    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
12    54.154.5.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    18.180.33.210 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-33-210.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    3.233.146.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-44.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
1    13.33.33.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-127.sin2.r.cloudfront.net
rules.quantcount.com
1    18.155.70.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-70-32.sin52.r.cloudfront.net
d2849lw36e7cot.cloudfront.net
1    139.5.86.127 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5317.casalemedia.com
10    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
6    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
5    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
2    18.155.68.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-53.sin52.r.cloudfront.net
aa.agkn.com
5    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    35.174.181.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-181-179.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
8    18.140.36.219 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-36-219.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
8    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
17    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
17    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    18.65.39.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-15.ams1.r.cloudfront.net
public.servenobid.com
12    23.50.118.44 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-118-44.deploy.static.akamaitechnologies.com
contextual.media.net
14    23.44.27.86 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-27-86.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
11    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    184.31.28.198 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-28-198.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
2    13.33.88.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net
cr-p3.ladsp.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
13    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    23.106.127.52 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
18    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    13.113.72.46 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-72-46.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    46.137.233.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-233-19.ap-southeast-1.compute.amazonaws.com
d.adroll.com
3    23.207.185.68 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-185-68.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
4    184.31.28.212 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-28-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    74.118.186.45 (Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
22    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
2    184.50.20.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-20-24.deploy.static.akamaitechnologies.com
cs.media.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
4    3.127.206.75 (None, )

ASN- ()
rtb.mfadsrvr.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    13.113.27.164 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-27-164.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
3    23.106.127.38 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
1    13.33.88.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-40.sin2.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
2    209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
4    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    52.95.118.179 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
5    67.199.150.86 (None, )

ASN- ()
image2.pubmatic.com
1    35.74.106.211 (None, )

ASN- ()
sync.ad-stir.com
1    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    34.193.12.44 (None, )

ASN- ()
sync.ipredictive.com
1    129.80.94.115 (None, )

ASN- ()
sync.technoratimedia.com
1    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
2    13.251.231.199 (None, )

ASN- ()
ad.360yield.com
1    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
2    162.19.138.117 (None, )

ASN- ()
id5-sync.com
1    54.209.56.33 (None, )

ASN- ()
cs.emxdgt.com
1    80.77.87.163 (None, )

ASN- ()
cs.admanmedia.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
3    23.106.127.53 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
15    35.174.148.180 (None, )

ASN- ()
cs.minutemedia-prebid.com
1    18.140.14.246 (None, )

ASN- ()
match.sharethrough.com
1    8.2.110.134 (None, )

ASN- ()
cs.krushmedia.com
1    67.202.105.22 (None, )

ASN- ()
ssc-cms.33across.com
2    203.195.121.142 (None, )

ASN- ()
ads.betweendigital.com
12    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    220.150.223.50 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    18.179.187.167 (None, )

ASN- ()
dps.jp.cinarra.com
1    52.74.118.249 (None, )

ASN- ()
cm.adgrx.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    3.0.14.222 (None, )

ASN- ()
sync.crwdcntrl.net
2    119.9.108.180 (None, )

ASN- ()
uipglob.semasio.net
2    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
85 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
b42aaf6a07e9ee7ac6737a1c2d04fe62.safeframe.googlesyndication.com
9fb94f345e7c082e57f78cb003f3d3b0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
1 MB
77 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
557 KB
67 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
pix.as.criteo.net — Cisco Umbrella Rank: 10234
csm.as.criteo.net — Cisco Umbrella Rank: 9735
613 KB
42 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 933
ads.pubmatic.com — Cisco Umbrella Rank: 741
image2.pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 996
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
41 KB
38 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
16 KB
35 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1381
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
eus.rubiconproject.com — Cisco Umbrella Rank: 832
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2966
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1267
token.rubiconproject.com — Cisco Umbrella Rank: 858
pixel-us-east.rubiconproject.com
67 KB
30 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690
htlb.casalemedia.com — Cisco Umbrella Rank: 760
a5317.casalemedia.com — Cisco Umbrella Rank: 404999
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843
dsum.casalemedia.com — Cisco Umbrella Rank: 2369
28 KB
23 gumgum.com
usersync.gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2287
7 KB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
5 KB
18 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
8 KB
18 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 13019
ads.as.criteo.com — Cisco Umbrella Rank: 9458
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 10102
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 446
dis.criteo.com — Cisco Umbrella Rank: 903
193 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
9 KB
16 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5390
cs.minutemedia-prebid.com
9 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
acdn.adnxs.com — Cisco Umbrella Rank: 872
secure.adnxs.com — Cisco Umbrella Rank: 670
32 KB
16 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
grid.bidswitch.net — Cisco Umbrella Rank: 1377
7 KB
16 bg3.co
www.bg3.co — Cisco Umbrella Rank: 54371
static.bg3.co
18 KB
15 media.net
prebid.media.net — Cisco Umbrella Rank: 1875
contextual.media.net — Cisco Umbrella Rank: 788
cs.media.net — Cisco Umbrella Rank: 2232
19 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15457
e3.adpushup.com — Cisco Umbrella Rank: 17049
campaign.adpushup.com — Cisco Umbrella Rank: 47244
238 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2958
public.servenobid.com — Cisco Umbrella Rank: 5816
8 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 16201
u.openx.net — Cisco Umbrella Rank: 983
us-u.openx.net — Cisco Umbrella Rank: 698
jp-u.openx.net — Cisco Umbrella Rank: 6508
3 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 817
eb2.3lift.com — Cisco Umbrella Rank: 497
5 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 330
225 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
6 KB
10 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 679
6 KB
9 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2703
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085
rtb-csync.smartadserver.com
3 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
aax-eu.amazon-adsystem.com
5 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 775
5 KB
8 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 59899
2 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1325
ap.lijit.com — Cisco Umbrella Rank: 866
3 KB
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1570
866 B
6 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1004
secure.quantserve.com — Cisco Umbrella Rank: 1458
pixel.quantserve.com — Cisco Umbrella Rank: 985
12 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
281 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27676
sync.aralego.com — Cisco Umbrella Rank: 4367
4 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 814
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 918
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 871
cm.adform.net Failed
3 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 674
956 B
4 mfadsrvr.com
rtb.mfadsrvr.com
3 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 926
570 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
2 KB
4 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6315
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1172
3 KB
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1130
gdn.socdm.com — Cisco Umbrella Rank: 38271
4 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 11232
47 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
1 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 838
2 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 980
cdn.indexww.com — Cisco Umbrella Rank: 2921
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
15 KB
3 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5807
739 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1282
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
519 B
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
890 B
2 semasio.net
uipglob.semasio.net
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
856 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 creativecdn.com
creativecdn.com
701 B
2 id5-sync.com
id5-sync.com
3 KB
2 360yield.com
ad.360yield.com
623 B
2 contextweb.com
bh.contextweb.com
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1202
466 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3322
969 B
2 rfihub.com
p.rfihub.com
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 17090
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2193
15 B
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7600
1 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 762
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1256
795 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 893
786 B
2 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 16233
652 B
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 365810
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 21367
10 KB
1 iprom.net
core.iprom.net
279 B
1 adgrx.com
cm.adgrx.com
230 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 ambientdsp.com
cm.ambientdsp.com
652 B
1 33across.com
ssc-cms.33across.com
501 B
1 krushmedia.com
cs.krushmedia.com
573 B
1 sharethrough.com
match.sharethrough.com
238 B
1 admanmedia.com
cs.admanmedia.com
660 B
1 emxdgt.com
cs.emxdgt.com
67 B
1 inmobi.com
sync.inmobi.com
619 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 ad-stir.com
sync.ad-stir.com
355 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1938
667 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3635
419 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 444
666 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2169
181 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
1 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3008
173 B
1 cloudfront.net
d2849lw36e7cot.cloudfront.net
43 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1277
633 B
1 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 11108
234 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4327
518 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1583
502 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
1 KB
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 5383
218 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 914
720 B
1 ampproject.net
d-22684713342858665507.ampproject.net
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
597 113
Domain Requested by
48 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
www.bg3.co
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
47 pagead2.googlesyndication.com www.bg3.co
pagead2.googlesyndication.com
cdn.ampproject.org
ads.aralego.com
cdn.aralego.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.googletagservices.com
cdn.adpushup.com
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
d2849lw36e7cot.cloudfront.net
38 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
www.bg3.co
38 onetag-sys.com 7 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
33 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
22 usersync.gumgum.com contextual.media.net
public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
21 pix.as.criteo.net ads.as.criteo.com
18 image8.pubmatic.com 16 redirects onetag-sys.com
cs-rtb.minutemedia-prebid.com
17 match.adsrvr.org 16 redirects cdn.adpushup.com
17 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
15 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
onetag-sys.com
eus.rubiconproject.com
15 x.bidswitch.net 13 redirects onetag-sys.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
15 static.bg3.co www.bg3.co
15 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
cdn.adpushup.com
d2849lw36e7cot.cloudfront.net
14 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
d2849lw36e7cot.cloudfront.net
12 simage2.pubmatic.com 9 redirects ads.pubmatic.com
12 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
12 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
ssbsync.smartadserver.com
eus.rubiconproject.com
cs-rtb.minutemedia-prebid.com
12 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
11 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
11 ib.adnxs.com 8 redirects cdn.adpushup.com
acdn.adnxs.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
pagead2.googlesyndication.com
10 sync.1rx.io 10 redirects cs-rtb.minutemedia-prebid.com
10 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
10 sync.mathtag.com 10 redirects
10 ups.analytics.yahoo.com 8 redirects onetag-sys.com
9 pixel.rubiconproject.com 3 redirects onetag-sys.com
www.bg3.co
9 ssum-sec.casalemedia.com 4 redirects www.bg3.co
ssum-sec.casalemedia.com
js-sec.indexww.com
public.servenobid.com
9 adservice.google.com pagead2.googlesyndication.com
cdn.ampproject.org
securepubads.g.doubleclick.net
8 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
onetag-sys.com
eb2.3lift.com
www.bg3.co
8 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
8 csm.as.criteo.net ads.as.criteo.com
8 b1sync.zemanta.com 8 redirects
8 e3.adpushup.com www.bg3.co
8 adservice.google.co.nz pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 odr.mookie1.com 6 redirects
6 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
5 image2.pubmatic.com 5 redirects
5 match.prod.bidr.io 5 redirects
5 us-u.openx.net 2 redirects u.openx.net
5 sync-tm.everesttech.net 5 redirects
5 c1.adform.net 5 redirects
5 pixel.tapad.com 4 redirects ads.pubmatic.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 token.rubiconproject.com 4 redirects
4 ap.lijit.com 3 redirects public.servenobid.com
4 rtb.mfadsrvr.com 4 redirects
4 sync.targeting.unrulymedia.com 3 redirects ads.pubmatic.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 secure-assets.rubiconproject.com 4 redirects
4 secure.adnxs.com 4 redirects
4 id.rlcdn.com 2 redirects onetag-sys.com
4 ad.turn.com 4 redirects
4 rtb2-useast.e-volution.ai 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 adpushup-d.openx.net cdn.adpushup.com
4 cat.sg1.as.criteo.com ads.as.criteo.com
4 pm.w55c.net 4 redirects
4 cms.quantserve.com 3 redirects googleads.g.doubleclick.net
4 ads.as.criteo.com googleads.g.doubleclick.net
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
4 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 px.ads.linkedin.com 1 redirects eb2.3lift.com
www.bg3.co
3 stags.bluekai.com 3 redirects
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdnjs.cloudflare.com ads.as.criteo.com
3 ipac.ctnsnet.com 2 redirects ads.pubmatic.com
3 tg.socdm.com 3 redirects
3 um.simpli.fi 3 redirects
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 creativecdn.com 2 redirects
2 id5-sync.com 2 redirects ssbsync.smartadserver.com
2 ad.360yield.com 2 redirects cs-rtb.minutemedia-prebid.com
2 bh.contextweb.com 2 redirects
2 csync.loopme.me 2 redirects
2 ce.lijit.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 dis.criteo.com 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 js-sec.indexww.com ssum-sec.casalemedia.com
cdn.adpushup.com
2 i.clean.gg d2849lw36e7cot.cloudfront.net
2 dsp.adkernel.com 2 redirects
2 aa.agkn.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 ads.yieldmo.com 2 redirects
2 v9999.adv.admeme.net 2 redirects
2 adx.holmesmind.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 match.sharethrough.com 1 redirects
1 cs.admanmedia.com 1 redirects cs-rtb.minutemedia-prebid.com
1 cs.emxdgt.com g2.gumgum.com
1 sync.inmobi.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 sync.ad-stir.com onetag-sys.com
1 sync.adotmob.com 1 redirects
1 s.company-target.com 1 redirects
1 aax-eu.amazon-adsystem.com www.bg3.co
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 fonts.gstatic.com fonts.googleapis.com
1 acdn.adnxs.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
1 public.servenobid.com cdn.adpushup.com
1 fonts.googleapis.com cdnjs.cloudflare.com
1 tr.blismedia.com 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
1 s.tribalfusion.com 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 a5317.casalemedia.com cdn.adpushup.com
1 d2849lw36e7cot.cloudfront.net cdn.adpushup.com
1 rules.quantcount.com secure.quantserve.com
1 http-intake.logs.datadoghq.com cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 y.one.impact-ad.jp googleads.g.doubleclick.net
1 s.ad.smaato.net 1 redirects
1 gdn.socdm.com googleads.g.doubleclick.net
1 9fb94f345e7c082e57f78cb003f3d3b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 campaign.adpushup.com www.bg3.co
1 b42aaf6a07e9ee7ac6737a1c2d04fe62.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-22684713342858665507.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 cm.adform.net Failed cs-rtb.minutemedia-prebid.com
0 sync.outbrain.com Failed g2.gumgum.com
0 cs.iqzone.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 sync.go.sonobi.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
597 171

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-24 -
2023-03-26		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-20 -
2023-03-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-21		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.logs.datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-26 -
2023-04-26		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2022-12-01 -
2023-03-01		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
cs.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh

This page contains 96 frames:

Primary Page: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Frame ID: EA54B674D7465E937723C93C7E5494A0
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: A94D00F625C06CB15829929C917FBA24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0FAF32D53A6606CAFA1AFFB8972B6C33
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3C2EC644BC39B77FBBF9F0699C3153DD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1672392505&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392504417&bpp=4&bdt=1271&idt=1531&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4854653267089&frm=20&pv=2&ga_vid=530218868.1672392506&ga_sid=1672392506&ga_hid=272360328&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071269%2C44780792&oid=2&pvsid=2647320976429856&tmod=67124949&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1555
Frame ID: 452C0ABE6E076E001E6D878827AB012F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8DB1FD1E41F7F5345985F2201E26AAE8
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 7C8A1A43F33B39341EC5A828138F0D1E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Frame ID: 342B263021929B75EE61E18F267A36D6
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: F7870ADD11F918E60AF1903434854067
Requests: 8 HTTP requests in this frame

Frame: https://b42aaf6a07e9ee7ac6737a1c2d04fe62.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D1CF58A55CF049ABC1C5ECEF32817615
Requests: 1 HTTP requests in this frame

Frame: https://9fb94f345e7c082e57f78cb003f3d3b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 74D3B55E4669B0C97F69CE5F99F9A9DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 60C6EFD3F3FFE195A990EA91D531245B
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 2BCAAA3E0097E7516E1894F5632CFEF1
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D9AB403D31BDEE2FFF3ACDA80780868A
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Frame ID: 648F1D7A7C1A5A93648F24C7E096212C
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F1C50CF3FCC594E7CFE99C51CD7E08A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF77B96182235DFEBEAECB7B66F4F9F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E895676524A2508A99516ACC9C27AA84
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: 9595B6ED33431FDEF788BC2C9BA2125C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E8C2BF601C95881BC24645018775D917
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 976E33B63B1BEE9AD56C6E7622CBD8B9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520749&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392511519&bpp=4&bdt=540&idt=410&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&nras=1&correlator=7893217242726&frm=8&ife=1&pv=2&ga_vid=1872464899.1672392512&ga_sid=1672392512&ga_hid=1137247931&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166%2C31070202%2C31071220%2C44779793%2C44780792&oid=2&pvsid=1047411241418837&tmod=1318328584&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.bl1gmrhpzn7f&fsb=1&dtd=426
Frame ID: 8C90E87410EF0248D56DD58415D9FA07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093737&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392511523&bpp=1&bdt=544&idt=432&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7893217242726&frm=8&ife=1&pv=1&ga_vid=1872464899.1672392512&ga_sid=1672392512&ga_hid=1137247931&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166%2C31070202%2C31071220%2C44779793%2C44780792&oid=2&pvsid=1047411241418837&tmod=1318328584&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.oqzlz24tu6ic&fsb=1&dtd=437
Frame ID: A9A4DA8BAAEA9574CBF9D0FADA5C0574
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 29BEE10853B7498E675B0A0D889194C5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FFE7D008909FD38929E271EAAF332FE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D711F304DD9DD623F0A17CE28A5C4ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 42E38B9C3C85BD38D7CC9E7B876471EF
Requests: 2 HTTP requests in this frame

Frame: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E94080670C04C1299B0D90D8D75B840
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71204BE5F79F3B5B4C71F4675ABBE0A1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 43281FA3485C552A1EF032AD7A0893DF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7BC7D7A2E412CBF7DAFC7C43E3D3B00E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A45D719BE9C64B38DD63C88376BF74DB
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiebSduMSU4IVVrrs5C4R5hUrzLjzyPElp0PABnJ4KGbihzTeEajnkcjwNSbS1OAjBqy_SKNACiIM85zAcfqg1hHPL0QFObiX1pmSRMKpJNf8FyfSzzVLwAW5A7bGtrkFYF_4RC6p2LuQKgkPqpYsHeu_G0xyxHYFsCbuAwaecrReSU79McyBKFfquqK-r7IYSmrkeA1x-SH3KOwiSRxOWucBhjgv3X18dyYGAVkiGkN5geNLBfyUmN-NLZXn9hAbGKmsly7pbORIx_DmWsmI9b2MLh2-nIzZoDpuqGasVaajszj7A9iAoDxHu&sai=AMfl-YSvN-dl8pmvdzPkfvn2cUKI2SqtyGDzxsYO6OFIetraelq3IBj-s3Y3pw2V4C-DimRbTaJjLcxXlu6hocK_UVty09ZD07ja_7ldgLRGRfU_FJiAjw04T48op0pX2JS3qg&sig=Cg0ArKJSzC2-vmDNm2lXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4311ACEDB23E9C6BE330DC27CBA3EBC3
Requests: 10 HTTP requests in this frame

Frame: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 32C97B50F275812D253DFFE31502174E
Requests: 10 HTTP requests in this frame

Frame: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E74BF70220C827BCCF23359F2ED876C
Requests: 10 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 3AAC5DDB0EF5081DF6C825851DE1213C
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 449D24645B10812928BFDE8AB72579E3
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 2754ACF747576CA41AA5DC7213DCB801
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 980F1B3C865140DEF13699AE75F095A8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Frame ID: D37299F74141834779D20E0BD6EDEDF0
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Frame ID: 5C8A0B9031C7149C9F9529B2C4B0BD0F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6B005BFBB6307579C21C45D21D390071
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 1A6F22066BF5105702B62006795646E6
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0D9FFAF9ABD8CCA4F869C38795006081
Requests: 13 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4DFA0685B0E3A0F8D104724B19C9583E
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1672392511042
Frame ID: 5146DC8013ACEDC94D17232CF0460495
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 79144E0AF65C8C605BD2A660C910854C
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 01A6204AC14F1152D66BC93E796C1CE0
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: DE566167AE991F64625281D0248F3172
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3ED88A8B88D1388ED715243946A4249B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CD735456E537F6BBD954CF5E79E8C946
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 7975197A3B13E3077830673221006155
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 8B752E078E6E8CEC39FE9F87A4C62903
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=rkt&refUrl=&vid=23925174663153941177443632000V10&ovsid=2019090387663718195
Frame ID: 21FCDB1270A7DE0E396C1C43C83BF8F1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Frame ID: 9332F92D1C76B464756C5D28C2DB0EF9
Requests: 18 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: ABABA533D890FBB1C9FCA71F1FE37D0B
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 7A29A3731383A8E30EF39D3A37A25EBF
Requests: 14 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 677E1EE7F2C31D7DCE8B4FFEA703DD45
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 1D07A64CDD7BBC36F416849228CB27A2
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: E478D5133ED1DB68D6626722A6BA95B5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 9541BDC0F0C7BB9B5694DBF0599AB364
Requests: 2 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: F3834302C5D71A1E8686D2EAF62D1867
Requests: 25 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-ab4fV40Q1g3ttONU4hzX-nYFrX-IP9fECsE00tFYzw
Frame ID: BCDB5C3C5786513C00E9FB9D1D6AEA8E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 912D361BF4AD4BD3CE99211EB813A091
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=7dcb16d6-9b28-4350-83ad-9d69d70817f1
Frame ID: 03E9AEAD968EC775290DBF6C895A4A4F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
Frame ID: 9BA2AF4252742498FBC8EC7FFFBB3B67
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
Frame ID: DCB79106B12E10DC9D0D3239F9B8FC03
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84NTY4MzIzNS01NGM0LTRhNDAtYmE5YS03ZDE1NThiM2JiMjE=&gdpr=0&gdpr_consent=
Frame ID: 133D01DE9C0E279E361A59BE85DDDEAE
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 7606899B7B695865D92D92DA594F92C8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y66vPcCo8XwAAGleYTsAAAAA
Frame ID: 0F3B9ED601030446172D0AA52293086E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=a0603876-8a04-448b-961a-0664a96212b4
Frame ID: 8DD350BFA431962A7509DBE09BA3B8BA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y66vPTF3RFEf8C0cBH4YgwAA%264735
Frame ID: 8F0DF40E5C9425FA6D911D436385016E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=lNeQIFFvQ2SLFOL1zIbV&pi=gumgum&tc=1
Frame ID: 6078CF61B251E7C9109ACFB1E46B8AD3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: EB0E73A73E7451DD18A5C9A1580684E7
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: 0D588A7F5E09F8D6B42126FCFFC6B59E
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 6D286B660544982FF7BA75847E8BB9CD
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: 5428DF3AAAA732B47BCB892FA98ED0AA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: F9FD8D16ECDB71109673AB6E3B97728E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: 97AF543A5D23DD1781A5E1C634103F64
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: 7FC8AE9775292B77D303D7BE8B814D3C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: 23AC695D6FE1991869CB4781483FA879
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: 53C15BE7C904D489E3BE7F528B23A934
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: 5002A458F37CEF542FDF4A806573E95C
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 2742A4C7E1CE1BA7FB539AFA76D42954
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 2689CBA3FA80D956499D681DA6BB187A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: DC2441D1B21EF7908027BBE97E7AC5F8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: 982F24D0B54DD954AE2EB1E9164DCF9E
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: F275F6E8D3F9D46885B59020078F405C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: 85298C9C50F3111B3090D75C97A2592D
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: B257E38AF1D092DF0B657EFF9786EA6B
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004
Frame ID: 4D994879B6E30895E4F471AF53CB773E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 68BB1585FDC73629005E9DCEA756CA78
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 843EA562E8C7FC5D5128C74C03570205
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A7660CBD6BAC9D1E02B37E37180C76C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: DEB83A606540F260BD30922349DDADA2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=pba&refUrl=&vid=23925174663153941177443632000V10&ovsid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Frame ID: D67029DB644465E4A2C129A5F039D76B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2023年,哪些賽事值得我們期待? - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

597
Requests

71 %
HTTPS

0 %
IPv6

113
Domains

171
Subdomains

109
IPs

12
Countries

3845 kB
Transfer

10015 kB
Size

150
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 67
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392506174&bpp=11&bdt=1273&idt=2110&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=1&ga_vid=818953196.1672392508&ga_sid=1672392508&ga_hid=1769939435&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4625&biw=1600&bih=1200&isw=336&ish=280&ifk=3499628791&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779793%2C44780792&oid=2&pvsid=1892013495938508&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6t5zfdwrodw0&btvi=1&fsb=1&dtd=2125 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 98
  • https://um.simpli.fi/gp_match?google_gid=CAESEHTR_3V6xFJ_o9hR-dN025w&google_cver=1&google_push=AavPq0PqTkDgqzPrhF1CB2f0u_UAcLtkh9zhxHuHo1o5BGTVdxYWPlw1mv7bltZGaWk22RX9w5Tb1Xcjd-WfFWp0pcEsfGAIGYFcfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=31CB8A23053C483D935929F708821FAF&google_push=AavPq0PqTkDgqzPrhF1CB2f0u_UAcLtkh9zhxHuHo1o5BGTVdxYWPlw1mv7bltZGaWk22RX9w5Tb1Xcjd-WfFWp0pcEsfGAIGYFcfw
Request Chain 99
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEFe6WYXF2S3Y5PbpBRfmPiA&google_cver=1&google_push=AavPq0Pljxb_yDaMlbUeZyslNFevx9ZaoPpFwtxCdRiIcFlSuwQQQMitxBMGveefvQ6Ieb-f55cGUkLIVKumynnotuY3TRVuFh5RsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0Pljxb_yDaMlbUeZyslNFevx9ZaoPpFwtxCdRiIcFlSuwQQQMitxBMGveefvQ6Ieb-f55cGUkLIVKumynnotuY3TRVuFh5RsA
Request Chain 100
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEF3em4S9A2U-1xH7Vax0ElE&google_cver=1&google_push=AavPq0MNLqIQl0OQC441YglvF4IRm3AZ0jd6htCT5EqT6qC5PyS1kaVd-aOIeujKrLfCK-Mqb7NXg6-7pwwIXhggGEKky_z_lsyxzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTY2dlBjQ284WHdBQUdsZVlUc0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEByrDQFFEsp_8G9bJDGxm9w&google_cver=1
Request Chain 101
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGHMFRa0-RSXYizf3JE_NWs&google_cver=1&google_push=AavPq0N5zbt_Atd9twIL25u0wooufSE6qw-_nLgY3xC4EjNyt1u215RrgMqyyW98-ZWyHeaCFMU0-xPQMxLSpy4OIpLp-O4D3BsW HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGHMFRa0-RSXYizf3JE_NWs&google_push=AavPq0N5zbt_Atd9twIL25u0wooufSE6qw-_nLgY3xC4EjNyt1u215RrgMqyyW98-ZWyHeaCFMU0-xPQMxLSpy4OIpLp-O4D3BsW&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGHMFRa0-RSXYizf3JE_NWs&google_hm=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&google_nid=index&google_push=AavPq0N5zbt_Atd9twIL25u0wooufSE6qw-_nLgY3xC4EjNyt1u215RrgMqyyW98-ZWyHeaCFMU0-xPQMxLSpy4OIpLp-O4D3BsW
Request Chain 102
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECy-2XyhXYjfQfi62zS26D0&google_cver=1&google_push=AavPq0OxW-72hiYwkbufKUUcy0HaTZ-TqWh-sJvMpPXKU3MX8WuBQp9_6rINwvsWxZZ1SeyyRpI-q-QnN6fcaRAe0Gd2OXb-HbCZDDw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECy-2XyhXYjfQfi62zS26D0&google_cver=1&google_push=AavPq0OxW-72hiYwkbufKUUcy0HaTZ-TqWh-sJvMpPXKU3MX8WuBQp9_6rINwvsWxZZ1SeyyRpI-q-QnN6fcaRAe0Gd2OXb-HbCZDDw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hWDV2Wm01RTJ1RWZhbkdPaVhOZ3V3bzBkNkhISVpYWX5B&google_push=AavPq0OxW-72hiYwkbufKUUcy0HaTZ-TqWh-sJvMpPXKU3MX8WuBQp9_6rINwvsWxZZ1SeyyRpI-q-QnN6fcaRAe0Gd2OXb-HbCZDDw
Request Chain 103
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIuNicz0S3Wy1NfTOATS9Qk&google_cver=1&google_push=AavPq0PohBr7f5CybueWPyHZc8Yg-Bnx9xf3ZRFIcAYqBLKWogm0W_KcxQZKMV7lhYo4RO33F8BRGDns9y1JBthLhmtQgJZJDJb2dmk HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIuNicz0S3Wy1NfTOATS9Qk&google_cver=1&google_push=AavPq0PohBr7f5CybueWPyHZc8Yg-Bnx9xf3ZRFIcAYqBLKWogm0W_KcxQZKMV7lhYo4RO33F8BRGDns9y1JBthLhmtQgJZJDJb2dmk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2d843f2c-c6f7-4311-a7de-e85a87b69e25&%%GOOGLE_PUSH_PAIR%%
Request Chain 117
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELz-68J9x390JUfKiROaWZI&google_cver=1&google_push=AavPq0P_Izj0jgVfa_8AfYw8ntf-jbUOuWvw54L_LzaHaa16364dopgdwZ27QPcXM9GrxMGEZC-EDo-jljcGc8YWo2Ad89Rp7DHLLY5OTjAPA0Z1I8LtH9BBeBQvJBtO7Tl040JP5hdMgP3N2ym--VYzl10E HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELz-68J9x390JUfKiROaWZI&google_cver=1&google_push=AavPq0P_Izj0jgVfa_8AfYw8ntf-jbUOuWvw54L_LzaHaa16364dopgdwZ27QPcXM9GrxMGEZC-EDo-jljcGc8YWo2Ad89Rp7DHLLY5OTjAPA0Z1I8LtH9BBeBQvJBtO7Tl040JP5hdMgP3N2ym--VYzl10E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RlRLdmF1ZU4xUGJiR0s1&google_gid=CAESELz-68J9x390JUfKiROaWZI&google_cver=1&google_push=AavPq0P_Izj0jgVfa_8AfYw8ntf-jbUOuWvw54L_LzaHaa16364dopgdwZ27QPcXM9GrxMGEZC-EDo-jljcGc8YWo2Ad89Rp7DHLLY5OTjAPA0Z1I8LtH9BBeBQvJBtO7Tl040JP5hdMgP3N2ym--VYzl10E
Request Chain 118
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEIGxlitbmT_B4bSjDJJhWCI&google_cver=1&google_push=AavPq0NVC5M46vjCSMAmawKj7kjxZFTT1T_iHosxzG3iNMqWQANkMh0wxS2oGOp26TQy1-3aLqOzWBobMWO7ZfK81e5BmD7R8rGxKaOJiy18pnxIOhU32iOgbQ0D_pTgB91RhMOHm_tP9Rzi-TiaaN1UEpr3ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0NVC5M46vjCSMAmawKj7kjxZFTT1T_iHosxzG3iNMqWQANkMh0wxS2oGOp26TQy1-3aLqOzWBobMWO7ZfK81e5BmD7R8rGxKaOJiy18pnxIOhU32iOgbQ0D_pTgB91RhMOHm_tP9Rzi-TiaaN1UEpr3ag&google_hm=gsTMyvPGTVKBGRdWKDs7e8Q
Request Chain 119
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHHdlhknNZ5P1d1R4VPS1-8&google_cver=1&google_push=AavPq0Puw6Mxh5xgQQNQj6HVc3svf4FYkNOlYMunHpFL1RjdsD4mL4Qyh5To1OzoQLMWcVL-QQR7P48wZo9DO9X1nYqHlFE1AfdR2FBel1rxtpqtvwkbvdP6Ez5em6qWpK3tZF5IWJIxQVFoKF_q-Qt6xlGowQ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEHHdlhknNZ5P1d1R4VPS1-8&google_push=AavPq0Puw6Mxh5xgQQNQj6HVc3svf4FYkNOlYMunHpFL1RjdsD4mL4Qyh5To1OzoQLMWcVL-QQR7P48wZo9DO9X1nYqHlFE1AfdR2FBel1rxtpqtvwkbvdP6Ez5em6qWpK3tZF5IWJIxQVFoKF_q-Qt6xlGowQ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Puw6Mxh5xgQQNQj6HVc3svf4FYkNOlYMunHpFL1RjdsD4mL4Qyh5To1OzoQLMWcVL-QQR7P48wZo9DO9X1nYqHlFE1AfdR2FBel1rxtpqtvwkbvdP6Ez5em6qWpK3tZF5IWJIxQVFoKF_q-Qt6xlGowQ&google_hm=QTNDUDAwWm9INEJMOEFIWi1IT1o=
Request Chain 120
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENCuLRBJJWbZGH7-bQUITIA&google_cver=1&google_push=AavPq0NfXAiNxHBOg9Z_61y10MVrFmciASJFVYKdBcZOzqqLrmh8RhbBOAtOjn_cEGgTXdkseR6pOWWgHLQaH93RBo9VZWfEZX4zalEc2shl0zvTkskW_v8AcltbCVdFL4hPLmY46G2IhkVcpxoZ_TriwaG4Zw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fd6ddd27&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0NfXAiNxHBOg9Z_61y10MVrFmciASJFVYKdBcZOzqqLrmh8RhbBOAtOjn_cEGgTXdkseR6pOWWgHLQaH93RBo9VZWfEZX4zalEc2shl0zvTkskW_v8AcltbCVdFL4hPLmY46G2IhkVcpxoZ_TriwaG4Zw
Request Chain 121
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHFt5pAPEJqbJFiEzXMDs60&google_cver=1&google_push=AavPq0PnMTQwxJrErTBskdXoLvGfJNWUAicFlLU7oiPjDseeM1fcx4BE5M-FrSsqTtN5rXA6MPUCKdhGcSz-IS8BONwCAFtPUrTtdR8wARto-kiGLI_yw3eQ3DC_ToaifFV3drrOLlGn51rWglubDk8hxlZQsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJciqOvwZ6TE9p-dYOakVtO3wVcYhFvTg&google_push=AavPq0PnMTQwxJrErTBskdXoLvGfJNWUAicFlLU7oiPjDseeM1fcx4BE5M-FrSsqTtN5rXA6MPUCKdhGcSz-IS8BONwCAFtPUrTtdR8wARto-kiGLI_yw3eQ3DC_ToaifFV3drrOLlGn51rWglubDk8hxlZQsQ
Request Chain 122
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEEf_ghogWvFHOGo-PIeebBQ&google_cver=1&google_push=AavPq0NfrlFKX-82nCuJYj0kvNIiTbHfnrK56ZZ3DPR4eTVAsVbEGxBmquFGWhNhg9DWgzV9isTI7pcYEinHUrQLzASatT2rERkjtRgeZj5FZILtNu-NezKqx1Cj8C0uMx0sXb3VxX9oec06QwViikkkfRw_HQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NfrlFKX-82nCuJYj0kvNIiTbHfnrK56ZZ3DPR4eTVAsVbEGxBmquFGWhNhg9DWgzV9isTI7pcYEinHUrQLzASatT2rERkjtRgeZj5FZILtNu-NezKqx1Cj8C0uMx0sXb3VxX9oec06QwViikkkfRw_HQ&google_hm=Z2I3N2ZjMDU4ODI5YTc4MzUwZjU=
Request Chain 173
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392509870&bpp=13&bdt=312&idt=415&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=7893217242726&frm=8&ife=1&pv=2&ga_vid=169630223.1672392510&ga_sid=1672392510&ga_hid=728099514&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44777876%2C44774648%2C42531848%2C44774652%2C44780792&oid=2&pvsid=1659567851031227&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.y11scm4ax2qd&fsb=1&dtd=424 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 282
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECrt47MbFZ4VfWNTSoTyq_g&google_cver=1&google_push=AavPq0Ns2wXY0MUMdLR6jBp1GR9bf_Eiri9adRQKaYDlLZ9PvtGUsNWr1wpLPlt196k7bOSQIw28NPw0quc8oQ_pSI_SSKrwhPdwinSFvLeNoqEaP1CWhdca7pPdh13a62rEJR_eEPVHgKqGDg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0Ns2wXY0MUMdLR6jBp1GR9bf_Eiri9adRQKaYDlLZ9PvtGUsNWr1wpLPlt196k7bOSQIw28NPw0quc8oQ_pSI_SSKrwhPdwinSFvLeNoqEaP1CWhdca7pPdh13a62rEJR_eEPVHgKqGDg
Request Chain 283
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDxZZph1w4xVSER-W93wqs0&google_cver=1&google_push=AavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6gtFDhXVgwd7pknwD7IxevAIvrfR2nNJk5kynnCuIoz0Bw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6gtFDhXVgwd7pknwD7IxevAIvrfR2nNJk5kynnCuIoz0Bw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDxZZph1w4xVSER-W93wqs0&google_cver=1&google_push=AavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6gtFDhXVgwd7pknwD7IxevAIvrfR2nNJk5kynnCuIoz0Bw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6gtFDhXVgwd7pknwD7IxevAIvrfR2nNJk5kynnCuIoz0Bw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 285
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPWoo9Wpkm_iGz_RDxU00Qw&google_cver=1&google_push=AavPq0OxcRdTW1htC43OXAFW8dga74mwekM8Emmn01krNN3LgRdO4VdRJ-nbDBNxbsBw6vtDriBVR802iBSjclVUpDhysTFw3g-Fx_LxnTHByQkY6hsaMgZPJThFe1OtJPdvgimcF-lEBG97 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2d843f2c-c6f7-4311-a7de-e85a87b69e25&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524630856467605591&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524630856467605591&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=55fe6a3e-3974-4bc6-9844-040055253860&ssp=google&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524630856467605591&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209030804381002976900&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524630856467605591&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT9Xezvtg8tr&google_hm=LYQ_LMb3QxGn3uhah7aeJQ==
Request Chain 286
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBXBCIiVPjeQ0NCvwN_qYLk&google_cver=1&google_push=AavPq0OnvF5KsVgeSkZb2V-J9pKZaABh-WWuAmlfhQVCes49Ygf8ssxoJ-Oo7qY1RpV8D-sjqI6gKbLqh7SHBItnrQOCyzYZpdxA46L9nkhIcmi3LcfZoMfK5tPF81vlleIpb1q-_qbYOo7oSA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBXBCIiVPjeQ0NCvwN_qYLk&google_cver=1&google_push=AavPq0OnvF5KsVgeSkZb2V-J9pKZaABh-WWuAmlfhQVCes49Ygf8ssxoJ-Oo7qY1RpV8D-sjqI6gKbLqh7SHBItnrQOCyzYZpdxA46L9nkhIcmi3LcfZoMfK5tPF81vlleIpb1q-_qbYOo7oSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU5MDk0NDE2MTgyMzUwMTE0Mw&google_push=AavPq0OnvF5KsVgeSkZb2V-J9pKZaABh-WWuAmlfhQVCes49Ygf8ssxoJ-Oo7qY1RpV8D-sjqI6gKbLqh7SHBItnrQOCyzYZpdxA46L9nkhIcmi3LcfZoMfK5tPF81vlleIpb1q-_qbYOo7oSA
Request Chain 287
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGN8S8CDglAcgFZ24mTm-i0&google_cver=1&google_push=AavPq0PR8lp3yQx-eMob-wny9VK-q56JRS3RWACBul0rFUWaaMmzg9M6XJAXRgRFgNEPRam506lzWXhlr_5rFi0PqzvEju2vnWP_n8wVn7IIdLlOfzWye7lEWnKPAYPxrJyo1j9M68lMksZ17w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IFDNZVgrTI5jDdU-QSuc2HRaSsQ&google_push=AavPq0PR8lp3yQx-eMob-wny9VK-q56JRS3RWACBul0rFUWaaMmzg9M6XJAXRgRFgNEPRam506lzWXhlr_5rFi0PqzvEju2vnWP_n8wVn7IIdLlOfzWye7lEWnKPAYPxrJyo1j9M68lMksZ17w
Request Chain 288
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHvACWCUWlSFiqxC715cdd0&google_cver=1&google_push=AavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9O3zOuErV-PVoJHmC9f7EPb5qRJLANmZvOJgZ1n84npY0AFyl5Z7JXqLEva2SLtEWTQvUvN_HjaG3asYGcVk-0-lN_S5W2FY HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHvACWCUWlSFiqxC715cdd0%26google_cver%3D1%26google_push%3DAavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9O3zOuErV-PVoJHmC9f7EPb5qRJLANmZvOJgZ1n84npY0AFyl5Z7JXqLEva2SLtEWTQvUvN_HjaG3asYGcVk-0-lN_S5W2FY HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4306154470455869931&exchange=193&google_gid=CAESEHvACWCUWlSFiqxC715cdd0&google_cver=1&google_push=AavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9O3zOuErV-PVoJHmC9f7EPb5qRJLANmZvOJgZ1n84npY0AFyl5Z7JXqLEva2SLtEWTQvUvN_HjaG3asYGcVk-0-lN_S5W2FY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQzMDYxNTQ0NzA0NTU4Njk5MzE&google_push=AavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9O3zOuErV-PVoJHmC9f7EPb5qRJLANmZvOJgZ1n84npY0AFyl5Z7JXqLEva2SLtEWTQvUvN_HjaG3asYGcVk-0-lN_S5W2FY
Request Chain 297
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECrt47MbFZ4VfWNTSoTyq_g&google_cver=1&google_push=AavPq0P_O2p21hOWdS6G8mKaVLC5w9umTUlu8yu7k7nFbIZTkDnI4k2HZ__0Z8s50q-KK82pczvt8nwKNl5neiRrlThJyEeEoPAISi9T4aTe3py_n7upl5H4e7O1E1Mo-jdeUr88TKIT5ZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0P_O2p21hOWdS6G8mKaVLC5w9umTUlu8yu7k7nFbIZTkDnI4k2HZ__0Z8s50q-KK82pczvt8nwKNl5neiRrlThJyEeEoPAISi9T4aTe3py_n7upl5H4e7O1E1Mo-jdeUr88TKIT5ZQ
Request Chain 298
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEODyR4GXST1JV3X993dpea0&google_cver=1&google_push=AavPq0PSIrQHsGL0ut_DFokUOFYNSvTIpYgrMwXsIbaHoMKfnCxjDSyIYqpRk0kWiqKXPvjDcno_quVDalK0xWqP5iXXCfeNDsyroWYldnk5PPeRA1bGV7O2ZXhU3BsZBH2g3ezTxA0heefu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0PSIrQHsGL0ut_DFokUOFYNSvTIpYgrMwXsIbaHoMKfnCxjDSyIYqpRk0kWiqKXPvjDcno_quVDalK0xWqP5iXXCfeNDsyroWYldnk5PPeRA1bGV7O2ZXhU3BsZBH2g3ezTxA0heefu
Request Chain 299
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPWoo9Wpkm_iGz_RDxU00Qw&google_cver=1&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT9Xezvtg8tr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT9Xezvtg8tr&google_hm=LYQ_LMb3QxGn3uhah7aeJQ==
Request Chain 300
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP3OHHNwOwOd_b5ucdANEIs&google_cver=1&google_push=AavPq0MkqggKPhDZ1VGozLQHMmE7-QZ5HW5DeKMCcLabzk8SBu13rz9KJ6l7T4eV6y8D7zIrrYI0sq5NRIojqswC107UWuQ52L6um-2sv7-UJfIKuQ5oCsMjqYiJfgySDlFMN_U17VidwqJ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0MkqggKPhDZ1VGozLQHMmE7-QZ5HW5DeKMCcLabzk8SBu13rz9KJ6l7T4eV6y8D7zIrrYI0sq5NRIojqswC107UWuQ52L6um-2sv7-UJfIKuQ5oCsMjqYiJfgySDlFMN_U17VidwqJ_&google_hm=eS1WcjZEUlNCRTJwRzlyT2pMNWRuWklfTkJGRTNDNGlYYn5B
Request Chain 301
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBXBCIiVPjeQ0NCvwN_qYLk&google_cver=1&google_push=AavPq0OGFHgne4vR7Ni2LjuqTvdRXMF5b-7UiuFZcQpgTp53JDTUfE5sH0bombc331rLoo7Dr_ri9UN4KOAyEaKOZoEniHNu6atTllgj9gqWzsOaVy40JGWyQoDS42TeyU4H3kpunDhXGkQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBXBCIiVPjeQ0NCvwN_qYLk&google_cver=1&google_push=AavPq0OGFHgne4vR7Ni2LjuqTvdRXMF5b-7UiuFZcQpgTp53JDTUfE5sH0bombc331rLoo7Dr_ri9UN4KOAyEaKOZoEniHNu6atTllgj9gqWzsOaVy40JGWyQoDS42TeyU4H3kpunDhXGkQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcyMDkwODM0OTY0MTMxMDI1MQ&google_push=AavPq0OGFHgne4vR7Ni2LjuqTvdRXMF5b-7UiuFZcQpgTp53JDTUfE5sH0bombc331rLoo7Dr_ri9UN4KOAyEaKOZoEniHNu6atTllgj9gqWzsOaVy40JGWyQoDS42TeyU4H3kpunDhXGkQ
Request Chain 302
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGN8S8CDglAcgFZ24mTm-i0&google_cver=1&google_push=AavPq0PKvHD4exuxt2mivA8ilpoURMtzN2kKMPxUVXyWShZQK-hJVUQRZ0Xfvtsvva69-kHdFUY1sHw0Dy5g7sw_L7UZsIUEz5QSBrbHd4jxGpxxKs_sHDTCX6trDosE15u3aZfXjSLtwd6v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=gcsvoJ9XRD10C8jnXKRPPXRaSsQ&google_push=AavPq0PKvHD4exuxt2mivA8ilpoURMtzN2kKMPxUVXyWShZQK-hJVUQRZ0Xfvtsvva69-kHdFUY1sHw0Dy5g7sw_L7UZsIUEz5QSBrbHd4jxGpxxKs_sHDTCX6trDosE15u3aZfXjSLtwd6v
Request Chain 303
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHvACWCUWlSFiqxC715cdd0&google_cver=1&google_push=AavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-PkkLiZ-khTs9PIfmI4ax9XBE-e3_K0FXX7wy4v7pLL_gwNbDpj8hd0wGA24U8XtGHnM0RVgUFl_Tc5hfiZJ7HbiEwl4 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHvACWCUWlSFiqxC715cdd0%26google_cver%3D1%26google_push%3DAavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-PkkLiZ-khTs9PIfmI4ax9XBE-e3_K0FXX7wy4v7pLL_gwNbDpj8hd0wGA24U8XtGHnM0RVgUFl_Tc5hfiZJ7HbiEwl4 HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A256220992459480452&exchange=193&google_gid=CAESEHvACWCUWlSFiqxC715cdd0&google_cver=1&google_push=AavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-PkkLiZ-khTs9PIfmI4ax9XBE-e3_K0FXX7wy4v7pLL_gwNbDpj8hd0wGA24U8XtGHnM0RVgUFl_Tc5hfiZJ7HbiEwl4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1NjIyMDk5MjQ1OTQ4MDQ1Mg&google_push=AavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-PkkLiZ-khTs9PIfmI4ax9XBE-e3_K0FXX7wy4v7pLL_gwNbDpj8hd0wGA24U8XtGHnM0RVgUFl_Tc5hfiZJ7HbiEwl4
Request Chain 338
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&dcc=t
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE00-nAGIWlxXco57g6Gx24&google_cver=1
Request Chain 340
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y66vPTF3RFEf8C0cBH4YgwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOromDeMlzFH87w9ZiCv9wY&google_cver=1
Request Chain 341
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7dcb16d6-9b28-4350-83ad-9d69d70817f1&expiration=1674984516&gdpr=0&gdpr_consent=
Request Chain 342
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=319263ae-af44-4400-817a-36c11968c700
Request Chain 344
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FTKvaueN1PbbGK5
Request Chain 345
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y66vRAAH5LY5dAAp HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y66vRAAH5LY5dAAp&_test=Y66vRAAH5LY5dAAp
Request Chain 359
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 372
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 376
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4116065103529878963&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 377
  • https://match.adsrvr.org/track/cmf/openx?oxid=4ae4301f-d56a-7335-e839-882826677159&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttd_puid=4ae4301f-d56a-7335-e839-882826677159&gdpr=0&gdpr_consent=
Request Chain 378
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y66vPcCo8XwAAGleYTsAAAAA
Request Chain 379
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Af0ZLHbrm4PHks8ADzLRiXkAF88AAAGFYlyo0Q
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAN5hgmVGLpViyirO_7Jssg&google_cver=1
Request Chain 383
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=1&gdpr_consent=
Request Chain 385
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7886676477272632521
Request Chain 387
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcp70X4VuzuUy9AKT5qj4qf7nuD3TWag
Request Chain 389
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCMXeup0GEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 390
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9heGVDN4Jc_TDtjtPFTDx3NOkwgWifAi8yoTA5hz0qM
Request Chain 393
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
Request Chain 398
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7886676477272632521
Request Chain 399
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
Request Chain 400
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044007509491951027
Request Chain 401
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFSoE7HXV8AACAQYU-Mkg&expiration=1673602118
Request Chain 403
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7886676477272632521
Request Chain 404
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=W7JC-AznEPlAuBf-WrMOpF6yFqlAthL4X7NNr8nb
Request Chain 405
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=A3CP00ZoH4BL8AHZ-HOZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2QJTINIDAMC2N5EDIQSMHBAUQWRNJBHVU HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2QJTINIDAMC2N5EDIQSMHBAUQWRNJBHVU HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=A3CP00ZoH4BL8AHZ-HOZ
Request Chain 408
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 409
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Drkt%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=rkt&refUrl=&vid=23925174663153941177443632000V10&ovsid=2019090387663718195
Request Chain 411
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dapx%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=apx&refUrl=&vid=23925174663153941177443632000V10&ovsid=7886676477272632521
Request Chain 412
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dopx%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=opx&refUrl=&vid=23925174663153941177443632000V10&ovsid=82c85980-7e6a-49d5-8b76-f6469488e385
Request Chain 413
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dmma%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=mma&refUrl=&vid=23925174663153941177443632000V10&ovsid=319263ae-af44-4400-817a-36c11968c700
Request Chain 414
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dr1%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dr1%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D%5BRX_UUID%5D&cb=1672392518457 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8724952385 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7dcb16d6-9b28-4350-83ad-9d69d70817f1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-06b2d434-da93-4867-903e-6567c80fe655-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE1Mzk0MTE3NzQ0MzYzMjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFsz2aA5Hy2F98Yr3d5CGSw&google_cver=1
Request Chain 416
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=dxu&refUrl=&vid=23925174663153941177443632000V10&ovsid=FTKvaueN1PbbGK5
Request Chain 417
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bac0fb1c-b88f-43a6-9270-f1c3fe4ba1e9
Request Chain 418
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=319263ae-af44-4400-817a-36c11968c700&expires=30&ssp=medianet&bsw_param=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 419
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dzem%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=A3CP00ZoH4BL8AHZ-HOZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKBGNBVAMBQLJXUQNCCJQ4ECSC2FVEE6WRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZDGOJSGUYTONBWGYZTCNJTHE2DCMJXG42DIMZWGMZDAMBQKYYTAJTWONUWIPJTGE2TGOJUGEYTONZUGQZTMMZSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKBGNBVAMBQLJXUQNCCJQ4ECSC2FVEE6WRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZDGOJSGUYTONBWGYZTCNJTHE2DCMJXG42DIMZWGMZDAMBQKYYTAJTWONUWIPJTGE2TGOJUGEYTONZUGQZTMMZSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=A3CP00ZoH4BL8AHZ-HOZ&refUrl=&type=zem&vid=23925174663153941177443632000V10&vsid=3153941177443632000V10
Request Chain 420
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3153941177443632000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3153941177443632000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=d4f65e1b-7a32-4d9a-b16a-f123d928901b&cs=1
Request Chain 421
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7dcb16d6-9b28-4350-83ad-9d69d70817f1
Request Chain 423
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&dongle=0cfd
Request Chain 424
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2MTE0NTcyODg5NzAxNjI5MDg5Mw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFRedUCFrKVJiAaCaSylHfc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 426
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2MTE0NTcyODg5NzAxNjI5MDg5Mw%3D%3D
Request Chain 427
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3161145728897016290893&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3161145728897016290893&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 428
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3161145728897016290893&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e43d13f1-0e7c-4f22-8ca6-a3a7983a039f&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 429
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3161145728897016290893?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-NuUSktlE2oSfk0YgpKiVxEMlky8VQXJLnrUKw3hrdQ--~A&dongle=0883
Request Chain 432
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7886676477272632521&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 438
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 441
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7886676477272632521
Request Chain 442
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=F5t4CLZHazrZKzetQMCLBzQQ
Request Chain 443
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=F5t4CLZHazrZKzetQMCLBzQQ
Request Chain 444
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1672392518458 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6301328728 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7dcb16d6-9b28-4350-83ad-9d69d70817f1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-06b2d434-da93-4867-903e-6567c80fe655-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
Request Chain 445
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1917759395183683064
Request Chain 447
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7841%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dab05a955-391b-459a-b965-dadd9b411dff%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 448
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
Request Chain 449
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUyAhoMOAE=
Request Chain 450
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
Request Chain 452
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zaMh8gob6hmNbMrG3p6dIQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PQCpJmlE2oK6fS7kdTx85IZOJya8yxUpYpJigQ--~A
Request Chain 453
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENBQkJLV0ItWi1FTUFL
Request Chain 454
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=&expires=30
Request Chain 455
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTFlMWQ1NGQzMDYxYjVlMGVjNzJhNmNhZGMwZGNiZTU1ZDQ4OTJiYg
Request Chain 457
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCABBKWB-Z-EMAK
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEENgS2T0PI2xt50O-vPkdm0&google_cver=1
Request Chain 459
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pcSCYo82Q1yrFuJnQVoDJQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pcSCYo82Q1yrFuJnQVoDJQ
Request Chain 460
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=31CB8A23053C483D935929F708821FAF
Request Chain 461
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688117318&external_user_id=38891fe1-b719-4719-b0a1-3a8095632825
Request Chain 462
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=66a60719-4a3e-4ba2-aabc-5ceac54ee5e7&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 463
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 464
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7886676477272632521
Request Chain 465
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044007509491951027
Request Chain 466
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKZ3U7HXV8AACBhxMcsag&expiration=1673602118
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE00-nAGIWlxXco57g6Gx24&google_cver=1
Request Chain 469
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcq4eooBEI7KgbIqNDYMfGyT6b_gGbWQ
Request Chain 471
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
Request Chain 472
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LCABBKWB-Z-EMAK&gdpr=0
Request Chain 473
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7886676477272632521
Request Chain 475
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1363465109712402442
Request Chain 476
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
Request Chain 477
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzk2RkMxOUItNEZDMi00NzMyLUFFMTctREUzQjQ3NTE3NDhF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 478
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
Request Chain 479
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
Request Chain 480
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-DDuSW69E2pmaaNIIk_UgB3Kh9baUwG9DG7eHww--~A&expires=5 HTTP 302
  • https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=2d843f2c-c6f7-4311-a7de-e85a87b69e25
Request Chain 485
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7886676477272632521
Request Chain 486
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_85683235-54c4-4a40-ba9a-7d1558b3bb21&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2d843f2c-c6f7-4311-a7de-e85a87b69e25&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524630856467605591&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=55fe6a3e-3974-4bc6-9844-040055253860&ssp=gumgum2&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524630856467605591&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209030804381002976900&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524630856467605591&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2d843f2c-c6f7-4311-a7de-e85a87b69e25
Request Chain 487
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-81cb2fa0-9f57-443d-740b-c8e75ca44f3d$ip$116.90.74.196
Request Chain 488
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_85683235-54c4-4a40-ba9a-7d1558b3bb21&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=A3CP00ZoH4BL8AHZ-HOZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QJTINIDAMC2N5EDIQSMHBAUQWRNJBHVUJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QJTINIDAMC2N5EDIQSMHBAUQWRNJBHVUJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=A3CP00ZoH4BL8AHZ-HOZ&us_privacy=1---
Request Chain 489
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7700803618 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7dcb16d6-9b28-4350-83ad-9d69d70817f1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-06b2d434-da93-4867-903e-6567c80fe655-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
Request Chain 490
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Zy4mgODCQ0qo&ev=1&pid=558355
Request Chain 491
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28yaTg3GGZIqmbe6Fpdfq9-ZE_yhiKWz1tq57svhEq5FOSz3k0NlQo1FDg7GxabiDq%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28yaTg3GGZIqmbe6Fpdfq9-ZE_yhiKWz1tq57svhEq5FOSz3k0NlQo1FDg7GxabiDq%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_85683235-54c4-4a40-ba9a-7d1558b3bb21&obuid=ENC(yaTg3GGZIqmbe6Fpdfq9-ZE_yhiKWz1tq57svhEq5FOSz3k0NlQo1FDg7GxabiDq) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=yaTg3GGZIqmbe6Fpdfq9-ZE_yhiKWz1tq57svhEq5FOSz3k0NlQo1FDg7GxabiDq HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=outbrain HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7720908349641310251&ssp=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 492
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=bdd9946f-fd7f-4b63-8f42-98c5ee37701f
Request Chain 493
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ecKrbHtE2pfhl9ntyRhA.GA.M.p2LFf.cDg9~A
Request Chain 494
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b944d645-b836-4ea7-8708-858753f499c7
Request Chain 497
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=ea89f0d2-e720-4ba7-9469-f83b7b497c05
Request Chain 498
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1363465109712402442
Request Chain 500
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-ab4fV40Q1g3ttONU4hzX-nYFrX-IP9fECsE00tFYzw
Request Chain 502
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=7dcb16d6-9b28-4350-83ad-9d69d70817f1
Request Chain 503
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
Request Chain 504
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
Request Chain 507
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y66vPcCo8XwAAGleYTsAAAAA
Request Chain 508
  • https://cs.admanmedia.com/sync/gumgum?puid=a_85683235-54c4-4a40-ba9a-7d1558b3bb21&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=a0603876-8a04-448b-961a-0664a96212b4
Request Chain 509
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y66vPTF3RFEf8C0cBH4YgwAA%264735
Request Chain 510
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=lNeQIFFvQ2SLFOL1zIbV&pi=gumgum&tc=1
Request Chain 511
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 513
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-0273GgMaPHM0vv5-sX-A4WF4kSoAlnO-QwaDay_xpQ&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=1363465109712402442&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttl=%%TTL%%
Request Chain 514
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
Request Chain 515
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFSoE7HXV8AACAQYU-Mkg&gdpr=0
Request Chain 516
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=Fgj7UEFdqVENAq5WFwm3DBMIrwENDKtQEgnomJGv
Request Chain 517
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LCABBKWB-Z-EMAK HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LCABBKWB-Z-EMAK
Request Chain 519
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LCABBKWB-Z-EMAK HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LCABBKWB-Z-EMAK
Request Chain 521
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=efeb723d-ce41-4028-876a-068deba28960
Request Chain 522
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=myFgbsQ2zowa&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Request Chain 523
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=7886676477272632521
Request Chain 524
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUyAhoMOAE=
Request Chain 525
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=2a1d3d35-d9c5-4de5-aa00-77f5e1a3d0a3&gdpr=0
Request Chain 526
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=gb77fc058829a78350f5&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 527
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=6c5b13b5-d5ac-4eb2-999d-d636ba0bd86e
Request Chain 528
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=F5t4CLZHazrZKzetQMCLBzQQ
Request Chain 529
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212067299787330
Request Chain 530
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y66vPTF3RFEf8C0cBH4YgwAA%264735
Request Chain 531
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A&gdpr=0&gdpr_consent=
Request Chain 533
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F24719%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dab05a955-391b-459a-b965-dadd9b411dff%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Request Chain 534
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=53d04e48-35bc-546c-bdfd-b5a5de531aed
Request Chain 535
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminutemedia%26bsw_param%3D2d843f2c-c6f7-4311-a7de-e85a87b69e25%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=fb475f908c424b1395636f13194f4283&ssp=minutemedia&bsw_param=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&consent=&gdpr_pd=&expires=7
Request Chain 536
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3161145728897016290893
Request Chain 537
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=1363465109712402442&gdpr=0&gdpr_consent=
Request Chain 546
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 547
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 548
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 549
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=ydptrwpgj4u HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 550
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7886676477272632521&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 551
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KDJGdH9nFHUzOBNyKTMKKC0yEiUzNhZ0LDO4HUeK HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 552
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 553
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gcsvoJ9XRD10C8jnXKRPPXRaSsQ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 557
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=82c4cccaf3c64d5281191756283b3b7b HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 559
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FTKvaueN1PbbGK5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 561
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5602659928 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7dcb16d6-9b28-4350-83ad-9d69d70817f1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004
Request Chain 565
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 567
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uvr6lCmHQmq92geOENFiPg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 568
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BAFAFA94-2987-426A-BDDA-078E10D1623E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=55fe6a3e-3974-4bc6-9844-040055253860%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttd_puid=55fe6a3e-3974-4bc6-9844-040055253860%2C
Request Chain 569
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BAFAFA94-2987-426A-BDDA-078E10D1623E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BAFAFA94-2987-426A-BDDA-078E10D1623E&gdpr=0&gdpr_consent=&ct=y
Request Chain 570
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BAFAFA94-2987-426A-BDDA-078E10D1623E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BAFAFA94-2987-426A-BDDA-078E10D1623E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 571
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkFGQUZBOTQtMjk4Ny00MjZBLUJEREEtMDc4RTEwRDE2MjNF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 572
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEaLVoynjs7ojHhsZWScCIY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 573
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:31CB8A23053C483D935929F708821FAF HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 575
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Request Chain 576
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T2n4PpJE2uVa8pVcLRjXyFp.e7wjvG8-~A&gdpr=0&gdpr_consent=
Request Chain 577
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2d843f2c-c6f7-4311-a7de-e85a87b69e25 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2d843f2c-c6f7-4311-a7de-e85a87b69e25 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f23ba59c-2964-4b6a-912d-a9584ec3c03d&user_group=1&ssp=pubmatic&bsw_param=2d843f2c-c6f7-4311-a7de-e85a87b69e25
Request Chain 578
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7720908349641310251
Request Chain 579
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4044007509491951027&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 581
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7886676477272632521
Request Chain 584
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcr6tG7p4mJBJo_rGTPzLTMd871P9Knw
Request Chain 587
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=1&gdpr_consent=
Request Chain 588
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7886676477272632521
Request Chain 591
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
Request Chain 594
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
Request Chain 597
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LCABBKWB-Z-EMAK HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LCABBKWB-Z-EMAK
Request Chain 599
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LCABBKWB-Z-EMAK HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LCABBKWB-Z-EMAK

597 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
www.bg3.co/a/ 		58 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a8878aa26259f8131ab94f61451f59cc0e240f7d45fd5b31a8d988050bdb1f9c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Dec 2022 09:28:22 GMT
ETag
"e603-P2vKHcDqsA8vW/GmyKBN9QOYxUE"
Expires
Fri, 30 Dec 2022 10:28:22 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
889c8dd97d82a778b37300d54b338cd093040b2aacc208df8b2c4f5896bde98e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Dec 2022 09:28:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72681
x-xss-protection
0
server
sffe
etag
"0f8f5d9d8c9a8fd9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Dec 2022 09:28:23 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
74a728f3606e8e792cd0959126c33a0d15aa2c047e20efc083aecf408ee16fce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Dec 2022 09:28:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9654
x-xss-protection
0
server
sffe
etag
"4b66d6f91d1262b7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Dec 2022 09:28:23 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
7b803ad1dd4b7e46b45dfa6f3cdf42053ae31b0ca7e1ed7cc71ed2d098324ebd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Dec 2022 09:28:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7580
x-xss-protection
0
server
sffe
etag
"68f3175abba6e2b9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Dec 2022 09:28:23 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
321b3e630cd5162192ca9753f956dda11f61aba3f45c8265d4604e41257c60a7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Dec 2022 09:28:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
etag
"a9a002bfa741eb92"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Dec 2022 09:28:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d9e90811c7cc99535eb1731c2d056f64db946e0b9588d1b3c49c8d0ab2e21e66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49320
x-xss-protection
0
server
cafe
etag
8739477175739285009
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:23 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10792
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45472
last-modified
Wed, 21 Dec 2022 06:32:06 GMT
server
cloudflare
etag
"63a2a866-b1a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFjFqjvLF4M6xecIl%2FCv1IZ9QFTdXnmMiZD0YsXDjivl6y3sZVyOkogvQ8M32mkLtm2CcRWpMdN49zOqtoc%2F7WW4GG0ynXt24jbU2JZOWClA7MdyC3kosPWVm6Lv%2B%2BVW1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7819bec20c6aa95b-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 30 Dec 2022 09:28:24 GMT
content-encoding
br
last-modified
Fri, 30 Dec 2022 08:00:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
NZ
content-length
9215
expires
Fri, 30 Dec 2022 10:28:24 GMT
adpushup.js
cdn.adpushup.com/42753/ 		525 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
03e6eea86f4b1b3d4b201bf65fdc934dbdf58ef3a0cbd691120ad95b8cc3f4cf

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 30 Dec 2022 09:28:24 GMT
content-encoding
br
last-modified
Thu, 29 Dec 2022 10:23:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
x-cf-geodata
NZ
content-length
116652
expires
Fri, 30 Dec 2022 10:28:24 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		356 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
67ad5d1cae6d7b82fe6ba4008533dd6cf753d57af7cfc5d2a0aae08de058756d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119955
x-xss-protection
0
server
cafe
etag
3328174732651894141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame A94D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
73844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 12:57:41 GMT
etag
10353107486223812946
expires
Thu, 12 Jan 2023 12:57:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
84a2feeecad00b4f77b220b141e94fee.jpg
static.bg3.co/imgs/202212/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202212/84a2feeecad00b4f77b220b141e94fee.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4fd3b0481bf134ee0efc6bfab4d5200f.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4fd3b0481bf134ee0efc6bfab4d5200f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3f30a3eb59bbeec3fe7ed56b7443060a.jpg
static.bg3.co/imgs/202211/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202211/3f30a3eb59bbeec3fe7ed56b7443060a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
00dacf9427a79118b0900c317d7533b8.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/00dacf9427a79118b0900c317d7533b8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
04679f71a5353d471fb2734b26d5792d.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/04679f71a5353d471fb2734b26d5792d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
69f1e4d67d339210f2922970df98cc21.jpg
static.bg3.co/imgs/202201/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/69f1e4d67d339210f2922970df98cc21.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
807ef53126bfcc5e50ff2d76c4221470.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/807ef53126bfcc5e50ff2d76c4221470.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
03b5fefa9e62d6c791c8f34e44aba2af.jpg
static.bg3.co/imgs/202212/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202212/03b5fefa9e62d6c791c8f34e44aba2af.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7c7357a333b3f9af3501219a3201f7bd.jpg
static.bg3.co/imgs/202212/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202212/7c7357a333b3f9af3501219a3201f7bd.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
996a8d1569ad1df7b88e319a777a8846.jpg
static.bg3.co/imgs/202206/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202206/996a8d1569ad1df7b88e319a777a8846.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1644dadde6b663f31eb9ff5268aed6ff.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1644dadde6b663f31eb9ff5268aed6ff.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
65541b633735c6c0368a583b2282cc14.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/65541b633735c6c0368a583b2282cc14.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3ea4b6a59c8ba3059fb50f2cd8c0cb9f.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/3ea4b6a59c8ba3059fb50f2cd8c0cb9f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fc3df509db50a7c8975b2abd587531bc.jpg
static.bg3.co/imgs/202109/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/fc3df509db50a7c8975b2abd587531bc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0aa0fdc11c230d5d54f347d2852681ad.jpg
static.bg3.co/imgs/202212/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202212/0aa0fdc11c230d5d54f347d2852681ad.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d890adb2cee66d5527d37756a7c31451767903ffcc0f7063cb923043db885c25
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 00:32:48 GMT
age
204939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
server
sffe
etag
"2822a89a04832126"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 00:32:48 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
37f6ae60595a0d47a07f29de8025c7f9023ede6b23230df0af72a9698c7ca849
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 00:32:48 GMT
age
204939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23078
x-xss-protection
0
server
sffe
etag
"e8aa1933667594a4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 00:32:48 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
bc32880b79418d26e0086d338a2c349a23190a91d9511a9bbc5e2e1cdbc19dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
477
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
17ad2ba9644dc2e2245219e384abf35638308374aad83151d64b9af2cd0d7e7d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 00:32:48 GMT
age
204939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3930
x-xss-protection
0
server
sffe
etag
"e11794ea739ab772"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 00:32:48 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10903
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BLyZeTfeYZ39Iy82CiWs%2FWr309lOi42wnKyX9xpanntyGinLy00wj5IDQVMNyD9UtSVO2QPTtziMD4%2BfXAe1cF61f45LlyOdg5i6H0xVxvwmJdTUHiuEs5Mo5xJrcZKbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7819bec3fe88a95b-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:25 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:25 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4934025891458347&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:25 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7557332017931084&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:25 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:27 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMv6up0GEogBCiQ4NzM3MjVlNy1iZDE0LTQ3ODEtYTc3Zi1jN2FlZjZkNTg0OTAQ+OiCoKvU+wIaBgi73rqdBiINMTE2LjkwLjc0LjE5NiiAoAMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGFhZjg0ZDFmLWFjOGEtNDQyNS05NWE5LTRmOWU5YWE1YzkwMhi46QEiGAgCEhRjZHMyMTAubGEzLmh3Y2RuLm5ldA==.uR3IHsnnZVIV+hXC40b22xkyp6TyhI67Z2A2azmZu28=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1672392507.dop008.la3.t,1672392507.cds241.la3.hn,1672392507.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
87e708d4895549290624cdda1268bba48ae78ab289a955f39b2adf8d54fdf5fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 00:32:52 GMT
age
204935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10271
x-xss-protection
0
server
sffe
etag
"07afe8ec7a5b890f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 00:32:52 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:27 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMv6up0GEogBCiRiNjVlNmNmZi01YzUzLTQ2ZjEtODM2My1jODA2NWUxY2Y1ZGYQ+OiCoKvU+wIaBgi73rqdBiINMTE2LjkwLjc0LjE5NiiAoAMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGQxNjBlZTg5LWU4MWItNDEwYS05ZDVhLWJkMmU0MmY2MWQ2Mhib8QEiGAgCEhRjZHMyNjcubGEzLmh3Y2RuLm5ldA==.ZyhqohYfIighwRUNiIDoXTPA85X+wEMJksuErUyLf/E=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1672392507.dop008.la3.t,1672392507.cds241.la3.hn,1672392507.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0FAF 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
7815887f3bf038d92dcbb3ae1455da4417c3365dce5045316972ba448a098b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34202
x-xss-protection
0
server
cafe
etag
13644114262575156446
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:25 GMT
gtag.json
cdn.ampproject.org/rtv/012211302304002/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 05:33:16 GMT
age
186910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"57cb31050eaf5482"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 05:33:16 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ Frame 0FAF 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071276
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
1044d391e0a5f737fb31aac022baa383dc3b166b5224adbb59009c8da7c82bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119787
x-xss-protection
0
server
cafe
etag
1038788113263940981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:27 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3C2E 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
2591854729275112dd7f2b4c4a9cca06df274a4248d5d9cb9b7aba68f9351e70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34203
x-xss-protection
0
server
cafe
etag
12306657900255409030
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:25 GMT
cookie.js
partner.googleadservices.com/gampad/ 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-5961800537962381&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
9e41acae3b9dbcfc0aa7551c2f6a26da03a1b622e9c69868171d7378565881c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 452C 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1672392505&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392504417&bpp=4&bdt=1271&idt=1531&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4854653267089&frm=20&pv=2&ga_vid=530218868.1672392506&ga_sid=1672392506&ga_hid=272360328&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071269%2C44780792&oid=2&pvsid=2647320976429856&tmod=67124949&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1555
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:26 GMT
expires
Fri, 30 Dec 2022 09:28:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 8DB1 		714 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
11027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7819becada41a835-SYD
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 09:28:26 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtTqsDub2vbqVXnXTO%2BGYkJB7hPQVGsjXy3LLPJ3vfy7uHMAZUzF6UpLLCSHv1L9Nz%2BUPQIvB9x100FvP7TLoepbW1XGChrDuccCGPy7q1kkPCmxg%2BzphzFfUwgYmtpkbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:27 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 7C8A 		714 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
11027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7819becada48a835-SYD
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 09:28:26 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDAKr1zua13ejhu%2Fzq60iTktaaKZi2aHVoQ2I8sFTK8L21XS7fIMer7P6W3HEloorPn931jsrZ52cbaiK1x2lJNCrVwMQrFBmENyEalNJCZ4v4ADFc1p%2F47EajoEpKuftA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8DB1 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
3bd3fb9f25b8c4b6741c0430c375f4b4b14f9a0c03779ac6bd228cea036f04e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27544
x-xss-protection
0
server
sffe
etag
"1436 / 432 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Dec 2022 09:28:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7C8A 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1436 / 83 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Dec 2022 09:28:26 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ Frame 3C2E 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
605dd6345d41bd062385a3168ec71dac45bedf26b0962376e1a72d9de7f02702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120010
x-xss-protection
0
server
cafe
etag
13988750286847278794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:27 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Fri, 30 Dec 2022 09:28:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 7C8A 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 18:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Dec 2023 18:04:57 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=2023%E5%B9%B4%EF%BC%8C%E5%93%AA%E4%BA%9B%E8%B3%BD%E4%BA%8B%E5%80%BC%E5%BE%97%E6%88%91%E5%80%91%E6%9C%9F%E5%BE%85%EF%BC%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-JbCM8S2p4s8WEXQP6F_HBA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.4362982537803397&gjid=0.7953299197975645&_r=1&a=3610&z=0.9515017679628908&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
c8c525c55cf82a2b7abf6fbfb179c7b8c21f0ae7efef5ddc53372422440444ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Dec 2022 09:28:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7852
x-xss-protection
0
server
sffe
etag
"c0564ce6402f500c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Dec 2022 09:28:27 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211302304002/v0/ 		215 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304002/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
2400797e6cdc3aa0e87ecfcf346be3ddf2179ec973448a82a260c562061a7c0a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 00:33:35 GMT
age
204892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57898
x-xss-protection
0
server
sffe
etag
"477261eabf4dff2e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Dec 2023 00:33:35 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 8DB1 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 07:43:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 25 Dec 2023 07:43:53 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-22684713342858665507.ampproject.net/2211302304002/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-22684713342858665507.ampproject.net/2211302304002/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
block.jpg
delivery.adrecover.com/ 		631 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1672392508131
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 30 Dec 2022 09:28:29 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Fri, 30 Dec 2022 10:28:29 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0FAF 		12 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 0FAF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0FAF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 342B 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
01d8c417d836b59777b1808fa9d8b91e510044284efb86681fbe72d14f79f0bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11843
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:28 GMT
expires
Fri, 30 Dec 2022 09:28:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 3C2E 		12 B
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 3C2E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3C2E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame F787
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
714
content-length
673
content-type
text/html
date
Fri, 30 Dec 2022 09:18:58 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
x-amz-cf-id
WbWg0bQzdM_cS0cbz3FbNlgIBrprfeKqZkQNtO_K_ClVAuv2RxLzuA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:28 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 7C8A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7C8A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C8A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=3978524261807149&vrg=2022120501&nw_id=18087395&nslots=1&eid=31071297%2C31071299&pub_url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&sig=0&req=0&req_cnt=1&dm=8
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 7C8A 		491 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3978524261807149&correlator=1893449313013085&eid=31071297%2C31071299&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1672392508349&lmt=1644386353&dlt=1672392506146&idt=2179&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=p8d0nsl93uy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1956108608.1672392508&ga_sid=1672392508&ga_hid=413992143&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
5dbd18add5d2b0f498b6927484a6a31903a170d91aab74a7c15f79209be9bf8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b42aaf6a07e9ee7ac6737a1c2d04fe62.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D1CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b42aaf6a07e9ee7ac6737a1c2d04fe62.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:29 GMT
expires
Sat, 30 Dec 2023 09:28:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
94168
expires
Sat, 30 Dec 2023 09:28:30 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
211
expires
Sat, 30 Dec 2023 09:28:30 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
18371
expires
Fri, 30 Dec 2022 10:28:30 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
ca7afd434acdde7c05ee72923d5c806c32b95a42e3209283e0b30adb87384db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1436 / 702 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Dec 2022 09:28:28 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzIzOTI1MDg1MTgsInBhY2tldElkIjoiMDAwMEE3MDEtYzc3ZjM1NTQtMDZlYS00YWE3LTljMDctMmQyYTBiNTFkM2YyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjNuaWFuLW5hLXhpZS1zYWktc2hpLXpoaS1kZS13by1tZW4tcWktZGFpLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=6803.60000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzIzOTI1MDg1MTgsInBhY2tldElkIjoiMDAwMEE3MDEtYzc3ZjM1NTQtMDZlYS00YWE3LTljMDctMmQyYTBiNTFkM2YyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjNuaWFuLW5hLXhpZS1zYWktc2hpLXpoaS1kZS13by1tZW4tcWktZGFpLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=6804.200000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzIzOTI1MDg1MTgsInBhY2tldElkIjoiMDAwMEE3MDEtYzc3ZjM1NTQtMDZlYS00YWE3LTljMDctMmQyYTBiNTFkM2YyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjNuaWFuLW5hLXhpZS1zYWktc2hpLXpoaS1kZS13by1tZW4tcWktZGFpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D&c_b=6804.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:40 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
11201
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Fri, 30 Dec 2022 13:28:30 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzIzOTI1MDg1MjMsInBhY2tldElkIjoiMDAwMEE3MDEtYzc3ZjM1NTQtMDZlYS00YWE3LTljMDctMmQyYTBiNTFkM2YyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjNuaWFuLW5hLXhpZS1zYWktc2hpLXpoaS1kZS13by1tZW4tcWktZGFpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=6809
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzIzOTI1MDg1MjUsInBhY2tldElkIjoiMDAwMEE3MDEtYzc3ZjM1NTQtMDZlYS00YWE3LTljMDctMmQyYTBiNTFkM2YyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjNuaWFuLW5hLXhpZS1zYWktc2hpLXpoaS1kZS13by1tZW4tcWktZGFpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=6811.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ Frame 8DB1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8DB1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8DB1 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3505480435714787&correlator=1905844533557325&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1672392508556&lmt=1644386353&dlt=1672392506138&idt=2397&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=9ko979peggxt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1528881702.1672392509&ga_sid=1672392509&ga_hid=1452347509&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
cd574b9c19e9e70a5444bfcecaa9d52e74fc96030a46fb685cd48ab160984ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9fb94f345e7c082e57f78cb003f3d3b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9fb94f345e7c082e57f78cb003f3d3b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:29 GMT
expires
Sat, 30 Dec 2023 09:28:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 60C6 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211302304002/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
d8f0f698caefe3d120c885d688095fd472746cead805b5a688fac21312f82bd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
13175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:28 GMT
expires
Fri, 30 Dec 2022 09:28:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 342B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:10:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 342B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTX3SPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSDAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJkkVOOCCsyEssoER2WlaAg94EaMKuTA8McygXR-Eslrp83Ibl6AcKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=P_Uuike7cEw&uach_m=[UACH]&cid=CAQSPADq26N9do9q0aV4gD2j1xYhR8a7zN684zhbsJ7XiHwwPkMTD0fqfxQjeWiOUqwFzOobjumcMj9ZjcvlSxgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 30 Dec 2022 09:28:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 342B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-qNEp_IC9ACmAJi-C0SAgAAACE5AQwCW-6IaYoBMWU3JEEQO6-uYwehLnmhqIzgmRDAABIAAA&wp=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
172123
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 2BCA 		138 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
64d63d999add09579786354f515ea6d984d4dd741c5ad004f531c51f7554a012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:28 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=ygYrYnqK3Sru1nCy3WltyGjLLTBksgGZlV062rP7eN189PJnVYMu3j9-zVxBVDfQU191VC_cSM4yNvwwOtOe9J_9eGN6LkHG01TogdyVlFljzKiXednJAhInB2Iwwd2yojhb1GeUxPymHpHypv4bAI3ShhHgpZDREwiRneQY7R7gc7nQx9RbMhEvuFyaHbL-HmrXu3pmGti43_5UIeJJ04P8ftJRkuUvpBmswZWCQSl62Yr76b2aQ4us1gFmVKdMy24TAesy7RSzj27T"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
57411490
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D9AB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
84410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 10:01:38 GMT
etag
48472445140208031
expires
Fri, 30 Dec 2022 10:01:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 342B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:10:31 GMT
l
www.google.com/ads/measurement/ Frame 342B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZ5qfSGp6Mi7QbR1jVCKG4Wnp2RpaMJMbViBOTVuICJ9vTVCNsNWOdVlLN3Je-aJODz8KxZDnfO1t2GEOtABERuBIULg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 342B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:29 GMT
dpixel
cms.quantserve.com/ Frame D9AB 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOVqIExjpkD4Dmw1Pc1C1YE&google_cver=1&google_push=AavPq0OagTC3xTq0YotByJIA9mGcMdaszaL3emOZWzUA4Vmie3VK1L-RoWibCYtUpOiSK-tNCw3DITDZ6P58WSHRxDpdEjD8q_ZCqg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D9AB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHTR_3V6xFJ_o9hR-dN025w&google_cver=1&google_push=AavPq0PqTkDgqzPrhF1CB2f0u_UAcLtkh9zhxHuHo1o5BGTVdxYWPlw1mv7bltZGaWk22RX9w5Tb1Xcjd-WfFWp0pcEsfGAIGYFcfw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=31CB8A23053C483D935929F708821FAF&google_push=AavPq0PqTkDgqzPrhF1CB2f0u_UAcLtkh9zhxHuHo1o5BGTVdxYWPlw1mv7bltZGaWk22RX9w5Tb1Xcjd-WfFWp...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=31CB8A23053C483D935929F708821FAF&google_push=AavPq0PqTkDgqzPrhF1CB2f0u_UAcLtkh9zhxHuHo1o5BGTVdxYWPlw1mv7bltZGaWk22RX9w5Tb1Xcjd-WfFWp0pcEsfGAIGYFcfw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 30 Dec 2022 09:28:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=31CB8A23053C483D935929F708821FAF&google_push=AavPq0PqTkDgqzPrhF1CB2f0u_UAcLtkh9zhxHuHo1o5BGTVdxYWPlw1mv7bltZGaWk22RX9w5Tb1Xcjd-WfFWp0pcEsfGAIGYFcfw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 29 Dec 2022 09:28:29 GMT
pixel
cm.g.doubleclick.net/ Frame D9AB
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEFe6WYXF2S3Y5PbpBRfmPiA&google_cver=1&google_push=AavPq0Pljxb_yDaMlbUeZyslNFevx9ZaoPpFwtxCdRiIcFlSuwQQQMitxBMGveefvQ6Ieb-f55cGUkLIVKumynnotuY3TRVu...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0Pljxb_yDaMlbUeZyslNFevx9ZaoPpFwtxCdRiIcFlSuwQQQMitxBMGveefvQ6Ieb-f55cGUkLIVKumynnotuY3TRVuFh5RsA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0Pljxb_yDaMlbUeZyslNFevx9ZaoPpFwtxCdRiIcFlSuwQQQMitxBMGveefvQ6Ieb-f55cGUkLIVKumynnotuY3TRVuFh5RsA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0Pljxb_yDaMlbUeZyslNFevx9ZaoPpFwtxCdRiIcFlSuwQQQMitxBMGveefvQ6Ieb-f55cGUkLIVKumynnotuY3TRVuFh5RsA
Date
Fri, 30 Dec 2022 09:28:33 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
sync
gdn.socdm.com/rtb/ Frame D9AB
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEF3em4S9A2U-1xH7Vax0ElE&google_cver=1&google_push=AavPq0MNLqIQl0OQC441YglvF4IRm3AZ0jd6htCT5EqT6qC5PyS1kaVd-aOIeujKrLfCK...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTY2dlBjQ284WHdBQUdsZVlUc0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEByrDQFFEsp_8G9bJDGxm9w&google_cver=1
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEByrDQFFEsp_8G9bJDGxm9w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
HTTP/1.1
Server
202.241.208.4 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:31 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEByrDQFFEsp_8G9bJDGxm9w&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.196","key":"Y66vPcCo8XwAAGleYTsAAAAA","privacy_sensitive":false,"uid":"Y66vPcCo8XwAAGleYTsAAAAA","upstream_id":"a-ad40014"}
X-SO-Key
Y66vPcCo8XwAAGleYTsAAAAA
X-SO-Upstream-ID
a-ad40014
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40014.dc2p.scaleout.jp
X-SO-UID
Y66vPcCo8XwAAGleYTsAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
116.90.74.196
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
8
X-SO-LB-Hostname
a-ng40015.dc2p.scaleout.jp

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEByrDQFFEsp_8G9bJDGxm9w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D9AB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGHMFRa0-RSXYizf3JE_NWs&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGHMFRa0-RSXYizf3JE_NWs&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGHMFRa0-RSXYizf3JE_NWs&google_hm=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&google_nid=index&google_push=AavPq0N5zbt_Atd9twIL25u0wooufSE6qw-_n...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGHMFRa0-RSXYizf3JE_NWs&google_hm=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&google_nid=index&google_push=AavPq0N5zbt_Atd9twIL25u0wooufSE6qw-_nLgY3xC4EjNyt1u215RrgMqyyW98-ZWyHeaCFMU0-xPQMxLSpy4OIpLp-O4D3BsW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCDIYO1Ztj1BCF3Wpv%2B2yREJHRoyCJWK7zJaz9meCK0lhc3ascnRduSdzmdZyk1oyQ0u5eobkFjMheAMRzueQ1Eyx2d7XbWveNvOI%2Bya61%2BJjejtxKtPfjR43aXGg8qJazaz2VODPc7Sbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGHMFRa0-RSXYizf3JE_NWs&google_hm=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&google_nid=index&google_push=AavPq0N5zbt_Atd9twIL25u0wooufSE6qw-_nLgY3xC4EjNyt1u215RrgMqyyW98-ZWyHeaCFMU0-xPQMxLSpy4OIpLp-O4D3BsW
cache-control
no-cache
cf-ray
7819bee18f8a1c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame D9AB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECy-2XyhXYjfQfi62zS26D0&google_cver=1&google_push=AavPq0OxW-72hiYwkbufKUUcy0HaTZ-TqWh-sJvMpPXKU3MX8WuBQp9_6rINwvsWxZZ1SeyyRp...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECy-2XyhXYjfQfi62zS26D0&google_cver=1&google_push=AavPq0OxW-72hiYwkbufKUUcy0HaTZ-TqWh-sJvMpPXKU3MX8WuBQp9_6rINwvsWxZZ1SeyyRp...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hWDV2Wm01RTJ1RWZhbkdPaVhOZ3V3bzBkNkhISVpYWX5B&google_push=AavPq0OxW-72hiYwkbufKUUcy0HaTZ-TqWh-sJvMpPXKU3MX8WuBQp9_6...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hWDV2Wm01RTJ1RWZhbkdPaVhOZ3V3bzBkNkhISVpYWX5B&google_push=AavPq0OxW-72hiYwkbufKUUcy0HaTZ-TqWh-sJvMpPXKU3MX8WuBQp9_6rINwvsWxZZ1SeyyRpI-q-QnN6fcaRAe0Gd2OXb-HbCZDDw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hWDV2Wm01RTJ1RWZhbkdPaVhOZ3V3bzBkNkhISVpYWX5B&google_push=AavPq0OxW-72hiYwkbufKUUcy0HaTZ-TqWh-sJvMpPXKU3MX8WuBQp9_6rINwvsWxZZ1SeyyRpI-q-QnN6fcaRAe0Gd2OXb-HbCZDDw
date
Fri, 30 Dec 2022 09:28:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame D9AB
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIuNicz0S...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIu...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2d843f2c-c6f7-4311-a7de-e85a87b69e25&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2d843f2c-c6f7-4311-a7de-e85a87b69e25&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2d843f2c-c6f7-4311-a7de-e85a87b69e25&%%GOOGLE_PUSH_PAIR%%
Date
Fri, 30 Dec 2022 09:28:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame D9AB 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItFD-n-wD_INiUq9TfSKLrGy-r6VXmAFl-BQx7DzE-RNZK5ga1FgpocZcU5znYdHnHHFCdlGA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 60C6 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyEh1PK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSJAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIyc6XybilOJPR-cqVFrWbiUyDkblrUjlh2Wo51OfTgNkXEfogcuiABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMjE2MjMxOTM1NzEzMDM4GAA&sigh=FtbgRMaiiGc&uach_m=[UACH]&cid=CAQSKQDq26N9Kbu2se3XUF8LkktN4HpFQQW-Ip28ggPF-QPksXVvlaJnMgLfGAEgEw&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 30 Dec 2022 09:28:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 60C6 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=keq3D6OzWZAD-gFi-C0SAgAAAOoeEzCFSzSxT5CX6RA8r65jMM7T6oZk-pCP04YAEgAA&wp=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
158236
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 648F 		208 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
03c3a154afa6115b410d38b8d1b3f845ba143e73f0a14ff87e0a06bf4e7daa9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:29 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=6LSk3XqK3Sru1nCyeGDN93bPKLinDWR5dBNy9l_knFqM7VZKD2azjIPuO0qrvBBwuoLkm0MiP-4dm6kj1KE2pnJGr5kTgZsoGaflLfVmIYi0CpzaFRA51L9jBj5qDuWDTVVc03OHaz-rlzNraxH6TYbybm-LsZ-fEwTbbJZ2yiK__gxlSSwryq9y5TawPXxywkcjSjb3yhPoeYnd2vUkDtp7hN79zgMAvdzTMTeec6cSvrjC4QkOvgD-kqOIYQ8w03FSEA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
101575669
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 60C6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:10:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4F1C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
84411
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 10:01:38 GMT
etag
48472445140208031
expires
Fri, 30 Dec 2022 10:01:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 60C6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:10:31 GMT
l
www.google.com/ads/measurement/ Frame 60C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSO71IggdZTPlI3MoJalQ2k-rc1nBDsDls306Yz5sjVnr3AyzXZEtuSAX6zr4RslAFHy294CkL01hj32yWtMP069RvXrA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60C6 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7C8A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
52bec2060b214433df2f44f9a6355eadbf21b7a36e2987c00b7b96c3b72caefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12589
x-xss-protection
0
pubads_impl_2022120701.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 18:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132289
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Dec 2023 18:04:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		134 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80
x-xss-protection
0
expires
Fri, 30 Dec 2022 09:28:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8DB1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
6f6bffd21ca2ebe90d8a49749b2945398116dcdc46ded782f854cd1365811d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12457
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4F1C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELz-68J9x390JUfKiROaWZI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELz-68J9x390JUfKiROaWZI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RlRLdmF1ZU4xUGJiR0s1&google_gid=CAESELz-68J9x390JUfKiROaWZI&google_cver=1&google_push=AavPq0P_Izj0jgVfa_8AfYw8ntf-jbUOuWvw54L_LzaHaa1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RlRLdmF1ZU4xUGJiR0s1&google_gid=CAESELz-68J9x390JUfKiROaWZI&google_cver=1&google_push=AavPq0P_Izj0jgVfa_8AfYw8ntf-jbUOuWvw54L_LzaHaa16364dopgdwZ27QPcXM9GrxMGEZC-EDo-jljcGc8YWo2Ad89Rp7DHLLY5OTjAPA0Z1I8LtH9BBeBQvJBtO7Tl040JP5hdMgP3N2ym--VYzl10E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:30 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0cfbcc7100bd67995@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RlRLdmF1ZU4xUGJiR0s1&google_gid=CAESELz-68J9x390JUfKiROaWZI&google_cver=1&google_push=AavPq0P_Izj0jgVfa_8AfYw8ntf-jbUOuWvw54L_LzaHaa16364dopgdwZ27QPcXM9GrxMGEZC-EDo-jljcGc8YWo2Ad89Rp7DHLLY5OTjAPA0Z1I8LtH9BBeBQvJBtO7Tl040JP5hdMgP3N2ym--VYzl10E
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F1C
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEIGxlitbmT_B4bSjDJJhWCI&google_cver=1&google_push=AavPq0NVC5M46vjCSMAmawKj7kjxZFTT1T_iHosxzG3iNMqWQANkMh0wxS2oGOp26TQy1-3aLqOzWBo...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0NVC5M46vjCSMAmawKj7kjxZFTT1T_iHosxzG3iNMqWQANkMh0wxS2oGOp26TQy1-3aLqOzWBobMWO7ZfK81e5BmD7R8rGxKaOJiy18pnxIOhU32iOgbQ0D_pTg...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0NVC5M46vjCSMAmawKj7kjxZFTT1T_iHosxzG3iNMqWQANkMh0wxS2oGOp26TQy1-3aLqOzWBobMWO7ZfK81e5BmD7R8rGxKaOJiy18pnxIOhU32iOgbQ0D_pTgB91RhMOHm_tP9Rzi-TiaaN1UEpr3ag&google_hm=gsTMyvPGTVKBGRdWKDs7e8Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0NVC5M46vjCSMAmawKj7kjxZFTT1T_iHosxzG3iNMqWQANkMh0wxS2oGOp26TQy1-3aLqOzWBobMWO7ZfK81e5BmD7R8rGxKaOJiy18pnxIOhU32iOgbQ0D_pTgB91RhMOHm_tP9Rzi-TiaaN1UEpr3ag&google_hm=gsTMyvPGTVKBGRdWKDs7e8Q
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F1C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHHdlhknNZ5P1d1R4VPS1-8&google_cver=1&google_push=AavPq0Puw6Mxh5xgQQNQj6HVc3svf4FYkNOlYMunHpFL1RjdsD4mL4Qyh5To1OzoQLMWcVL-QQR7P48wZo9DO...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEHHdlhknNZ5P1d1R4VPS1-8&google_push=AavPq0Puw6Mxh5xgQQNQj6HVc3svf4FYkNOlYMunHpFL1RjdsD4mL4Qyh5To1OzoQLMWcVL-QQR7P48wZo9DO...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Puw6Mxh5xgQQNQj6HVc3svf4FYkNOlYMunHpFL1RjdsD4mL4Qyh5To1OzoQLMWcVL-QQR7P48wZo9DO9X1nYqHlFE1AfdR2FBel1rxtpqtvwkbvdP6Ez5em6qWpK3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Puw6Mxh5xgQQNQj6HVc3svf4FYkNOlYMunHpFL1RjdsD4mL4Qyh5To1OzoQLMWcVL-QQR7P48wZo9DO9X1nYqHlFE1AfdR2FBel1rxtpqtvwkbvdP6Ez5em6qWpK3tZF5IWJIxQVFoKF_q-Qt6xlGowQ&google_hm=QTNDUDAwWm9INEJMOEFIWi1IT1o=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Puw6Mxh5xgQQNQj6HVc3svf4FYkNOlYMunHpFL1RjdsD4mL4Qyh5To1OzoQLMWcVL-QQR7P48wZo9DO9X1nYqHlFE1AfdR2FBel1rxtpqtvwkbvdP6Ez5em6qWpK3tZF5IWJIxQVFoKF_q-Qt6xlGowQ&google_hm=QTNDUDAwWm9INEJMOEFIWi1IT1o=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
294
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F1C
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENCuLRBJJWbZGH7-bQUITIA&google_cver=1&google_push=AavPq0NfXAiNxHBOg9Z_61y10MVrFmciASJFVYKdBcZOzqqLrmh8RhbBOAtOjn_cEGgTXdkseR6pOWWgHLQaH93R...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fd6ddd27&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0NfXAiNxHBOg9Z_61y10MVrFmciASJFVYKdBcZOzqqL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fd6ddd27&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0NfXAiNxHBOg9Z_61y10MVrFmciASJFVYKdBcZOzqqLrmh8RhbBOAtOjn_cEGgTXdkseR6pOWWgHLQaH93RBo9VZWfEZX4zalEc2shl0zvTkskW_v8AcltbCVdFL4hPLmY46G2IhkVcpxoZ_TriwaG4Zw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 30 Dec 2022 09:28:30 GMT
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fd6ddd27&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0NfXAiNxHBOg9Z_61y10MVrFmciASJFVYKdBcZOzqqLrmh8RhbBOAtOjn_cEGgTXdkseR6pOWWgHLQaH93RBo9VZWfEZX4zalEc2shl0zvTkskW_v8AcltbCVdFL4hPLmY46G2IhkVcpxoZ_TriwaG4Zw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
C2eLsJ_NEBf0YR06pcd3qxPxo1aS-pyjYeEnw5VpyPinPz-JhyF6dg==
pixel
cm.g.doubleclick.net/ Frame 4F1C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHFt5pAPEJqbJFiEzXMDs60&google_cver=1&google_push=AavPq0PnMTQwxJrErTBskdXoLvGfJNWUAicFlLU7oiPjDseeM1fcx4BE5M-FrSsqTtN5rXA6MPUCKdhGcSz-...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJciqOvwZ6TE9p-dYOakVtO3wVcYhFvTg&google_push=AavPq0PnMTQwxJrErTBskdXoLvGfJNWUAicFlLU7oiPjDseeM1fcx4BE5M-FrSsqTtN5rXA6MPUCKdhGcS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJciqOvwZ6TE9p-dYOakVtO3wVcYhFvTg&google_push=AavPq0PnMTQwxJrErTBskdXoLvGfJNWUAicFlLU7oiPjDseeM1fcx4BE5M-FrSsqTtN5rXA6MPUCKdhGcSz-IS8BONwCAFtPUrTtdR8wARto-kiGLI_yw3eQ3DC_ToaifFV3drrOLlGn51rWglubDk8hxlZQsQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJciqOvwZ6TE9p-dYOakVtO3wVcYhFvTg&google_push=AavPq0PnMTQwxJrErTBskdXoLvGfJNWUAicFlLU7oiPjDseeM1fcx4BE5M-FrSsqTtN5rXA6MPUCKdhGcSz-IS8BONwCAFtPUrTtdR8wARto-kiGLI_yw3eQ3DC_ToaifFV3drrOLlGn51rWglubDk8hxlZQsQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 4F1C
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEEf_ghogWvFHOGo-PIeebBQ&google_cver=1&google_push=AavPq0NfrlFKX-82nCuJYj0kvNIiTbHfnrK56ZZ3DPR4eTVAsVbEGxBmquFGWhNhg9DWgzV9isTI7pcYEinHUrQLzASatT2rERk...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NfrlFKX-82nCuJYj0kvNIiTbHfnrK56ZZ3DPR4eTVAsVbEGxBmquFGWhNhg9DWgzV9isTI7pcYEinHUrQLzASatT2rERkjtRgeZj5FZILtNu-NezKqx1Cj8C0uMx0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NfrlFKX-82nCuJYj0kvNIiTbHfnrK56ZZ3DPR4eTVAsVbEGxBmquFGWhNhg9DWgzV9isTI7pcYEinHUrQLzASatT2rERkjtRgeZj5FZILtNu-NezKqx1Cj8C0uMx0sXb3VxX9oec06QwViikkkfRw_HQ&google_hm=Z2I3N2ZjMDU4ODI5YTc4MzUwZjU=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:30 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NfrlFKX-82nCuJYj0kvNIiTbHfnrK56ZZ3DPR4eTVAsVbEGxBmquFGWhNhg9DWgzV9isTI7pcYEinHUrQLzASatT2rERkjtRgeZj5FZILtNu-NezKqx1Cj8C0uMx0sXb3VxX9oec06QwViikkkfRw_HQ&google_hm=Z2I3N2ZjMDU4ODI5YTc4MzUwZjU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 4F1C 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEKlr5a1JJ47uM-zfriME4vA&google_cver=1&google_push=AavPq0Pm8emm6NtCtXzzMLeBqxg8QX7JGziTLtQbBrgQwVVoLfy1htWlmJBWYQ5fTEBbx-R1ksndOYd_9l-FHUFYp4W3NSLI2jRjaRUR7MQOMT1QfRplizpJwibHgqQyOw30Z1UHTkFX33iFWQ4ThFdASboIvA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 4F1C 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMvtJ81r8Yp-JCaThn_uzgeuzJzza_x2OMdpVoiV-dQj9WwWOrbgUlaTD-NVeCAnXLyw_K
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3388732461442322289&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2621&oid=2&is_amp=5&amp_v=2211302304002&d_imp=1&c=82486003610&ga_hid=272360328&dt=1672392508308&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&bdt=5162&dtd=283&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7C8A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:29 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2BCA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 2BCA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2BCA 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Dec 2023 09:28:30 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2BCA 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Dec 2023 09:28:30 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 2BCA 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=FzPEMv75XM3tyKw0QFopdBT6cT26eh5sSk6Je8_HPFdXY3NVXbiR9g06Aee-z1t6U6sEfnB_1pRVjMRsXgXotu7vNZYsz9qrZg9lQP0GR9QcaIsAJ5WP131HYb39rF9d9HWKHtVe3HV9N5Zqbu4SHC2L2e0jyik8cvvPmnxF8EQN5AinO1vOcBbanrTeY97NS6McSlGcj8eicA_xdqS0VTraGh8sypEl04iYg-3HZ1mAX3v82qEgqBUuIykQe82eThDD77VLcZ4B_nUBxTNW-9Xl6dvq22twr3CMFbYgv0IbA-pnNxxuEAFdKBfELZOffXxm9yFJKUwSnjEkRHRQ0kcj-zA3QCL7p987CoxXgsal5IhGB3THLQvpvnYYlCCCQmED8ARRBdBmD-merWYUmi2r1cJ7cu1JKVHTjv6UC8Z9FID3
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2943142
expires
Mon, 26 Jul 1997 05:00:00 GMT
795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
static.criteo.net/design/dt/ Frame 2BCA 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-cbac"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
static.criteo.net/design/dt/ Frame 2BCA 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-50d0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F787 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
2a4e6c69cc39d554eefc3ea0a07c0c4895f24efed7e6863774d985d7c8b1cb5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34149
x-xss-protection
0
server
cafe
etag
7569131572984449390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:29 GMT
truncated
/ Frame 342B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad1d00d4ac69a44594354178d8f79b0d28a7ee251b355a4804a803fef49d5d77

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 60C6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cc461ea39786f400d7b380f9d0b96c228e4135b85ca90a1b5f12fafab342d8a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2BCA 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1262389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APj86H5da7r9SinsOjUBkFqQea0A4mhSZILZ8JX%2F1v9jzDicVnvEa4SBU2w8HKufLpecLJasmczEflv3v%2FwX3h76YTbH1sArDDX6xl0DHKq2NzcAaxi3mA%2FUCEO6qbPVtRJ0Ey2k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7819bee77cceab02-SYD
expires
Wed, 20 Dec 2023 09:28:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8DB1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF77 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
20566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 03:45:44 GMT
expires
Sat, 30 Dec 2023 03:45:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E895 		783 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
17bda91f3d4a1e42de95609789f76c68a0f5098f6a498a499d71a9dc11a14b7a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p7l94g-wFT9yachRSib-Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-p7l94g-wFT9yachRSib-Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:29 GMT
expires
Fri, 30 Dec 2022 09:28:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame F787 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
67ad5d1cae6d7b82fe6ba4008533dd6cf753d57af7cfc5d2a0aae08de058756d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119955
x-xss-protection
0
server
cafe
etag
3328174732651894141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:30 GMT
animejs.js
static.criteo.net/animejs/ Frame 2BCA 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
0de3566013914383836dcf943517c81f_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221214/ Frame 2BCA 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221214/0de3566013914383836dcf943517c81f_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
5b0570558c1b63c5569392865cad79234d882182c6b8c7da8e4abfe09ac6c7b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 14 Dec 2022 10:42:46 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6399a8a6-f547"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
62791
expires
Mon, 25 Dec 2023 09:28:30 GMT
img
pix.as.criteo.net/img/ Frame 2BCA 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=152&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=668&s=Plfybc99RBiiwXw0FK6zcWVJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28572883
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23355
expires
Sun, 26 Nov 2023 02:23:14 GMT
img
pix.as.criteo.net/img/ Frame 2BCA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5638549_png%2Fconstella-cocktail-ring--square-cut--pav%25C3%25A9--white--rhodium-plated-swarovski-5638549.png&v=3&w=400&s=fQ3-6PXs7VJfnvFdyormaSm6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
18071e0dceff5f97d6fe9b82ad8f347a1ffe89e2c2b6ecd1d66b4d7194ac383e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29575114
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17380
expires
Thu, 07 Dec 2023 16:47:05 GMT
img
pix.as.criteo.net/img/ Frame 2BCA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5636415_png%2Flilia-y-necklace--butterfly--white--rhodium-plated-swarovski-5636415.png&v=3&w=400&s=pS4m3JJ5dGukQ866z8MxnAls&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e01036e9c78592783e0e017aed0548c58bb66d33b7d908556da46cc847c5bf7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29307287
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3588
expires
Mon, 04 Dec 2023 14:23:18 GMT
img
pix.as.criteo.net/img/ Frame 2BCA 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5611171_png%2Fcrystal-myriad-adhimu-swarovski-5611171.png&v=3&w=400&s=tdbHVjDfT3Q7ZBVTD3OmUJX2&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9300b5131fa1e8c938b2a9d8e2a26f9dfba67370ffe110c56e9f8c8fe9e9b96d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29641535
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11186
expires
Fri, 08 Dec 2023 11:14:06 GMT
all
csm.as.criteo.net/ Frame 2BCA 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=ygYrYnqK3Sru1nCy3WltyGjLLTBksgGZlV062rP7eN189PJnVYMu3j9-zVxBVDfQU191VC_cSM4yNvwwOtOe9J_9eGN6LkHG01TogdyVlFljzKiXednJAhInB2Iwwd2yojhb1GeUxPymHpHypv4bAI3ShhHgpZDREwiRneQY7R7gc7nQx9RbMhEvuFyaHbL-HmrXu3pmGti43_5UIeJJ04P8ftJRkuUvpBmswZWCQSl62Yr76b2aQ4us1gFmVKdMy24TAesy7RSzj27T&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:31 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2BCA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:31 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2BCA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:31 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 648F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 648F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 648F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Dec 2023 09:28:30 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 648F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Dec 2023 09:28:30 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 648F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=OZZ0RYElDePKZ3120WZhJZSmYZ3krbCJSM7_WImk6sVtaZHMRSAGEQpuigqJgUnQjNFytJbwjgj9oXkzs2T0fwhUz0utiY8hcLlxbSRb-BLEXhohmNdeidL3HAhzV_n9xOtH_496iTdckoORXENvPpHcSBp_hzrBb4utiuqbUkQpToDWfmc-8T2A_92vsxFq-VVURKypQyfu5WRwdLCsVC-CS-joU3R_hvEYps4nqPNYja_a4ZTx64PaB22DaNr4rRwOh4Lq7ItL8XIvoLG7llysFoJAdLs40OpMFJPlu9R3RcwkfwrMzsuxhihhO0FpXHegAJpZ4hA6V94EnvrrTKE_9q8xGkuBJda49S1hY0OGmmUSgIiJiVo_1R4k9K_fUKw6IaxZK3O4kigCPqUgk6uwGGHeSuYOWOdtOsqj-TlFaMqE
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2687054
expires
Mon, 26 Jul 1997 05:00:00 GMT
cd2b67b7f79b4d29a7a07b01086a9d3b_futuralightregular.woff
static.criteo.net/design/dt/ Frame 648F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/cd2b67b7f79b4d29a7a07b01086a9d3b_futuralightregular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
bc8d3d86e78b202a5ef30d5ea26da6e86191717fed70b71081bea967bd4e0349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 28 Feb 2020 08:44:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e58d306-3c3c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 648F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1262389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BkPtd8ChE9QpnKc08DGDPMPvfveXMTHhBnTJk4zpfLLp2V040x3E%2FuECW%2FyFVYrW47jOFQSbYdX4K8SG0CscNpxCeg3wpaGL4W%2B5kTBYC9%2FAIauak2ptjFPR6%2Bsj9Ci4TuRhoFU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7819bee77cccab02-SYD
expires
Wed, 20 Dec 2023 09:28:30 GMT
animejs.js
static.criteo.net/animejs/ Frame 648F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E895 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3978524261807149&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
img
pix.as.criteo.net/img/ Frame 648F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=496&m=0&partner=68963&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F68963%2F200304%2Fdad297a61f234fbea85e974a560e9b6c_logo_n_vertical.png&v=3&w=196&s=sLSqpayHUVCKK-4EMrlAxZJu
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8c534949d07c05af442bba919bb35513a754a1fe8ecefc32aece8067477a2217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28592571
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5956
expires
Sun, 26 Nov 2023 07:51:21 GMT
img
pix.as.criteo.net/img/ Frame 648F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0068%2F0882%2F9999%2Fproducts%2Folive-top-02_grande.jpg%3Fv%3D1658878293&v=3&w=400&s=X6W8SJYPNr33injvxiRNyeZL&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c7a9ac5d12f027d56bb5300f3d9d977aa6e98f4b0f63920e37a79d4a1a622ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29206390
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9148
expires
Sun, 03 Dec 2023 10:21:41 GMT
img
pix.as.criteo.net/img/ Frame 648F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0068%2F0882%2F9999%2Fproducts%2Frust-top-03_grande.jpg%3Fv%3D1658875985&v=3&w=400&s=mphjmz1cD1-qx7Jd48w3TZEJ&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
59efc8772fcf7a6b28fe052066be54bef31f9c186bfa6580b4e0549c80252954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29554155
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8330
expires
Thu, 07 Dec 2023 10:57:46 GMT
img
pix.as.criteo.net/img/ Frame 648F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0068%2F0882%2F9999%2Fproducts%2FBYOB-nosticker-turmwht_grande.jpg%3Fv%3D1647226636&v=3&w=400&s=tuLolFUX428ymrhgPIHz9RmM&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
2e2a16d7b601d37237194f63c308549ef01b7cce55a421bfd0074b43d7619391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29258503
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17372
expires
Mon, 04 Dec 2023 00:50:14 GMT
img
pix.as.criteo.net/img/ Frame 648F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0068%2F0882%2F9999%2Fproducts%2FFLATSHEET01_fab8e8b7-6811-4464-b1ba-4e52974de1aa_grande.jpg%3Fv%3D1665612492&v=3&w=400&s=Rl4DZEYfUAF7vFolTLOgOBG_&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
442048a0e9bba6bbebf1778d2c99cf486c6ed737303ea69d2ce0f3b52a50c8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31124119
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4896
expires
Mon, 25 Dec 2023 15:03:50 GMT
img
pix.as.criteo.net/img/ Frame 648F 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0068%2F0882%2F9999%2Fproducts%2Flavender-top-03_grande.jpg%3Fv%3D1658878268&v=3&w=400&s=Da8zGd00LtakUf9XR7OA1hl2&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a1e52980bf76d3ffcfa2ba699b8081567c3beb7f76960a18bd57885635cda72c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29236281
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7646
expires
Sun, 03 Dec 2023 18:39:52 GMT
img
pix.as.criteo.net/img/ Frame 648F 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0068%2F0882%2F9999%2Fproducts%2Fhaz_terra_new_grande.jpg%3Fv%3D1670212155&v=3&w=400&s=ROHrET6JTbGsoC3-0elu7nyY&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
1ff10f8f5b12e998c22541bc3b25d4df17071595e616b454934c455783b874bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29617418
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19122
expires
Fri, 08 Dec 2023 04:32:09 GMT
img
pix.as.criteo.net/img/ Frame 648F 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0068%2F0882%2F9999%2Fproducts%2Fpinkclayhazelnut_grande.jpg%3Fv%3D1663907706&v=3&w=400&s=YhhsnMw2WySvyo2VZc7Ldm3I&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e5ed7ee241e2ed96eedfb2935a39ca60c8b705129b7e8d0f7907577bd50415ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28950024
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11656
expires
Thu, 30 Nov 2023 11:08:55 GMT
img
pix.as.criteo.net/img/ Frame 648F 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0068%2F0882%2F9999%2Fproducts%2Flauren_free_01_grande.jpg%3Fv%3D1649825937&v=3&w=400&s=pUWDzbvJIRsN0VIN_eQ4OX0Z&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c709ea195bac6707f0c4dbb252bbb55b3d125cc08c6d534ba846d7e91699b5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30839260
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34850
expires
Fri, 22 Dec 2023 07:56:12 GMT
all
csm.as.criteo.net/ Frame 648F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=6LSk3XqK3Sru1nCyeGDN93bPKLinDWR5dBNy9l_knFqM7VZKD2azjIPuO0qrvBBwuoLkm0MiP-4dm6kj1KE2pnJGr5kTgZsoGaflLfVmIYi0CpzaFRA51L9jBj5qDuWDTVVc03OHaz-rlzNraxH6TYbybm-LsZ-fEwTbbJZ2yiK__gxlSSwryq9y5TawPXxywkcjSjb3yhPoeYnd2vUkDtp7hN79zgMAvdzTMTeec6cSvrjC4QkOvgD-kqOIYQ8w03FSEA&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:31 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 648F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 648F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:30 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame F787 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F787 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame 9595
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
925
content-length
801
content-type
text/html
date
Fri, 30 Dec 2022 09:13:15 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
x-amz-cf-id
H1RjRoFw9CeR81801CY5368oHIwbcrb4AfQTE1C9EO80QsGnaQlwsw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:30 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E8C2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
20566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 03:45:44 GMT
expires
Sat, 30 Dec 2023 03:45:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 976E 		783 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
568f4728ef82c64a5b4ccd6565aee3fac824d4b22da2b25fc346b9735d4b8dd4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ErD-_dY4RNVxnzI0tMkWqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ErD-_dY4RNVxnzI0tMkWqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:30 GMT
expires
Fri, 30 Dec 2022 09:28:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame AF77 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 19:36:24 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221230
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0a46e89e7d29cfda66c551f121a219b17e00e7cb48a29ba291c29d6ea9779408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 09:28:31 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
19660
x-jsd-version
1.0.1571
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
924
x-served-by
cache-fra-eddf8230021-FRA, cache-fty21338-FTY
x-jsd-version-type
version
etag
W/"66a-HE3Uuko0vbarPTaoqU4jwW4OFOA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.111.79 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-111-79.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=12857621877
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.119.72 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-119-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 30 Dec 2022 09:28:31 GMT
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d15518da-86ed-45a0-97cd-f9db245a672d%2Ced3d40a7-7353-4fdd-940b-be6ca79e7590%2Cb1cc034a-1ff5-4196-a849-1e1c40ad6ddb&nocache=1672392510647&pubcid=99480f46-7ced-4cc2-b2ef-40c0424042a4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
97c8f33907af175766e0e886a67b5677958e66077e9218bee2a3c11d6b8b8a06

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b6f8e81a-679c-4937-ac75-e1866c692393&nocache=1672392510648&pubcid=99480f46-7ced-4cc2-b2ef-40c0424042a4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f759779f-6c91-4ec3-8c0e-bfa34044ea0f&nocache=1672392510648&pubcid=99480f46-7ced-4cc2-b2ef-40c0424042a4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ec134d1e-0027-4412-869e-d7a64a9afa78&nocache=1672392510648&pubcid=99480f46-7ced-4cc2-b2ef-40c0424042a4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a7f98c59ab2c47e847e5b2b94c0b797e447fe2e2e05fb327db83d88deb88a4da
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:31 GMT
AN-X-Request-Uuid
20aa5f31-ed3c-4e8b-a916-198048580277
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.44.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-44-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
13
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Fri, 30 Dec 2022 09:28:31 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2aa74208a4f4d05458016ed3889e54c115501643a7f11016e3b17ad96a488e17

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 30 Dec 2022 09:28:31 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
48aa7991ecc2ee28d3153d5fee2e109711487d2edb5616e24f3195621caff2cf

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
200
alt-svc
clear
expires
Fri, 30 Dec 2022 09:28:31 GMT
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7666
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.180.33.210 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-180-33-210.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a4254e34fdb8bc7e2457d6f77b8be5a9f2476ac6489fc4bea1c8be964696270f

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:33 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.180.33.210 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-180-33-210.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3ebbe444d1f4e3b13e9fd14f21af01e40d5d060335e5f76992b17f918ee4c1d6

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:33 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=99480f46-7ced-4cc2-b2ef-40c0424042a4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=54dffc17-e67c-4ff5-895d-0b814c502a87%3Bb1e1b158-9466-4a07-b237-4f20ca877b83%3B75282a9b-5e4d-457c-bb4d-8b7b36edef06&l_pb_bid_id=67b6053afbd7ab1%3B68d6a5720ac1442%3B695779446fb279f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.28587375379091395
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2aeaeef400d5a4f40e60bd080ee0fe9dce537a5381b62d9371946dd056d66776

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22702dbc6758c0238%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2277111f4dc7740b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22808be3339efdb2e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2281d45052a6f3ec4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2299480f46-7ced-4cc2-b2ef-40c0424042a4%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3b77437c3158339d2e8cf60038beee5edfc2eba341e4b405f806a7d8db68aa

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skv7Lzcvtmry7AC%2FcSuEb02KUf1bFjGacqIfQU9PX8WLGw23GgD%2B0zepRhBxrbspv%2BQMZ8li0zu0kmZSBNJokpS7XtOImCFuG0jZaMBwn63C1PfUytWczTwiBjUxULrVgckF86uq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7819bee9ff06a883-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22702dbc6758c0238%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22808be3339efdb2e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2281d45052a6f3ec4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2299480f46-7ced-4cc2-b2ef-40c0424042a4%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519667b8e13dd324ad433effde7844624c16185a456f6f424f244802d629e4c4

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvLwhv4Fs3PNwPUkjixm%2FQC4i3d3tdFjmdioandvM57q6GKA%2FB7EiFfJk9XqSh8%2BbQiIWt7SOBzRil14LtGnZfnLhsuUmYYXBxo%2BbwG3%2BsiuozqiPwHMP6daAz1Jrk0H40HZQ5JR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7819bee9ff07a883-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:33 GMT
content-encoding
gzip
etag
"StHfV9prSwQMxjKWocWEFw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 06 Jan 2023 09:28:33 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame E8C2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 19:36:24 GMT
generate_204
tpc.googlesyndication.com/ Frame AF77 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GX6CuQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.as.criteo.net/ Frame 2BCA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=ygYrYnqK3Sru1nCy3WltyGjLLTBksgGZlV062rP7eN189PJnVYMu3j9-zVxBVDfQU191VC_cSM4yNvwwOtOe9J_9eGN6LkHG01TogdyVlFljzKiXednJAhInB2Iwwd2yojhb1GeUxPymHpHypv4bAI3ShhHgpZDREwiRneQY7R7gc7nQx9RbMhEvuFyaHbL-HmrXu3pmGti43_5UIeJJ04P8ftJRkuUvpBmswZWCQSl62Yr76b2aQ4us1gFmVKdMy24TAesy7RSzj27T&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAAFMwwKch3PAAk5p8b-RLG-ZX-BiKFWWA&u=%7C8WQHdG373CTG4VGUVNcn943ToIu3%2FVcQs9cja0HrSCE%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmedVJ2zkOQ_rWH5oKWAKlZdalJmiPR6KmBBlOvWQO-pzoFQ2_EiviQfG_roYhFafGWCIRkDhrbCaNKwuxy9nQAI4r1LajiF7A_3QmIN3nMDa6DbPtBiOr5Bh68fbEyNd37CXd9Fg099E-ISn2D5eW4mganOTRFRHPZe0LCGEk-Z5LjL5GPIc_YX1MCKiQMcNYVN3JSjD2K2W4A8EUuRV1QuBojbUPqEG01GTY-52rV9lxTKg_CEbdvIXOWwtd6mNLOz1vqsy4XPdwcrwFSK2Nqr6Mfqfa_vbkgbbwnt32yx6v_vM8Tfwp_HWHFX9G--bYYcrrQdSHOU_a5DmimtcSNMNkS0_-DgWRPuzP-eEYUNse3aRVa66_HS8PscMRmfwlPO3rBy6fxcSJYAwwSwB_xovu4q2S-2cyPjev46XKiKXtD_CxlHCO6qh5ujHZBAEBhdvaEOdKtgI5Fg3skB0NNV5IqAfQdHaJ4bEB1oxulzIlKg_REn-WSci8ydYzcP26tC4x1noiON4u6yMb2HKXrnsnSrEmA30Jf4TL0dzJCBBh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC932jPK-uY4zmFM-7yAOn86TAA5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApsTXh3ds6Y-qAMBqgSGAk_QZERb0qwyInhUeVv5bqHlsPE0cdrRhnZSYw0nbMvF3CYfGfN9r6hn_5vDqaHf5UvWTyw2AUXQj9wP2C32YEk0mYX4X1p1-K_TrCqcoSAr1ysqLtusTv2xur-Tn0V071ja29OvOSB_xWcbuqettoCyfAo_1_Az9Q9udI2B3DnJpguFOxZZtciHl5HphoiEuw9p8VBhEBJNYB8neWkvg9-HC370Km2LNay1WNRoG8LHQhN0daQG7lug-2xywjxUYbOqig_FihVxMAUG3_DHXRhjEhm-bN4U41PBsXJk01Gvms78m7XXmGwIfva6NKgOOjyZLdv0QvaHYoKbsLMvxlLrfz0ic62ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LYo4aiz8En44CyGQs0zF9Ckkizw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:31 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 976E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3505480435714787&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9595 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
b5515b6dfb2178843273ccdf6a3b10dfe174803c893c35f145f5f003ede65675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49462
x-xss-protection
0
server
cafe
etag
9262302740436867078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:31 GMT
generate_204
tpc.googlesyndication.com/ Frame E8C2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QbruMA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 342B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-7O-kdizefw56MthCLEiByvWpNhOHRkxIWVOPHVGCPwUf7f6W54_97TrxNrA4oOC9krJPaxPG1FIQKBWSSVZks-pd&sig=Cg0ArKJSzNi33GxBumDdEAE&cid=CAASFeRo6UktY2B2Ez1rfs32ZI0Mv8BZpA&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672392508209&rpt=2125&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ Frame 9595 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
0419ff85ff7d8b7c3cb2871e70a7dcc244a70f75bf52cd97686388eb5a547ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120017
x-xss-protection
0
server
cafe
etag
2664608634031528313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:28:31 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.146.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-146-44.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Dec 2022 09:28:32 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvMjAyM25pYW4tbmEteGllLXNhaS1zaGktemhpLWRlLXdvLW1lbi1xaS1kYWkuaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvMjAyM25pYW4tbmEteGllLXNhaS1zaGktemhpLWRlLXdvLW1lbi1xaS1kYWkuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 30 Dec 2022 09:28:32 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=9, origin; dur=223
content-length
555
expires
Fri, 30 Dec 2022 10:28:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0FAF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
b2b9ce5a36ccba3ece4734fdb725fe8e855e5d68d70c099f6d0b3d4a0670d05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12437
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 9595 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9595 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8C90 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520749&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392511519&bpp=4&bdt=540&idt=410&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&nras=1&correlator=7893217242726&frm=8&ife=1&pv=2&ga_vid=1872464899.1672392512&ga_sid=1672392512&ga_hid=1137247931&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166%2C31070202%2C31071220%2C44779793%2C44780792&oid=2&pvsid=1047411241418837&tmod=1318328584&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.bl1gmrhpzn7f&fsb=1&dtd=426
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A9A4 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093737&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392511523&bpp=1&bdt=544&idt=432&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7893217242726&frm=8&ife=1&pv=1&ga_vid=1872464899.1672392512&ga_sid=1672392512&ga_hid=1137247931&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166%2C31070202%2C31071220%2C44779793%2C44780792&oid=2&pvsid=1047411241418837&tmod=1318328584&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.oqzlz24tu6ic&fsb=1&dtd=437
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0FAF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9595 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
6cfe39c74341b5455de08039c07530b334ed13cefb147aad4be52441dfd66f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12476
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F787 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
3895941be098198e344eb6868c64f269b537129e505ddaaefa16e6e003c4327e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12516
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3C2E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
8237b57b351f0f3e002af54d1a14670227c1f9c4a32e7d7c34401311c9223a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12541
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
93b2423dc949960987fdf61c1b7211965585300e8aa9625460f8d8e97e30ed58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78627
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 30 Dec 2022 09:28:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9595 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F787 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3C2E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7C8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3978524261807149&bg=!HB-lH1vNAAYgquz3AKo7ACkAdvg8Wv59Hx88EzNuDNZmokwFfLc5IC-cm4ptOnZshD5CzYrp1d3ZOQIAAABdUgAAAAJoAQeZAsh6Iw4hoZMYUgrZc9Px6hep8A0ne7ni9faZ5YU68jOPzDRVz0rYSnftnZkbPZSX8xFjwEo8LpeXL0kNBuAx13pY67VIIaVUoYKE5fMv1VfQTSWLRcbrDlF551_GicqJ8xwSwsnYbuwsSMrPNIABXo80URYrj5f-N6lYkRoisNQEph-nH9hUX_cNDJZwt5xhaR848BhS6_Bd_5y1ShVdxl5X1TuNGvpMiy-jTk0Oj58z77OWH7DSZVFL-F8K2BZv2SV0XXTAfpSCzL35ZcKKWKYkL2pV_4rl361d701BVY3zPggezdhyZGgSmEE29TnVzHvHDPh18UEioXV3AtkuQs_Xzxnc8rullyuMlpubSYU3wT5yrMS2IHrqJhWkpZ03xvHB4AM3NhWdj3-N7d_HaAxeuPRxyA5DuDClARL7ZffTUzJ-LFxIJDpzJW2HY_A0eS4ptF5uIKEZh8BJGE_0GWjpaoy7jpN4btj2j1X7odna5djLzpj-TBsLZI4DzpZnYBRaybays1oGrHbjoDyDBTAxiw8CJzYhWXb0cXeycZOgmCkJfA_bVNpXJLYD2NCJe9OPoUl3KkXpTl82UzRKRGGoJ3Ah_wui3vY8tGYeVgYS9pPNJJLsEyB2U-tA372SANrjJEwh_fPKEjXjRJ7ihbtP6DcfiyFK-RIx-vDrBk53JhksUgWh3Cl696BgcJ1LOylWsaiFXF7-SQQerXZkDxwEiKgARpuNBHoWneMpkqEcFcGyIk_8yDWPuDXwJoMCkqZhNrdo3W520yaTtALVMhbR5_zC-jpy23d8DToFszrn2B0G0Xg-n9AhwxDtgPH9fMdLgN-2RhvhIM3mPUnLoPYdiqsxdn37ctLCJspQRz-_iuCfXitk2XIVy4eiUtmEgliCraCXUiOrgj8wvJQLjSbhn3m_GjdgDf5grJtJ_i5MqXIi3hNJJeFk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 29BE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
20568
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 03:45:44 GMT
expires
Sat, 30 Dec 2023 03:45:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3FFE 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
000caedef0ae798a564669089a3e54a5ea6aacc08d4a3f08da400128bbd1bcaf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m2jIgvaPYg-NgmO90NGJcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-m2jIgvaPYg-NgmO90NGJcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:32 GMT
expires
Fri, 30 Dec 2022 09:28:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D71 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
20569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 03:45:44 GMT
expires
Sat, 30 Dec 2023 03:45:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 42E3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
f5d0c763967dc8b98f8d986708451b127d638e27a801f2e5e6969e9f0a9cffb5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qMCAKd_IFo2A407a_k_Tbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-qMCAKd_IFo2A407a_k_Tbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:33 GMT
expires
Fri, 30 Dec 2022 09:28:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DB1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3505480435714787&bg=!h4SlhMDNAAYgquz3AKo7ACkAdvg8Wk7vsVj1xO4o-52dfrjygy2-_8aFaEcAxR9A1hUg175Ig_WfBwIAAABQUgAAAAJoAQcKALcavonhIpFs5D1K3u8GRE4f4qTF_qzg8k5Thznk4AVgLY5U3DHet5oNRTKeX9ng8zNhkjodorj-5x-_IYgpEqlzL_agQKQuwDcCnfWpfrkNts8IhooQxKCTFmnRLmVQiHmyHfVp1iYcBHLcmE4gMyniQ3q31K8w3h1wOZWVOUjjq-eGYAH35XZFfZe4MAZhp-Ww8aUXLfI5BPOwgBAYngug6TvUdZFTavYDJvSTbh1hwM_U1a915ayZAr3r46k4S-_WG3PQwplpQzwHtoQQOu3U0ouubs2kpwipMU1u5RC6ebGYsDt9RqEltKtxSQArmWx2veIcx9Z7E-wcaftTg65gzPTH-sdYgakYAZd6q5vQhXpYOmptJJH3qhEOHylGSeAu8CJK-Y_Nzh1t365Ie_lPXaXh3juh_oMX2cDak8qYDSq0GKXNG64v9bHy_sF1EchclxVg0WoNx1o9ilc_C2cnPJdKlq196mXC_0hUiX0NqkZEwBXRhQzuuFmQHtkA-QvBc-LvoJinV0ghDzjqVLz9NX-um6ytZSnH1ZKCnXEP1Lk4lSZUOpZObpmmYZpem5ptbGaMysm4Cfqdr2Pa1rs0qSqUiQbMBlmpX1R3UokCTY9N0rhDnOOF5L5B4V0eUr5iKNxqwaoESYwUqXMkJPbLeHmCSVxE1PBcY6ZtKdcWcI9MQE-Vf77vpsA8R_3_nThRYp5N585Pwau-UTWjuvSJSm9mdLa6l4sd9FfdziYqCs6BqfYSFiEmpOYLD09aFSBs3sqH8aq7t2ZLf3hSgsYSC1X2yAyE_9aA26G4zoHnNaQu7gIlVLoOdrI0wIe-cOVXRlNtDHitAmWycZh2PSrrH4eP4XOJBXY8gehqhsDk5H0c-3Hu9-ZGSpgVlkZmZsyp_Js4CPXjJCrcrJXcrF-SoZ4EIjqW7AXlKp8RtbEoGkzec7_yqHRe_1FwEevEjZ_N0U52raFD0JCnXennLK-iojN1aMgWZUuzDmvOnF8C-I6k4C1nhMrwK5QKuvIqn79PLaW_FBJ88LXNsudq02yoRIudjNvciSN7GD3DfE19z_eeSW40dGzb2bTgwbi8LEDH2Fg1qI1qfbY9Kke8ldP0VK3-2ROihgO17lGMzf0LXiuTqZ4icXQ3wte7K6un0SHLXrr4502sMTjsxQ_3MsFcSH64iIyI7g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3FFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1047411241418837&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 29BE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 19:36:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 42E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1659567851031227&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 4D71 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 19:36:24 GMT
generate_204
tpc.googlesyndication.com/ Frame 29BE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dA1Fdw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 4D71 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TmCvcw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS8yMDIzbmlhbi1uYS14aWUtc2FpLXNoaS16aGktZGUtd28tbWVuLXFpLWRhaS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYzc3ZjM1NTQtMDZlYS00YWE3LTljMDctMmQyYTBiNTFkM2YyIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJmYzU0ZGY3ZS1kZThhLTQzM2EtODQxMS0yOWJiNzQzYzVkYmQiLCJ0aW1lT2ZBdWN0aW9uIjoxNjcyMzkyNTEwNjI3LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX0seyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJmYzU0ZGY3ZS1kZThhLTQzM2EtODQxMS0yOWJiNzQzYzVkYmQiLCJ0aW1lT2ZBdWN0aW9uIjoxNjcyMzkyNTEwNjI3LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZmM1NGRmN2UtZGU4YS00MzNhLTg0MTEtMjliYjc0M2M1ZGJkIiwidGltZU9mQXVjdGlvbiI6MTY3MjM5MjUxMDYyNywiYmlkcyI6W3siY3BtIjowLjA5LCJhZElkIjoiODJjOTgzMDY2NTgzY2RkIiwib3JpZ2luYWxDcG0iOjAuMDksImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwODk5OTk5OTk5OTk5OTk5OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjU0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY3MjM5MjUxMTMxOX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJpeCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODJjOTgzMDY2NTgzY2RkIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA4OTk5OTk5OTk5OTk5OTk5fV19&c_b=11925.39999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		72 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2647320976429856&correlator=225743998887392&eid=31071294%2C44761477%2C31070232%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=2&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.09%26hb_ap_adid%3D82c983066583cdd%26hb_ap_bidder%3Dix%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&arp=1&abxe=1&dt=1672392513660&lmt=1672392513&dlt=1672392503146&idt=8226&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=530218868.1672392506&ga_sid=1672392506&ga_hid=272360328&ga_fc=false&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a6ceb75a24dbdacd2ec2ba6e7334aab8eb2e0620cb2bb31eb35e36c2209a76d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16640
x-xss-protection
0
google-lineitem-id
5221734848,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294149004,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E94 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:33 GMT
expires
Sat, 30 Dec 2023 09:28:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 09:28:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7120 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
20569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 03:45:44 GMT
expires
Sat, 30 Dec 2023 03:45:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4328 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
0b9f23e5756cae289fe5cba515bb0b0b822452eae958bb986a9417dc694bedd9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1EKhPUuCSVdqWwIjBHWUSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-1EKhPUuCSVdqWwIjBHWUSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:33 GMT
expires
Fri, 30 Dec 2022 09:28:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-127.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:45:09 GMT
via
1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2606
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
xFDlz9vfgxT01EsidJOUYOf0_YMUHOAzdpPDDxAmrT3gnNc_WPl3Ng==
sodar
pagead2.googlesyndication.com/pagead/ Frame 4328 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3742373109198497&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 7120 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 19:36:24 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 09:28:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7BC7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
20570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 03:45:44 GMT
expires
Sat, 30 Dec 2023 03:45:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A45D 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
GSE /
Resource Hash
a516a10c04cc6af4b6e7bdbd553cc303c6b9ad296053cca91ae848ca920edfde
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ATEWUluR7-Kk_Y7payKepw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ATEWUluR7-Kk_Y7payKepw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:34 GMT
expires
Fri, 30 Dec 2022 09:28:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 4311 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiebSduMSU4IVVrrs5C4R5hUrzLjzyPElp0PABnJ4KGbihzTeEajnkcjwNSbS1OAjBqy_SKNACiIM85zAcfqg1hHPL0QFObiX1pmSRMKpJNf8FyfSzzVLwAW5A7bGtrkFYF_4RC6p2LuQKgkPqpYsHeu_G0xyxHYFsCbuAwaecrReSU79McyBKFfquqK-r7IYSmrkeA1x-SH3KOwiSRxOWucBhjgv3X18dyYGAVkiGkN5geNLBfyUmN-NLZXn9hAbGKmsly7pbORIx_DmWsmI9b2MLh2-nIzZoDpuqGasVaajszj7A9iAoDxHu&sai=AMfl-YSvN-dl8pmvdzPkfvn2cUKI2SqtyGDzxsYO6OFIetraelq3IBj-s3Y3pw2V4C-DimRbTaJjLcxXlu6hocK_UVty09ZD07ja_7ldgLRGRfU_FJiAjw04T48op0pX2JS3qg&sig=Cg0ArKJSzC2-vmDNm2lXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
script.js
d2849lw36e7cot.cloudfront.net/ Frame 4311 		122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2849lw36e7cot.cloudfront.net/script.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.70.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-70-32.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d22d20359a1bd2eedcc24894c0af70b70e9cb4afae92b519b1d4447f1a478094

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
29yz4leK91yg3Rm3h9BpJrtAU6yaEJ5W
content-encoding
gzip
via
1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
date
Fri, 30 Dec 2022 09:23:31 GMT
last-modified
Thu, 29 Dec 2022 16:38:33 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
304
etag
W/"e9b47fba728d3162aec8317ebd45dbaf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
Zrl0S5rH_flahphFxcmUvR26RmFF5IlBgd1VJucNgj1a6eIEIcbF0A==
v1
a5317.casalemedia.com/impression/ Frame 4311 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5317.casalemedia.com/impression/v1?bidID=d2f0e965-10aa-4bb2-b422-88c662111546&traceID=cenaufp0of69ov8rfghg&dspID=85&userID=Y66vPTF3RFEf8C0cBH4YgwAA&cmpro=4735&deviceType=2&expiryTime=1672393111&siteID=693656&creativeID=17e3486&pubID=189372&format=banner&channel=site
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.86.127 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:35 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4311 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-B7M5Uua7ouht1Xfqp896JjLsy6JIjWXo3tvi6BuxwAmERWL8Cb2ddZWyEi3LXR7mrLqMR3gV9eS_pdGDlCL5zurvelsw&pr=13:Y66vPwAAAAChdgz2Ihetm__cxYmGuXZyQReA9Q
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 4311 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:30:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3499
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3003
x-xss-protection
0
server
cafe
etag
2660866305706646737
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 09:30:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4311 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:35 GMT
container.html
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 32C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:33 GMT
expires
Sat, 30 Dec 2023 09:28:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E74 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:33 GMT
expires
Sat, 30 Dec 2023 09:28:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS8yMDIzbmlhbi1uYS14aWUtc2FpLXNoaS16aGktZGUtd28tbWVuLXFpLWRhaS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYzc3ZjM1NTQtMDZlYS00YWE3LTljMDctMmQyYTBiNTFkM2YyIiwiYmlkcyI6W3siYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA4OTk5OTk5OTk5OTk5OTk5LCJyZXNwb25zZVRpbWUiOjY1NCwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiaXgiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDA4OTk5OTk5OTk5OTk5OTk5LCJ3aW5uZXJBZFVuaXRJZCI6IjgyYzk4MzA2NjU4M2NkZCIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiJmYzU0ZGY3ZS1kZThhLTQzM2EtODQxMS0yOWJiNzQzYzVkYmQiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MX0%3D&c_b=12725.29999923706
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
generate_204
tpc.googlesyndication.com/ Frame 7120 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?12bTKA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=272360328&cid=530218868.1672392506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672392514&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&dt=2023%E5%B9%B4%EF%BC%8C%E5%93%AA%E4%BA%9B%E8%B3%BD%E4%BA%8B%E5%80%BC%E5%BE%97%E6%88%91%E5%80%91%E6%9C%9F%E5%BE%85%EF%BC%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A45D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1892013495938508&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 7BC7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 19:36:24 GMT
0de3566013914383836dcf943517c81f_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221214/ Frame 2BCA 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221214/0de3566013914383836dcf943517c81f_cpn_336x280_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
5b0570558c1b63c5569392865cad79234d882182c6b8c7da8e4abfe09ac6c7b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 14 Dec 2022 10:42:46 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6399a8a6-f547"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
62791
expires
Mon, 25 Dec 2023 09:28:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 32C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsLPQQa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSqAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ75hZ18BW3SbsYPaxXAmlrGgdJqqKNBqiVq8m-772cmfclnnpAcbjgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=eau9mB2HiqA&uach_m=[UACH]&cid=CAQSPADq26N9Mmt9BqRXknWDgpjBBMj_dsqhvKWaGAU7KpPgz2P_UhiIGzfAZgYyIzkj36yIYNGgj6FWZhjc5RgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 32C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kcCCDf_1BtgFWmL4LRICAAAA-ONZtFtuTcOupkbjEEGvrmODJa8lUajccFEn9AASAAA&wp=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
160783
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 3AAC 		112 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
47f85bda31018208bf8a639dfaa5a2720a7190ea62dab4dfaaf4c1708c244e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:35 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=5_VCYnqK3Sru1nCyLIjKpPeGh645yO4wtD7ckfHG2bn0ZfddB47nbneks3mbHhUREmCdk0vKoU5GiYY8vSCZbdcNb4f1w2-xIc_d7OM-FwlOKKRMMYd3C_sj1YSQDBr2hmH6B0OzvcHfQIrMAB2gCJuk4V4vadrJfpTobNqSdprCs4yvG4-xIShSevNeg0JLRCjkkzqTT0z7wx59gbwlwIzSWp83CoyCGJUIlyaa0Wlo6Sy8YGz_VgU6_M03R75XEppolA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
42487421
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 32C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:10:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 449D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
84417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 10:01:38 GMT
etag
48472445140208031
expires
Fri, 30 Dec 2022 10:01:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 32C9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:10:31 GMT
l
www.google.com/ads/measurement/ Frame 32C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQc0Prf2--oxyYgqM8_TPksOLl4OPIs6NQ1rrunzaAhGGLPzl-YKwq9aF7KEznP-VckEM1_HZzCK-u8fNAVFB6ePP_O5Q
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 32C9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 05:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
272744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Dec 2023 05:42:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 32C9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8E74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXbHCQa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSrAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVHK_skioScESyJtDITgDk25gcqiz4iDkH8P6DqOx3sHVd_syHdcT4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=_2N6WPVI4LM&uach_m=[UACH]&cid=CAQSPADq26N9Mmt9BqRXknWDgpjBBMj_dsqhvKWaGAU7KpPgz2P_UhiIGzfAZgYyIzkj36yIYNGgj6FWZhjc5RgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 8E74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kcCCDfn1BnjYBGL4LRICAAAA-ONZtFtuTcOupkbjEEGvrmOVaK9528tlqGC7eQASAAA&wp=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
182101
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 2754 		138 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0b9d0c6d02bb1fb859faa94cea216ca72714c776865d9c735cc93df5aafae3f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:34 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=d5sQ_3qK3Sru1nCylTliGZF0ylHA85t0lgQ6eWMTc3wUV9bX0DHpWdPUDrGdzlBDJWby7ycvx11yZGtzNs5V5ejmNGCKsoxEcC0egJ-guctX5Nayc4XMWgQcCBTVlmKDAJJ1iLcuhmSFu5oapD1uTj_b7tYtc2XnHsQsVzGbR4pvsnhLythKWdTuvsAh8saE0KoBc9hYISOdLCufpyocU7npla09MIpKQPXcq3o0Yr1p0rcFiWlSAQd-MQNFDCVe_4lVoQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
69700066
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8E74 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:10:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 980F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
84417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 10:01:38 GMT
etag
48472445140208031
expires
Fri, 30 Dec 2022 10:01:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8E74 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Jan 2023 08:10:31 GMT
l
www.google.com/ads/measurement/ Frame 8E74 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgW3ITNw3ERjs_owETO2IjXeImBWEdzXgV27ocLZ9lbR7GFfCIVGrlJaU6WuizIYs_O6kXjd1TYf58MWzTqZwl0-kSWg
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8E74 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 05:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
272744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Dec 2023 05:42:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E74 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:35 GMT
pixel;r=1988659829;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uh...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1988659829;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1088104555-1672392513861;pbc=99480f46-7ced-4cc2-b2ef-40c0424042a4;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1672392515079;tzo=0;ogl=;ses=a2c57ec2-d8c2-4eeb-b236-529bdf42fc68
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 7BC7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?d8LdZg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
cm.g.doubleclick.net/ Frame 449D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECrt47MbFZ4VfWNTSoTyq_g&google_cver=1&google_push=AavPq0Ns2wXY0MUMdLR6jBp1GR9bf_Eiri9adRQKaYDlLZ9PvtGUsNWr1wpLPlt196k7bOSQIw28NPw0quc8oQ_p...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0Ns2wXY0MUMdLR6jBp1GR9bf_Eiri9adRQKaYDlLZ9PvtGUsNWr1wpLPlt196k7bOSQIw28NPw0quc8oQ_pSI_SSKrwhPdwinSFvLeNoqEaP1CWhd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0Ns2wXY0MUMdLR6jBp1GR9bf_Eiri9adRQKaYDlLZ9PvtGUsNWr1wpLPlt196k7bOSQIw28NPw0quc8oQ_pSI_SSKrwhPdwinSFvLeNoqEaP1CWhdca7pPdh13a62rEJR_eEPVHgKqGDg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Dec 2022 09:28:36 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0Ns2wXY0MUMdLR6jBp1GR9bf_Eiri9adRQKaYDlLZ9PvtGUsNWr1wpLPlt196k7bOSQIw28NPw0quc8oQ_pSI_SSKrwhPdwinSFvLeNoqEaP1CWhdca7pPdh13a62rEJR_eEPVHgKqGDg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 09:28:35 GMT
i.match
s.tribalfusion.com/z/ Frame 449D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDxZZph1w4xVSER-W93wqs0&google_cver=1&google_push=AavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDxZZph1w4xVSER-W93wqs0&google_cver=1&google_push=AavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEp...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDxZZph1w4xVSER-W93wqs0&google_cver=1&google_push=AavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6gtFDhXVgwd7pknwD7IxevAIvrfR2nNJk5kynnCuIoz0Bw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6gtFDhXVgwd7pknwD7IxevAIvrfR2nNJk5kynnCuIoz0Bw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7819bf08a8841c56-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
277
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDxZZph1w4xVSER-W93wqs0&google_cver=1&google_push=AavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6gtFDhXVgwd7pknwD7IxevAIvrfR2nNJk5kynnCuIoz0Bw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0McCLgbC_iJJ_-zcByq13syu0IBCsKwHihYMjPYxCZtzU6MUURCj8TuQ3eJhKbQFQyELV8m0mCGd6K9V_4dlcr2OuVJUEpE6gtFDhXVgwd7pknwD7IxevAIvrfR2nNJk5kynnCuIoz0Bw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7819bf06cee31c56-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 449D 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFPyrJHdKlXoPZJp3ENbgFM&google_cver=1&google_push=AavPq0P2aQLbPZ7QkJEg27jC_zsjB-WYh3hrOpOLWmlpnONj4bhSMpp5HLgbpeTrT2D8LGRU0up9aPFo9UrFUOEY6xNbIuyZNpea5Fh-gp2omrHJDW1PzzIxrM85N4RctydpxlVZIdJqcD7U
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 449D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPWoo9Wpkm_iGz_RDxU00Qw&google_cver=1&google_push=AavPq0OxcRdTW1htC43OXAFW8dga74mwekM8Emmn01krNN3LgRdO4VdRJ-nbDBNxbsBw6vtDriBVR802iBSjclVUpDhy...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2d843f2c-c6f7-4311-a7de-e85a87b69e25&ssp=google&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524630856467605591&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524630856467605591&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=55fe6a3e-3974-4bc6-9844-040055253860&ssp=google&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524630856467605591&ssp=google&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209030804381002976900&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524630856467605591&ssp=google&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT9Xezvtg8tr&google_hm=LYQ_LMb3QxGn3uhah7aeJQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT9Xezvtg8tr&google_hm=LYQ_LMb3QxGn3uhah7aeJQ==
Date
Fri, 30 Dec 2022 09:28:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 449D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBXBCIiVPjeQ0NCvwN_qYLk&google_cver=1&google_push=AavPq0OnvF5KsVgeSkZb2V-J9pKZaABh-WWuAmlfhQVCes49Ygf8ssxoJ-Oo7qY1RpV8D-sjqI6gKbLq...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBXBCIiVPjeQ0NCvwN_qYLk&google_cver=1&google_push=AavPq0OnvF5KsVgeSkZb2V-J9pKZaABh-WWuAmlfhQVCes49Ygf8ssxoJ-Oo7qY1RpV8D-sjqI6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU5MDk0NDE2MTgyMzUwMTE0Mw&google_push=AavPq0OnvF5KsVgeSkZb2V-J9pKZaABh-WWuAmlfhQVCes49Ygf8ssxoJ-Oo7qY1RpV8D-sjqI6gKb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU5MDk0NDE2MTgyMzUwMTE0Mw&google_push=AavPq0OnvF5KsVgeSkZb2V-J9pKZaABh-WWuAmlfhQVCes49Ygf8ssxoJ-Oo7qY1RpV8D-sjqI6gKbLqh7SHBItnrQOCyzYZpdxA46L9nkhIcmi3LcfZoMfK5tPF81vlleIpb1q-_qbYOo7oSA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU5MDk0NDE2MTgyMzUwMTE0Mw&google_push=AavPq0OnvF5KsVgeSkZb2V-J9pKZaABh-WWuAmlfhQVCes49Ygf8ssxoJ-Oo7qY1RpV8D-sjqI6gKbLqh7SHBItnrQOCyzYZpdxA46L9nkhIcmi3LcfZoMfK5tPF81vlleIpb1q-_qbYOo7oSA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 449D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGN8S8CDglAcgFZ24mTm-i0&google_cver=1&google_push=AavPq0PR8lp3yQx-eMob-wny9VK-q56JRS3RWACBul0rFUWaaMmzg9M6XJAXRgRFgNEPRam506lzWXhlr_5rFi0...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IFDNZVgrTI5jDdU-QSuc2HRaSsQ&google_push=AavPq0PR8lp3yQx-eMob-wny9VK-q56JRS3RWACBul0rFUWaaMmzg9M6XJAXRgRFgNEPRam506lzWXhlr_5rFi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IFDNZVgrTI5jDdU-QSuc2HRaSsQ&google_push=AavPq0PR8lp3yQx-eMob-wny9VK-q56JRS3RWACBul0rFUWaaMmzg9M6XJAXRgRFgNEPRam506lzWXhlr_5rFi0PqzvEju2vnWP_n8wVn7IIdLlOfzWye7lEWnKPAYPxrJyo1j9M68lMksZ17w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IFDNZVgrTI5jDdU-QSuc2HRaSsQ&google_push=AavPq0PR8lp3yQx-eMob-wny9VK-q56JRS3RWACBul0rFUWaaMmzg9M6XJAXRgRFgNEPRam506lzWXhlr_5rFi0PqzvEju2vnWP_n8wVn7IIdLlOfzWye7lEWnKPAYPxrJyo1j9M68lMksZ17w
Date
Fri, 30 Dec 2022 09:28:36 GMT
Connection
keep-alive
Content-Length
288
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 449D
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHvACWCUWlSFiqxC715cdd0&google_cver=1&google_push=AavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9O3zOuErV-PVoJHmC9f7EPb5qRJLA...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHvACWCUWlSFiqxC715cdd0%26google_cver%3D1%26google_push%3DAavPq0N5CR6AlTqgV37D0p...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4306154470455869931&exchange=193&google_gid=CAESEHvACWCUWlSFiqxC715cdd0&google_cver=1&google_push=AavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQzMDYxNTQ0NzA0NTU4Njk5MzE&google_push=AavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9O3zOuErV-PVoJHmC9f7EPb5qRJL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQzMDYxNTQ0NzA0NTU4Njk5MzE&google_push=AavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9O3zOuErV-PVoJHmC9f7EPb5qRJLANmZvOJgZ1n84npY0AFyl5Z7JXqLEva2SLtEWTQvUvN_HjaG3asYGcVk-0-lN_S5W2FY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQzMDYxNTQ0NzA0NTU4Njk5MzE&google_push=AavPq0N5CR6AlTqgV37D0pXnKJEnDKJP3QY-sukvBSlvWCU7-lQ9O3zOuErV-PVoJHmC9f7EPb5qRJLANmZvOJgZ1n84npY0AFyl5Z7JXqLEva2SLtEWTQvUvN_HjaG3asYGcVk-0-lN_S5W2FY
Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 449D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IL2wqGZRcSKzG_hku10IoBcZ-IwrX3ym_DPEEmgB1Hyb9P5lyx7Ki4YWL0_bwUn2Pe2nVs5Q
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3AAC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3AAC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3AAC 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Dec 2023 09:28:35 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3AAC 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Dec 2023 09:28:35 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 3AAC 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Tk1NRnZdmofATVl_-52ExGMWOCa0-MSvZcaqAGkG25ufBUxdpJ5AxdvyaXQwnuDhUFBSDBk1O1vdRRT_ybvon88Tg2GICF4uXR35AWrEePvsBSIScLe2_08viShi5kWWl9KPLRz_4txMXq1hj4-8ACrAbD4Y33Yp4m3k7FKXVIe8zOrEGyDJuewleoQHvBVEWwnzcUSqdo21fcnixHhAiDZlKvXb7gcUGf6EwqQB3tzq3soIQNqSFUKqSITwDRUBSwgsua9HivnOfzmDWAr7DL3Odl2FLFkeM05ue_4HkpMGsDizPCdZA4l6GxQnYVt7IEQcAVTEhqg7rp6Q9T6dgGL5W9KLwfBiikroNjBBYjOxfCIG_oBuRcMEXnkbyOAQ2pEjTxC0EztydVtZ3LbjFjWSk2-zxV2qt99Q73IX_hx1VUutPbKZg0KHP2vQnxdxD3MMOA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2229849
expires
Mon, 26 Jul 1997 05:00:00 GMT
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 3AAC 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 3AAC 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
pixel
cm.g.doubleclick.net/ Frame 980F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECrt47MbFZ4VfWNTSoTyq_g&google_cver=1&google_push=AavPq0P_O2p21hOWdS6G8mKaVLC5w9umTUlu8yu7k7nFbIZTkDnI4k2HZ__0Z8s50q-KK82pczvt8nwKNl5neiRr...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0P_O2p21hOWdS6G8mKaVLC5w9umTUlu8yu7k7nFbIZTkDnI4k2HZ__0Z8s50q-KK82pczvt8nwKNl5neiRrlThJyEeEoPAISi9T4aTe3py_n7upl5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0P_O2p21hOWdS6G8mKaVLC5w9umTUlu8yu7k7nFbIZTkDnI4k2HZ__0Z8s50q-KK82pczvt8nwKNl5neiRrlThJyEeEoPAISi9T4aTe3py_n7upl5H4e7O1E1Mo-jdeUr88TKIT5ZQ
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 30 Dec 2022 09:28:36 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0P_O2p21hOWdS6G8mKaVLC5w9umTUlu8yu7k7nFbIZTkDnI4k2HZ__0Z8s50q-KK82pczvt8nwKNl5neiRrlThJyEeEoPAISi9T4aTe3py_n7upl5H4e7O1E1Mo-jdeUr88TKIT5ZQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 09:28:35 GMT
pixel
cm.g.doubleclick.net/ Frame 980F
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEODyR4GXST1JV3X993dpea0&google_cver=1&google_push=AavPq0PSIrQHsGL0ut_DFokUOFYNSvTIpYgrMwXsIbaHoMKfnCxjDSyIYqpRk0kWiqKXPvjDcno_quVDalK0xWqP5iXXCfeN...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0PSIrQHsGL0ut_DFokUOFYNSvTIpYgrMwXsIbaHoMKfnCxjDSyIYqpRk0kWiqKXPvjDcno_quVDalK0xWqP5iXXCfeNDsyroWYldnk5PPeRA1bGV7O2ZXhU3BsZBH2g3e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0PSIrQHsGL0ut_DFokUOFYNSvTIpYgrMwXsIbaHoMKfnCxjDSyIYqpRk0kWiqKXPvjDcno_quVDalK0xWqP5iXXCfeNDsyroWYldnk5PPeRA1bGV7O2ZXhU3BsZBH2g3ezTxA0heefu
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0PSIrQHsGL0ut_DFokUOFYNSvTIpYgrMwXsIbaHoMKfnCxjDSyIYqpRk0kWiqKXPvjDcno_quVDalK0xWqP5iXXCfeNDsyroWYldnk5PPeRA1bGV7O2ZXhU3BsZBH2g3ezTxA0heefu
Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 980F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPWoo9Wpkm_iGz_RDxU00Qw&google_cver=1&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsK...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT9Xezvtg8tr&google_hm=LYQ_LMb3QxGn3uhah7aeJQ==
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MRm_zu53sghBt3pI0y-zfcXLamqthJbAmRL0EBsACEQOVzfvDOsqzKqJyoOdbw3jwNWutrZTHTH7jTsPTAgBsKBOqquVf49UvDYGX36l4lWLWLAyxpmhG5-DvBZkq-kT9Xezvtg8tr&google_hm=LYQ_LMb3QxGn3uhah7aeJQ==
Date
Fri, 30 Dec 2022 09:28:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 980F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP3OHHNwOwOd_b5ucdANEIs&google_cver=1&google_push=AavPq0MkqggKPhDZ1VGozLQHMmE7-QZ5HW5DeKMCcLabzk8SBu13rz9KJ6l7T4eV6y8D7zIrrYI0sq5NRIojqswC107UWuQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0MkqggKPhDZ1VGozLQHMmE7-QZ5HW5DeKMCcLabzk8SBu13rz9KJ6l7T4eV6y8D7zIrrYI0sq5NRIojqswC107UWuQ52L6um-2sv7-UJfIKuQ5oCsMjqYiJfgySDlFMN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0MkqggKPhDZ1VGozLQHMmE7-QZ5HW5DeKMCcLabzk8SBu13rz9KJ6l7T4eV6y8D7zIrrYI0sq5NRIojqswC107UWuQ52L6um-2sv7-UJfIKuQ5oCsMjqYiJfgySDlFMN_U17VidwqJ_&google_hm=eS1WcjZEUlNCRTJwRzlyT2pMNWRuWklfTkJGRTNDNGlYYn5B
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0MkqggKPhDZ1VGozLQHMmE7-QZ5HW5DeKMCcLabzk8SBu13rz9KJ6l7T4eV6y8D7zIrrYI0sq5NRIojqswC107UWuQ52L6um-2sv7-UJfIKuQ5oCsMjqYiJfgySDlFMN_U17VidwqJ_&google_hm=eS1WcjZEUlNCRTJwRzlyT2pMNWRuWklfTkJGRTNDNGlYYn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 980F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBXBCIiVPjeQ0NCvwN_qYLk&google_cver=1&google_push=AavPq0OGFHgne4vR7Ni2LjuqTvdRXMF5b-7UiuFZcQpgTp53JDTUfE5sH0bombc331rLoo7Dr_ri9UN4...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBXBCIiVPjeQ0NCvwN_qYLk&google_cver=1&google_push=AavPq0OGFHgne4vR7Ni2LjuqTvdRXMF5b-7UiuFZcQpgTp53JDTUfE5sH0bombc331rLoo7Dr_r...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcyMDkwODM0OTY0MTMxMDI1MQ&google_push=AavPq0OGFHgne4vR7Ni2LjuqTvdRXMF5b-7UiuFZcQpgTp53JDTUfE5sH0bombc331rLoo7Dr_ri9U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcyMDkwODM0OTY0MTMxMDI1MQ&google_push=AavPq0OGFHgne4vR7Ni2LjuqTvdRXMF5b-7UiuFZcQpgTp53JDTUfE5sH0bombc331rLoo7Dr_ri9UN4KOAyEaKOZoEniHNu6atTllgj9gqWzsOaVy40JGWyQoDS42TeyU4H3kpunDhXGkQ
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcyMDkwODM0OTY0MTMxMDI1MQ&google_push=AavPq0OGFHgne4vR7Ni2LjuqTvdRXMF5b-7UiuFZcQpgTp53JDTUfE5sH0bombc331rLoo7Dr_ri9UN4KOAyEaKOZoEniHNu6atTllgj9gqWzsOaVy40JGWyQoDS42TeyU4H3kpunDhXGkQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 980F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGN8S8CDglAcgFZ24mTm-i0&google_cver=1&google_push=AavPq0PKvHD4exuxt2mivA8ilpoURMtzN2kKMPxUVXyWShZQK-hJVUQRZ0Xfvtsvva69-kHdFUY1sHw0Dy5g7sw...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=gcsvoJ9XRD10C8jnXKRPPXRaSsQ&google_push=AavPq0PKvHD4exuxt2mivA8ilpoURMtzN2kKMPxUVXyWShZQK-hJVUQRZ0Xfvtsvva69-kHdFUY1sHw0Dy5g7s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=gcsvoJ9XRD10C8jnXKRPPXRaSsQ&google_push=AavPq0PKvHD4exuxt2mivA8ilpoURMtzN2kKMPxUVXyWShZQK-hJVUQRZ0Xfvtsvva69-kHdFUY1sHw0Dy5g7sw_L7UZsIUEz5QSBrbHd4jxGpxxKs_sHDTCX6trDosE15u3aZfXjSLtwd6v
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=gcsvoJ9XRD10C8jnXKRPPXRaSsQ&google_push=AavPq0PKvHD4exuxt2mivA8ilpoURMtzN2kKMPxUVXyWShZQK-hJVUQRZ0Xfvtsvva69-kHdFUY1sHw0Dy5g7sw_L7UZsIUEz5QSBrbHd4jxGpxxKs_sHDTCX6trDosE15u3aZfXjSLtwd6v
Date
Fri, 30 Dec 2022 09:28:36 GMT
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 980F
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHvACWCUWlSFiqxC715cdd0&google_cver=1&google_push=AavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-PkkLiZ-khTs9PIfmI4ax9XBE-e3...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHvACWCUWlSFiqxC715cdd0%26google_cver%3D1%26google_push%3DAavPq0O9eZmQfmNeklj9L1...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A256220992459480452&exchange=193&google_gid=CAESEHvACWCUWlSFiqxC715cdd0&google_cver=1&google_push=AavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1NjIyMDk5MjQ1OTQ4MDQ1Mg&google_push=AavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-PkkLiZ-khTs9PIfmI4ax9XBE-e3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1NjIyMDk5MjQ1OTQ4MDQ1Mg&google_push=AavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-PkkLiZ-khTs9PIfmI4ax9XBE-e3_K0FXX7wy4v7pLL_gwNbDpj8hd0wGA24U8XtGHnM0RVgUFl_Tc5hfiZJ7HbiEwl4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTI1NjIyMDk5MjQ1OTQ4MDQ1Mg&google_push=AavPq0O9eZmQfmNeklj9L1-AIgRJ-RnhtS9oVpmqO1vRTfswqWze-PkkLiZ-khTs9PIfmI4ax9XBE-e3_K0FXX7wy4v7pLL_gwNbDpj8hd0wGA24U8XtGHnM0RVgUFl_Tc5hfiZJ7HbiEwl4
Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 980F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJjCfNJZfbKvuyu64VEYb_72WFEfDPIf-AFXfNg1XfXGUbOfsp8gsQaLVuxfLLZlzi6XmJFA
Requested by
Host: 5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
URL: https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame 3AAC 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
truncated
/ Frame 32C9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d505b15037ec2ceb81a50b2751823257fef912bd6a93856316cc9b23bdea8e2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
img
pix.as.criteo.net/img/ Frame 3AAC 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=176&m=0&partner=70489&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F70489%2F200408%2F3c09cdfc5e5e455b8f2fd075602a8b8a_square.png&v=3&w=256&s=dKnJBhi6RZfDZi1ITzcUSxTr
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8c4591f30d7246bfd1500c5cf596cfea1655e616493cda06332b14f8fa858e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27973799
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18195
expires
Sun, 19 Nov 2023 03:58:35 GMT
img
pix.as.criteo.net/img/ Frame 3AAC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F0%2F4%2F046aeb250bfd2f0a2b5dce96f39de4d3.jpeg&v=3&w=400&s=hE67l2jwVaODRVy1AXL6UBqE&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
1ddaede6386d419531afbca8ca32f35d9147d29bbde13d6500052dd257439bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29498469
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3298
expires
Wed, 06 Dec 2023 19:29:45 GMT
img
pix.as.criteo.net/img/ Frame 3AAC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F2%2F2%2F22277-alton-slim-tallboy-6-drawers-oak_2_.jpg&v=3&w=400&s=TsQleWrHYPFtg-WYNj95mCNp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6b8862dc9f13243471e6dd36bbd7a276923489380c582a4076cf2e8619cdf8ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27799782
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3852
expires
Fri, 17 Nov 2023 03:38:17 GMT
img
pix.as.criteo.net/img/ Frame 3AAC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fb%2F2%2Fb2c4a9a6e422bc453fb042db22ed614d.jpeg&v=3&w=400&s=SzJ_raUqKgU3_h1tQYHenqWF&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
34a61bea7b2e652683aa0fa36f75f6952ddcfd011af0a391fb9343dfdfddd43c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30249647
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4054
expires
Fri, 15 Dec 2023 12:09:22 GMT
all
csm.as.criteo.net/ Frame 3AAC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=5_VCYnqK3Sru1nCyLIjKpPeGh645yO4wtD7ckfHG2bn0ZfddB47nbneks3mbHhUREmCdk0vKoU5GiYY8vSCZbdcNb4f1w2-xIc_d7OM-FwlOKKRMMYd3C_sj1YSQDBr2hmH6B0OzvcHfQIrMAB2gCJuk4V4vadrJfpTobNqSdprCs4yvG4-xIShSevNeg0JLRCjkkzqTT0z7wx59gbwlwIzSWp83CoyCGJUIlyaa0Wlo6Sy8YGz_VgU6_M03R75XEppolA&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:34 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3AAC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3AAC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2754 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 2754 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2754 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Dec 2023 09:28:35 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2754 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Dec 2023 09:28:35 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 2754 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=I97YZX-1LfqwuheEw9L6HC0Ic3PzL-16Jvw4SYOX7No09lGgeyr1BnQUordzPDli7vHvVvMo5AArDprwyUI8N-BmuVN6YztKjq8sYEFALMXoT3fIRM0Nyhs1qj7J1xey1hMc5tfWAXz-12FkN0hx-vJpFHfMoJ70-YaOSFuc-W0VekVEw7aLts6tBFMs28Cg98YnxpRGdneTMj-1oU3xxi_pI7k28vQHGgs_JogOP-H5z1d5m99dBqmLFG90PzCO81QFIOKM_juUD53r8uLi3ZQzBifXp64kfb3CFAwQ0rBfzUTQUOzy-WWw55MF8wBS3-J6Os4xiAhkYCiw36JIgFIorGot_n80Sr-5C9UZGvo6iUI7r2lKev3ba_Y_NlwBASB31dNBTFDD7MfxE9fc_ofYg0mzDGhAoUCf7UGTvNEaUVftTF3RfU_di0KquEmYmuW_Nw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1717479
expires
Mon, 26 Jul 1997 05:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 30 Dec 2022 09:28:35 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 4311 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Dec 2022 09:28:36 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adfetch
googleads.g.doubleclick.net/pagead/ Frame D372 		83 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
b27eee9973b430ad5c1a2036da6ec0baca4b5a136c0f73cc5633c2ca62e72034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
33034
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame 5C8A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb4dcd53084c57f432aa2286091df8ce527a30e35411f8b4c6af9819627e4ba

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7819bf05edba1c54-AKL
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 09:28:35 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F23OAt9lOn1czF7PU3T9%2BTQldFAzFFE9y6wOgVneXOlE1%2FlIT%2Fk8emSqi6%2BPo02Uuc5iBBX8Sg0whKuPdCMETD157uysTgkW3e1CkEK3PbofxRXPWVgZFnbz8qNsnKZfWxoKf0fyJ6qGSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 4311 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9CN1cVgocxxNuwyW0lBNdgmIgh6ntzCpk6nkzOtW6tH5Zzoh31YA-_ncTCvBL3U7xstwlMUdZ7Zw47ezYi0csdv0p7caipXCxw05SuNcoZFSFsQ9KU01VQzFTIfJuEWAx3j3-N2kJxg1qi4Oz808KvOchI2vOuSQmjD163B4h6_xaqFMJgejmFLw3LwZM-0fWF_GjJURnaIpid1QUiJEwMjNVM9ZOzLXBc8ytvAU68Wi9FWF6HnWXB6BcYMEUVjsojhc8j7P942uUSkFJojwrEW443WsT5LfNb_L3DRjrDvcdx8fpLYZwce3pAr8&sai=AMfl-YT5agiqc8QoD8SKo85te9qTamcRj5iG0txLaphWiURGEsGFU7NwyoxzFBw4QYlTnXH4JrbH3XygHa8eMQDjQRsQfk0W2iaSSgJHYwBmzv_FfkayBwI9YZoKTMxG4HD7Yg&sig=Cg0ArKJSzI5RXrZclwMKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 30 Dec 2022 09:28:35 GMT
truncated
/ Frame 4311 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11475796970cdcb6865f665aa75f08abed5210055911d0ab4d9b02757df2e27e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2754 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
734750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoNYlcaWBKqF0HPN2TddW4b0Yzs%2FWNb7qqGYM4RME2lIEvXIlALY%2BfBbW%2B8HbCM%2F4sZO7RRw9JOoriVXKNOzbiU2uTlDjmURYTwaSy6eSfz7WAhrRn1KcwSoyNEZ%2FAHBTcMrVaMd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7819bf083d7ea865-SYD
expires
Wed, 20 Dec 2023 09:28:35 GMT
animejs.js
static.criteo.net/animejs/ Frame 2754 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
img
pix.as.criteo.net/img/ Frame 2754 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=70489&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F70489%2F200408%2F3c09cdfc5e5e455b8f2fd075602a8b8a_square.png&v=3&w=236&s=v5a5a-1Ho6-hAiLBwSvzQ4YQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
db49cd0a9525be37293bbec39406b757d336b4c995b121ab09494a39407721aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27973799
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13964
expires
Sun, 19 Nov 2023 03:58:35 GMT
img
pix.as.criteo.net/img/ Frame 2754 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F0%2F4%2F046aeb250bfd2f0a2b5dce96f39de4d3.jpeg&v=3&w=800&s=39otsjDCphHoLThJk5Ou-3aB&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3deaf0ec138de1c006d3f0800bfcd4f73884482a843d8ff5656210a44216a953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29498469
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8214
expires
Wed, 06 Dec 2023 19:29:45 GMT
img
pix.as.criteo.net/img/ Frame 2754 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F83053cf0d40dcf26b8265457a64bc6ce.jpeg&v=3&w=800&s=X7TVQpYUfWOIIn05zBiv0YQT&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
74bd7c501477c1d9373372ecf4dcbf66acb3b40c810fb46edef437d9b98399bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29530312
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11672
expires
Thu, 07 Dec 2023 04:20:28 GMT
img
pix.as.criteo.net/img/ Frame 2754 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F2%2F2%2F22422-pregnancy_maternity_pillow_support_u-shape_grey.jpg&v=3&w=800&s=two0S9PAiSatUzG0B2IcUfzm&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
611001c8dbef57b65ebd6f7c6ac7f112f20a217a0ab68def2268d4afc945b2a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31472396
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
40230
expires
Fri, 29 Dec 2023 15:48:32 GMT
all
csm.as.criteo.net/ Frame 2754 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=d5sQ_3qK3Sru1nCylTliGZF0ylHA85t0lgQ6eWMTc3wUV9bX0DHpWdPUDrGdzlBDJWby7ycvx11yZGtzNs5V5ejmNGCKsoxEcC0egJ-guctX5Nayc4XMWgQcCBTVlmKDAJJ1iLcuhmSFu5oapD1uTj_b7tYtc2XnHsQsVzGbR4pvsnhLythKWdTuvsAh8saE0KoBc9hYISOdLCufpyocU7npla09MIpKQPXcq3o0Yr1p0rcFiWlSAQd-MQNFDCVe_4lVoQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2754 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2754 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
truncated
/ Frame 8E74 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14963a4e83ce89d71389d35d252f9cc75400c281b783bc63bb6af8fbf88d6950

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 9595 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1047411241418837&bg=!R0SlRADNAAYgquz3AKo7ACkAdvg8WofkZKKCllq7zUl4RjSWlgk6YMPyP7e2-XhMwbAiDJrtFBOPiQIAAAB1UgAAAANoAQeZAvb0AW8cBUw1XUWu1vPysu3Y1r4-b9cEgkJT-LkiGIwujCrcGz7HMTtz0AFiPvLhaT3Yc9HbRgl5uGRCwYefVL0zBwkPe4aYXsc_U13WZCo2GFeh0rcDmyUgSBmOXBADoJQdtoGiQSxq2V8G5GguaNpQrI64rBEopRCb1zjvI2vNdXWUIXtj2n9Hy-TwcFoR6ZDd_gY_cGClhExSRVxNFlqinlbvzJzIMI9ArDXQ5VxxjJlPQ2YwmHL8RRaNzmV1dTXFVl3YI4cFGgBlJYiLnNJqzd_vOfY2aDfYKV-C25Cpvj-2VxKZ4oGZNA2BBfMfcYE-XkHs0QfDwWfJuvkVicdad3gtNZtvgxslQhPl4AJUzv35vvQtemdM_0gofP1h1x9GCrqMhwD8Jnq4NpEaSP5FfM-pduXHlWxK2Zo-6fM_8MYJk826L2BPSyLFvcZPSEBjChTCp3EZNaypqoIkPtKUTqkZFFigSc8MjqkeYM_zIrC_uDMtNcjMO4-2T_Bynmvlu_93rHwo2BsKRIVTmhzxR_dy0VuSX7-VpGEPYkvDM9SCjXrkioepMjYm2ANsxrsqBTcqMlyAc17hWGlRXQ_0AxHX_0J7tat51wlJ-QJvg1bBbviwvX_EdlTtCHjUTvqVLCzd0vBo4sBSZONfMij5x4p1lekODgItB0lurCGwnVfug8xu8DPgOBZxuSCjOMFj_h6A0wJtnyBPzv8tm0q28J173F3pTT4FI15PphGMU62FMNSJ1WgD4-tVGS3AxpyhOj3R2iDVLWcZvkFxYSAlLuruQB9VEQcvuJjlF7pDpLNMEaFgMlngEzphv3XMHxFdznrEtrvJfX1BSApdKk7xSUS2r6wDXZ49vGuSBSQOKbikaobZ8vjw7CDLG5l3PtdPajQWiRy2VPkejJnkUUL_8GDo6_MSESyJmZwpI6FArhlvKpAV61e_yHeCJacoEVG8RtsoNbqJwwOwMMdUw-5CHVh3xt-EpBvpd5NhyozI22zhoRlEcQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F787 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1659567851031227&bg=!29il2JzNAAYgquz3AKo7ACkAdvg8WowQyG3DhledU31ZAP40xmcEAhAb-SuZCuXSRzchj4_wGE6U0wIAAABfUgAAAAJoAQcKAAN7GhiZAtiiSm-7wraeVhWUmIqKP5Q2cmWDmzOXCKZ3mxMeksg55Uq3n0Bz6iw_BjF5JQEFfhhz6qEJZOKu8DuIUWEPEhv8DwrknDWiPoJ27_mxBvmcFhskLPW2KFmBmFyLZAAB1pXXjPXdBwMi4G64YXQZaSfNuOkm4ogJTM3KJXN84xF65ncmbZakkhwj8E5EcHeuGcFvdgFKWDFVa4ye3mUu72N-o4xmBD74xIQWsP5cqDIlvIUNXkxMetUiaWjXTpdCvLxC9jxH9Ak2BPTfcPprFUGmLUxng8Pb-Rb_HSGO-moH_TIovvd8L_-t8U52J-0u5tKfy3-BOhBqTZ3KplbmUfa1PY3Kc82TrS-aNCIexOHBKRoMuRy4ISQNhmMQqAQvC-PgtTPu6AnS4_RKKEdJOTuGIledqDJM7upLHmjipa7kdyOrFV2F5gMmjOtDyB-R6E78rSqPrRZvvZD3TlwP2PJJ9froMJTI4vDy6CwORfaaObA8mCrydCS3HGb6jKaAJc6YcdX6xtGj98yAd7MCLbJ1z63oVb4EQoBYMkx63Nn0CO6ptOWqtArRNht89ujWqs-Vj2KwWDP6TI0z4YnYbdI8JO5BuW8papTIXsudE2AtF0-O3BsfhjRi1NHopIZq4WO_9yB8G7EMgvXLT0Mh5lsjau1KnuyQSS_8orNG7CKMbmtZCGLkfRtSmTdOkEtVJpXkrX_fGgtIixi2u8rwgHBYDmVuZMF4TJ_FuIc863ve2PcsIWTdA7Hyr6SVbNHbX3djckfylQLA0HTMO4tgROQXlH8grWbMMk7dsxMH0qYowbR9mWNaXpwjc6oDP3sQuH0yIergQvF_L-4rs6W_8i2cbX4cNa-K4weyyun2tBVvye_4JI3HhTo0n1DeFGPUGUeknwCRsMWjrCM1e6rNK7LKMXxK_Jd-_XGaGaatoJuTc4YsBlupLi4pbq0cMzyQkKk73PXDlOknGw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 3AAC 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 09:28:35 GMT
dcm
s.amazon-adsystem.com/ Frame 5C8A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6X289V0EQ9YEDF44J72K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DJAW12YH6510T6C8DSXG
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5C8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE00-nAGIWlxXco57g6Gx24&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE00-nAGIWlxXco57g6Gx24&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FPIOKpkSnu1lbdTY7kV46JLMNXsH7F7kCjLD6Y1jBaC7PUc9I5BY8USXWvlvRd1YDbFM2geAMcFBZzUOuvIlnVYy6sTjb9NDHnZGwWvlnyli7gWPGGFv5ScGTCOy825tlOo40by2vZ87g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7819bf0968fe1c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE00-nAGIWlxXco57g6Gx24&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5C8A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y66vPTF3RFEf8C0cBH4YgwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOromDeMlzFH87w9ZiCv9wY&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOromDeMlzFH87w9ZiCv9wY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOromDeMlzFH87w9ZiCv9wY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5C8A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7dcb16d6-9b28-4350-83ad-9d69d70817f1&expiration=1674984516&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7dcb16d6-9b28-4350-83ad-9d69d70817f1&expiration=1674984516&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7dcb16d6-9b28-4350-83ad-9d69d70817f1&expiration=1674984516&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 5C8A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=319263ae-af44-4400-817a-36c11968c700
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=319263ae-af44-4400-817a-36c11968c700
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 30 Dec 2022 09:28:36 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=319263ae-af44-4400-817a-36c11968c700
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 09:28:35 GMT
Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5C8A 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.36.219 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-36-219.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 5C8A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FTKvaueN1PbbGK5
0
0
rum
dsum-sec.casalemedia.com/ Frame 5C8A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y66vRAAH5LY5dAAp
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y66vRAAH5LY5dAAp&_test=Y66vRAAH5LY5dAAp
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y66vRAAH5LY5dAAp&_test=Y66vRAAH5LY5dAAp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1672392517.872364,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y66vRAAH5LY5dAAp&_test=Y66vRAAH5LY5dAAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5C8A 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Y66vPTF3RFEf8C0cBH4YgwAA%264735
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
415
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7819bf0b8a9f1c54-AKL
content-length
43
expires
Fri, 30 Dec 2022 13:28:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D372 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cwwd4P6-uY9TwBsiemsMPz4eOgA-94bqXbrunr-f1EL-7wbjBCRABILflhCFgq-yxheAYoAG1t86OAcgBAqgDAcgDyQSqBPEBT9D4zWto2-OrxxQuKf1T-sppAQ6x1c-sA7DOzqUv5kTGFIxSnnFPDyROjaOzn99XCc1TAe-0Aeoxt_OVLLz83bo_kF1vt1ooAHrJNYMXrtYb-_rwjSr4-abYk6T2PFcPUrtKwYglUfBNDX9Yu4dRn1c8cE5qFlhVVnxVsxvcDzyFfBhc1IaKAPbr5crJKfVVccUiZ3vH0s7PwtDiXX50VzSFSAB8h-Ol8ICdrta5fSNagjW--Hb4WBzEtvMRYY3Gg5g1fMFqTsL-LY09iwEk05TzZWKRP2py5GWsL-7yHLMhYwYcVkvKRpimEd-Jc0QVJ8AE2PD256QEkgUECAQYAZIFBAgFGASgBgKAB7PIsfECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCA8IgGEQARgAMgKKAjoCgEDyCA1iaWRkZXItNjkzNjU2gAoEyAsB2BMN0BUBmBYBgBcBshcICgYIABIAGAA&sigh=wYaTf3Xq7y0&uach_m=[UACH]&pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ&cid=CAQSKQDq26N9jjJUy3weEiyCo-MlFvkDa_okvdFjtNOM9hX7G15kMALP3Sy9GAEgCg&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 30 Dec 2022 09:28:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
1042434869035421028
tpc.googlesyndication.com/simgad/ Frame D372 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1042434869035421028?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmxJ9dRK5PhtXNMOWCDIinw4a34BQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
408706d02527a6dcdeaa97b34de8ef0e4e884f881d47d0799924c6b033b591f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 22:03:08 GMT
x-content-type-options
nosniff
age
41127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35737
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 21:17:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Dec 2023 22:03:08 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame D372 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 16:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 16:05:05 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D372 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 18:36:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
53549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1280
x-xss-protection
0
server
cafe
etag
8058174711348553767
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 18:36:06 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D372 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
376b9a21cd2e1dfcd781cb7aa717914f69a65b113839cd116436e98939bf4ee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 18:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
52459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10138
x-xss-protection
0
server
cafe
etag
11555303801430025220
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 18:54:17 GMT
l
www.google.com/ads/measurement/ Frame D372 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLER2er9cOQd7IImmbJV8BzCwAVemSJxzIChLGo0S-LkfpzqglgGDOak0B54iol_2YUAKs7MQ0TNcVPQEKW9t7AiBkbQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D372 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 09:28:36 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D372 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
9518056a696e02b2ddcb4188203bac553418591c6016fab7151f5e3fb3cb161b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 16:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
62475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18202
x-xss-protection
0
server
cafe
etag
365527031874225492
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 16:07:21 GMT
css
fonts.googleapis.com/ Frame 2754 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 09:15:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 09:28:36 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6B00 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
2545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 08:46:11 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
all
csm.as.criteo.net/ Frame 3AAC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=5_VCYnqK3Sru1nCyLIjKpPeGh645yO4wtD7ckfHG2bn0ZfddB47nbneks3mbHhUREmCdk0vKoU5GiYY8vSCZbdcNb4f1w2-xIc_d7OM-FwlOKKRMMYd3C_sj1YSQDBr2hmH6B0OzvcHfQIrMAB2gCJuk4V4vadrJfpTobNqSdprCs4yvG4-xIShSevNeg0JLRCjkkzqTT0z7wx59gbwlwIzSWp83CoyCGJUIlyaa0Wlo6Sy8YGz_VgU6_M03R75XEppolA&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPoKK13CAAlyC_Dr7Slt-HDTmw0v8A&u=%7CIRS4K9E1U76rvCWVNDMy2N4nMsl%2BvCmvpH0Y6KFoKyU%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uRrlyRmHlV8XR5MhAHLcmea4ms4T5fiQskQZetG7hKH6iyhV23GP21bwlowqJq-NpFqSaMax5BAnIlMTbtA4IpG3gUNc5EugLx_um3VUtqKVnGVSQGAOb6AswO6tI26M3jOhySROgREomHEg996FBwTQXibqzmWA6tv5YDfDIhnWoFXNz2qrZnkjPfHrpekDeyrYPrG27i-imnUTvbnTYU6dTjWK2ws9GwrWxU36KmH-34H670GVKYaDoxJ52OnNHc3ChaDXeAnsk-eI82kfwc4Uffwu9mw6W2XtQBu0JYAPKN136Bn4R7jTsareYv-Jk3HS7unZKgYVdwxUh91bkZk1eGWk7zn5trL5b_rQie0MZEJG9SM9PWlz-2_nv6l9kayN92KxoY_humBfVR8a5iY4gAKd_Hi2Xr-B8qMaTztaCynt0J80l_l-v-e1B76lNsWm_knvETY9siTy4fc4QBuUjJEFdbFc8tlm5lqLGyiIcx3fFHTBKFzjoTI_-jPtezZrdMOr1-rst84IvSvHXLiTkJXEHdOMEfm1CAwxMosrACOyriBLXFkeJu7B-FpQieMQr7X9aO6k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe3p2Qa-uY_qZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgStAk_QCHIhFQr8hEfCznsDAkfxG8Z48-4hE0BZo5-vVGDWmF17eUxN9Ryh1iUsxRnHCcWNS3o_JQu3qaGcsw30t9V4NvUOi2HAxBxJakHroHD9_grwlrqf42xEu7f529rr-EfEsgTF_2t5joaLC3Fa9VPpD23Uf17h6PkX1VFBeRz8d3N0dxqJsR74uBIMKgbTNHTR_VlcuK2ThYokJTepF5y47ZUar6a2GgCmeMNZPoh4SxVK_ODF1TbpdXR4XbxvT0JImn3U-qvewsC4aYUign1CSSiuWnoQo3lbYoMvbZ66nqG013DXL_fCevM16OpgO0-rY_lCfh5yhcAOoFFBsOEhzDZ7pBRUYvB5wMXntN3J6T_x2S5doDWHKLB9IzrodXQih9s9eZHRD0exDebgBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rCnOQlOMK5K4ftPcWRXF8WFXB6w%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
truncated
/ Frame D372 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a259d0634006b70fbad42415a0d78c2abd4cc9c1407801734b030fa53c228b9f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6B00
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:36 GMT
expires
Fri, 30 Dec 2022 09:28:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4311 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFBnQwDXKsM8mnnQcfTbpcrYjwo7TaFohiXoKBqLJyLujinE-HIk-d_Xhw3V3iTGP0IXVDsd1xfeuCSGkxL-BQ5iH6LmrOpgsUcL3xeTYiNfpbqX4P&sig=Cg0ArKJSzB0v7BTtmzp5EAE&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672392514428&rpt=1058&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 2754 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=d5sQ_3qK3Sru1nCylTliGZF0ylHA85t0lgQ6eWMTc3wUV9bX0DHpWdPUDrGdzlBDJWby7ycvx11yZGtzNs5V5ejmNGCKsoxEcC0egJ-guctX5Nayc4XMWgQcCBTVlmKDAJJ1iLcuhmSFu5oapD1uTj_b7tYtc2XnHsQsVzGbR4pvsnhLythKWdTuvsAh8saE0KoBc9hYISOdLCufpyocU7npla09MIpKQPXcq3o0Yr1p0rcFiWlSAQd-MQNFDCVe_4lVoQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vQQAMzPsKK13CAAlyC4GGVQWntxrDeQcO6w&u=%7CaPiRlM8L%2F8oEgE6tkp1rb8FXnewdGrqdQmR%2B8mE66AE%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TBlYtH6YWfUHa_HMIohQ5t5gHKQDbyROIOvW2aT967uapF8K1Y_DsDDIe-TKvf84rwpmR6OfFXKp_6pvR7VTycCBppfQoZYJyRy4W_Mbh59mbHy_RxspyP-HiAaXrw2siko3h8QQYF6b8GjCCSMVuzvyq3tV0wxH4YkwQx0e6m4C757ShmvdayJJXBFgkT5CryauFe2b_tlvF1uk0oF59Jz66lXAzQk-0j2zR4C9yLmd4sGhbt-TMaByyTJvxekWzKq39zceBF3R61Locjbdyg6FY6aGgfut-jfdeQnLol7z8IdgsF-NEcpgq1clsy5_ty3ykITKQAfTQ7a6EuvDyc_i639BCBbrdDpoC7z3ZKCFwzdzb1v4JT2NQA6Ho18_d4v-UJr9qrGThdi2O4BseblEEx94ixuJUEh71oAIhNSprJKlDmNAfko3tJsYdiY2rR9k6waGwAX-nPDve3rNQUU5YcBWJ7TriGyV7Ct8-ESwQxpkWN_WZivoWAqGokFmIGgMCfE2YzLnX7Rnea7gaY_aNFNDQILnK6UNs4IOu36eM0vjjahUYTpjQF-pfSOV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5C79Qa-uY_uZM8K7rQGL5KXABJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpApsTXh3ds6Y-4AIAqAMBqgSuAk_QWYE87Xb8QpibV3WJ0OB5g0ccSjYzWhyuLhVQp4mdFfqa28DWs7OA2SR56pIHnVQSAUWtojRiFzGjxO-uPPSz_sbhrudsz-v6R3loY6QWHAZlpOapRlj30cRUnF6lnk8OAOACGeKoiWU5rOOWTLRHKU88VXnTeZDg2U_HRzJp44tNJS4uP_VTynu95CWE3KIRZqFjWu2S8D2NmiLezZ9Tz9u2TkSByDVLPIpPSOvyqvQpLuvOiIfjr4OETEREmcVZ6sCjoQcpguX-4b03x3vjKTIzoFEsJWVx7eT1siKcXzwrL7WO55-uXBav2A7d3RlI-aFKsq2P2eYVmPBv4pMue-lvVDC9k9pNh0hsNxIyv9NVCa1JZqIk6A7890sJWDl4YN_5bxzZjKnsf_ee4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ovu-mgLBOClpkbA31a6Q2pJgjpQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0FAF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3742373109198497&bg=!d3SldDDNAAYgquz3AKo7ACkAdvg8WhkcSXE0mLDAU28zQ23iTmG1YnYYXg6XleXf0qWT7FrT7XWEeQIAAABVUgAAAAJoAQeZArMw98CwyNc3SVgdwXzpqa3VfFd8NteV-v8tLN0Ar-fB0nm6veL9g2bHEkn_3S6VZ28xNo6w63AL2lWcPNZPV4_zmR85DvGnGopFEs0bHb2k7EmS1kEaUir_QZI5nBYxHyZOpTd3JUOK1wGsj4xLyYA1nce614xsnFriS_0Y15GWCwyZtz--EERPNNLs1MQxU2QPP1m_sk5YFIUxlex1C4HEH5JMNExixBw5QYl4BcYg9RnktkTQ1CVOp0ampMg4QFsF4PoBVOM2pBL-t4Y144NHTj9QT0fm9wu6lzk1rGUm5M8I3zRlhCuaeRfizy4tLi5M5gGpEnTBgfMrJXJP6Ds9cAIpMb8prBF_hMoD0PGZDkrWJzG6G2dP0B-6QkoqmrU8j8fjGhF3ImlYOCvYK7qfYNIAFxfePyTu4LYk91pkBt308_bYYau2WTK6HBBRc83uSeTds_Vm4rdIMgP4saBHDWeczWPO9dVdZWxGfFypScSsUVCapMZ4r6FsYMXaVUQZV2Mrj3tgk39Yu4fqBOLjIbg8ATWJMTWVBIzrUVREYIQ38GynBVcQzgCAJp_HOnmy9nYvNmq1JBsmY7ZCt-0PcbFc-v3qGU4N3tpYPoylKjWLBckLGCVTQUZaEfTZJrduw0ClUzjz28WPnDi5jJEQkVgYKlf_VzNei4gKWh1tSYdH6hSBoY1O6sD_28fk_RAKbnkhgsPVcWs9goceyj2bn4csw2xEWYoR7KBVGv196stenMc8wWnAVN6BgEyYaXaERr3VoIzt35MpL69Zm2iiGM9rbqj9XAVtinkLWfGKR4WPPJwoDskprFeXPlYawVgGO1NwDHCB5hxIxvtzMngkKUYGXjs0TifeeRmtbuWG9sYzgNXA8WFbTKl7tEyvRWDoifI8aq40IwAW99aDiM6QSa6a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Dec 2022 09:28:36 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
397233
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		333 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
9bc4fb8670a897c9709587ea772bad70c4ef634e45e247be4582ce3c442e4eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
741602
expires
0
rid
match.adsrvr.org/track/ 		108 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
6ca82b761e577303f6149a1614f9a51d1cbd2b0dd78931fa4201c878c492dc4d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Dec 2022 09:28:36 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 29 Jan 2023 09:28:36 GMT
sync.html
public.servenobid.com/ Frame 1A6F 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-15.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
49830
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 29 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
x-amz-cf-id
ONMe6Le2MJ8pAKcu8tiPDd4uO1mJxFHTaVp3gG4398Dh4twJsehJfw==
x-amz-cf-pop
AMS1-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 0D9F 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2913a73ad1e6b89e0212ff60ec04cfda51e6a837a6cdd0c05ba531c3d8dfdaaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=65210
content-encoding
gzip
content-length
11800
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 09:28:37 GMT
expires
Sat, 31 Dec 2022 03:35:27 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 4DFA 		533 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
168bf9b21d696d9e6e03bb069093d46b95e38d78645d1ae9b492b54dabec0597

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
323
content-type
text/html
date
Fri, 30 Dec 2022 09:28:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 5146 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1672392511042
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
a19340e80c40e3fbf64fd9547f94d8c354cf34d3d151fdda46caa6abca847fad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1338
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 7914 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Dec 2022 09:28:37 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 01A6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
700
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7819bf0d7c341c54-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 09:28:36 GMT
expires
Fri, 30 Dec 2022 13:28:36 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame DE56
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
23e42c8df94701ca3a16ce7b645759754a5a50dc4c571fd554dbc4c94126ebf3

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:37 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 30 Dec 2022 09:28:37 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3ED8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.28.198 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-28-198.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 30 Dec 2022 09:28:37 GMT
ETag
"623de86a-cf34"
Expires
Sat, 31 Dec 2022 09:28:39 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 2754 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 15:59:56 GMT
x-content-type-options
nosniff
age
235721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 15:59:56 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CD73 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f50bace322ad73b823033c501d4cf1f7a977785dd04626fd7cee78cd1571069f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7819bf0e5d9b1c54-AKL
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 09:28:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4WyCOdvYi9RX5gS0g%2B22zNcumSDTEoQARxzb%2BAWv2xGy3QGQNrKAO4dbe9jYe3Tx72wKSTiDGtEbhnvF8Qxjo%2FlumfoLQvRNd%2BrCYFEh9eh1flpCjxpU%2FXk10UfMbePV9XO6wUOfTu0Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame 4DFA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4116065103529878963&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4116065103529878963&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4116065103529878963&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 4DFA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4ae4301f-d56a-7335-e839-882826677159&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttd_puid=4ae4301f-d56a-7335-e839-882826677159&gdpr=0&gdpr_consent=
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttd_puid=4ae4301f-d56a-7335-e839-882826677159&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttd_puid=4ae4301f-d56a-7335-e839-882826677159&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 4DFA
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y66vPcCo8XwAAGleYTsAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y66vPcCo8XwAAGleYTsAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.196","key":"Y66vPcCo8XwAAGleYTsAAAAA","privacy_sensitive":false,"uid":"Y66vPcCo8XwAAGleYTsAAAAA","upstream_id":"a-ad40014"}
X-SO-Key
Y66vPcCo8XwAAGleYTsAAAAA
X-SO-Upstream-ID
a-ad40014
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40014.dc2p.scaleout.jp
X-SO-UID
Y66vPcCo8XwAAGleYTsAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
116.90.74.196
X-SO-Cluster-ID
0
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y66vPcCo8XwAAGleYTsAAAAA
Cache-Control
private
X-SO-Ads-Time
1
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 4DFA
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Af0ZLHbrm4PHks8ADzLRiXkAF88AAAGFYlyo0Q
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Af0ZLHbrm4PHks8ADzLRiXkAF88AAAGFYlyo0Q
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Af0ZLHbrm4PHks8ADzLRiXkAF88AAAGFYlyo0Q
cache-control
no-cache
content-length
0
x-amz-cf-id
SXA5EBXte7EtOPGwY8pFIVqFSillcEnbIjZWRTnjNbR1DaQzRTHu0w==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4DFA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjY4YmUzZDUtMWMxZC0yZDkxLWZkZDktZDI5MWVjODViZjM5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4DFA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAN5hgmVGLpViyirO_7Jssg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAN5hgmVGLpViyirO_7Jssg&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAN5hgmVGLpViyirO_7Jssg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 32C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrsk2DEbllmHHPqG_XonuuRoyRn1VDOWAUbCOyZDA3RXHT2CF4xg9SSbH-T6ZfaY7tNtUkv7bYgTOSn1Llh_JJB3Ac&sig=Cg0ArKJSzCgpAtgVQtVaEAE&cid=CAASFeRoX-9BYxVznE_m9tn9NchECsCb5Q&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672392514449&rpt=1577&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5146
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x23 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 09:28:36 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5146 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5146
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7886676477272632521
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7886676477272632521
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
045d24ff-8669-4229-8632-44b22df4c094
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5146 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=qNn7Tmh80ZjWzpOf4JrEEwcpi_HpJWmAAGOjcRd-wNs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5146
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcp70X4VuzuUy9AKT5qj4qf7nuD3TWag
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcp70X4VuzuUy9AKT5qj4qf7nuD3TWag
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcp70X4VuzuUy9AKT5qj4qf7nuD3TWag
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 5146 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:37 GMT
content-length
0
/
onetag-sys.com/match/ Frame 5146
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCMXeup0GEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Fri, 30 Dec 2022 09:28:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5146
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9heGVDN4Jc_TDtjtPFTDx3NOkwgWifAi8yoTA5hz0qM
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9heGVDN4Jc_TDtjtPFTDx3NOkwgWifAi8yoTA5hz0qM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
03XFEXBFP64QD7YDG8DH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9heGVDN4Jc_TDtjtPFTDx3NOkwgWifAi8yoTA5hz0qM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 5146 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:38 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 5146 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 5146
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 5146 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672392511042
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 7975 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.196&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&sub_client=bidder-693656&hl=en&aceid=MIUwYwAPaDQB5G40AflwNAG9fjQBXoA0ARmBNAFAgTQBhoE0ASmCNAFLgjQBdYI0AYyCNAGXgjQBzYI0AdmCNAHrgjQBAIM0AQeDNAEYgzQBIoM0ASODNAE5gzQBPIM0AUSDNAFQgzQBVYM0AXqDNAF-gzQBf4M0AZ-DNAGsgzQBvoM0AUtzQQFTc0EB6R1cAidCqgIoQqoCKUKqAl9bqgJ9YqoC_XiqAhiNqgKAm6oCgZuqAoKbqgKiqKoC7MGqArXKqgJH1KoClN2qAsjiqgKg5aoCh-yqAljzqgJu-KoCf_mqAiX7qgJB-6oCNvyqAnEGqwJ_BqsCqgerAlYSqwKGGKsCBhmrAmMcqwKsHKsCbR-rAnchqwIeI6sCDSarAj0mqwJUKKsCXCirArwpqwLTKqsC-yurAkEuqwLhLqsCbC-rAucvqwJ-MKsCizKrAoA0qwKcNKsC1DSrAhg1qwJPNqsCjDarApU6qwJ2O6sCrDurAg08qwIjPKsCtjyrAnE9qwKUPasCkD6rAvY-qwJSQKsCFkOrAkBDqwJtQ6sClEOrAvRDqwIGRKsCikSrAsNFqwISRqsCpUarAvFGqwI_R6sC0kerAm9LqwJ9TKsCnkyrAvhMqwIq7QUD9XQkBOOzxQX-rlsQQZf7EgOs-xKgufsS1Ln7EuXB-xL1xPsSFcj7ErbW-xLW4fsSmvL7Eof3-xIK_fsS2wL8ElgF_BL1B_wStwj8EiMJ_BKLCfwSlgr8EuwK_BJbn-oUnMscGPdWaxo&awbid_c=AKAmf-B3LeAcE9KD3Lb-9L3fuLoLC5td_xQRIN0MhrtnD0VqHhi9sLnyIvRo70aYrJpWimGOQX2YK_DhhAvBqV2LfZsA0NKBPmeMSSd2DRKU-z5_n58DbGv_hsydTqMq_QuL90AJ4nRrI-N9DfyysKERDc3QN5d1-mampBQygJFpApsbgDQ09vc&awbid_d=AKAmf-A7pBzPI4eSrCW_vF4CO-z42PGmdwJhArsoX9kDq0jn2XxnEekP-3zYbND0CKL4QDXLru6xa_wcrRzRSyYqNb47t1cHGjHbZOoakDXHxuNaMhuTDgaGOfXOZozMJ6NvExrCR5HYJIAIC7rtjE_wJR99nVAQKju37d0ukRZ4aYH9kQRJ1uop6yoWN7hFy3BICy5SPblIKfTj91XdjTVHhKDFok67W4cBy5LMr_9SaU7RGx1sKifDQAr_P6FMD88d791ZVMmt2auEjec10mT7Ecz6PGDmRbojXFaRUGQdBK8G5qrPBxbMZVxQlgAblm5MWDN5ajBGVCaV22DxTDHbASQIslzWa-Yer-H9W0fHorYPIj8jf6HsqA-I-H7m1q2gqyLM3cJqn80pj0BXoR6XgD2f2sJt83D6xcK3Ei_lC2hZQ7BOjwUEehFlY_kQTKsDjh03-MqpBDaPQE-r0M_DZcWM2xLlYJooaKIf-iKa6Co7zioAt2-GdvfavT50x59fgB74QoyN9S5Ni-oPcINZWzU6zsSgXSA-K7axoYUAkLfPpewEfDN3CRrIU-VYSKFA74Q9c_D9ezjA3-hM4A5orbEKj-Yttf0iZTUwZK3WYYY6fqPuN3uhujOkfXYjMmqVn9-i8_SF5RjvxwBdybiWpbrnuyHcuookEhSGWwf-EvUFkb1EkcWc9CcJKwRpKapU53TzVhYa&cid=CAQSGwDq26N91HvaGCUct2b-mr4cA3ow-0JB4ETQ7xgBIAo&exk=462919182&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&a_pr=13:Y66vPwAAAABeROIBlA3qol_i548i12_Lgg6TmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 19:36:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8E74 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTuOjR1ri4vnmgzZhGj9oHruv0MA5ut8hz2NrTP0F6yUUKWKMnxeX4QfZlhMXC5Ayk68OxgVN86NlbE2b9ZaA99q2v&sig=Cg0ArKJSzOGb25NuyReVEAE&cid=CAASFeRoiLQoHmxJZ13IFoVEyY4AL3g8mg&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672392514456&rpt=1630&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1892013495938508&bg=!bm2lbSnNAAYgquz3AKo7ACkAdvg8Wmfrk7tUSHDj8BAjbBbDZ7dm2id-TU_tq5ll3WLDXCdd2WrnsAIAAABqUgAAAAJoAQeZArq8EPWaVRal4NEyxjQpvFG2h4HymNvyJ8pyArvAudUAGRb2qqQhyn3VagrW2WZzNYiOKhWciuv-eTnsJ_35tUHGbdteD7nGLshfLaCo1QklhoLd2w_BT6eircqFFhiBMMA9MywDARPymw-Y00kZUo27QQzW8lEtmCy_qZX-_8aUBsZNSuIjj4r00sPQZ_RkXWBfHZs0EUpQ54aH6d7TFaKbhimcuDma6Y3zz_iA_V0BaOmgGWSmdCzhC-XTzY9wnrL6K1q3bIDCZgy9NHUNGytwXZVpnXOrokegrQQAkA7EmbFa4jyPh9c-D_VJsgiQ4W2uKSLg-XM5WKoMEQOyu30LbZxROtskyYd5MB1zQM3NhIE8LPeOygVrjqxKzpSXRSmThbetvTCn7YHNaGodkI4Jmi3jclhxLFY8Sy-s64PSP9KBnslqnVVDqya6aI0HV6Md9MIW9xhHDN_tM3LtezNxIaeKmO-cM8qkKffPCKlCvs3hQnttB6AlKGYX7dlVLe0s1d68fYvFey6mWm7j6aVgQDoppH9tFvIMFtLeQp3FCPPsNGT9eY3NUf8t18Giyy_bnQnYrJm6CtPQWt5ger9VkMocZPtBrjhEZSOilDHnRMjOXui1pgPBfMPLWbFxEgFLpiDd8iDFnkeyjGbvdMzwOukWDQ-LmTVdEA3S2DhN8D3lIjQ7Olb57oXM7pbKQ1ON4heEU1BARLcBLqatCfyLagwwguFq9nyXCHK6D4nUVC9hQV8nIUb7KCepifBzM3WhNvW4oA6tsFFXDapYoaZAjtDbc__gyx_5inP4vqtsTQpjTtTe1Waz9MrPtKN8jdG6vNfnYJFR1GHtCpmJpdRBT8TWmFP07bzRF3WXTfZy4A76w0SFPI3vX5uwCrK-oT-6UzbGmH0m6uY6WyrlWUJQZikeyrPG2778aw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame CD73
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7886676477272632521
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7886676477272632521
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d4c094df-b832-42a3-8ce9-f7503ed7cadf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CD73
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.140.36.219 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-36-219.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
date
Fri, 30 Dec 2022 09:28:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame CD73
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044007509491951027
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044007509491951027
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044007509491951027
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame CD73
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFSoE7HXV8AACAQYU-Mkg&expiration=1673602118
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFSoE7HXV8AACAQYU-Mkg&expiration=1673602118
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFSoE7HXV8AACAQYU-Mkg&expiration=1673602118
Date
Fri, 30 Dec 2022 09:28:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tp_out
d.adroll.com/cm/index/ Frame CD73 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.233.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-233-19.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:37 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum.casalemedia.com/ Frame CD73
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7886676477272632521
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7886676477272632521
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MjWfVx3tSiwJaO4ClWKmtfqP%2FjaFUGVxE%2Bl25%2Fo4BdN2hWv4ls66lhzW0xxXDVX1QRKiFR4%2B46p7y7dxHrtVfIb%2BnqhObwwbg5MI81q%2FPI3b%2FL3lByGFUAAGrph45JlrZpMKiop"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7819bf143bdd1c5e-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
346d2861-3232-44b4-a199-dbaf1bb02f47
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CD73
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=W7JC-AznEPlAuBf-WrMOpF6yFqlAthL4X7NNr8nb
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=W7JC-AznEPlAuBf-WrMOpF6yFqlAthL4X7NNr8nb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=W7JC-AznEPlAuBf-WrMOpF6yFqlAthL4X7NNr8nb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CD73
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=A3CP00ZoH4BL8AHZ-HOZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2QJTINIDA...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=A3CP00ZoH4BL8AHZ-HOZ
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=A3CP00ZoH4BL8AHZ-HOZ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=A3CP00ZoH4BL8AHZ-HOZ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame CD73 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y66vPTF3RFEf8C0cBH4YgwAA%264735
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:37 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
76261
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7819bf155ded1c4d-AKL
content-length
43
expires
Sat, 31 Dec 2022 09:28:37 GMT
sync
gum.criteo.com/ Frame 0D9F 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
672303
expires
60
usync.html
eus.rubiconproject.com/ Frame 8B75
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Dec 2022 09:28:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 30 Dec 2022 09:28:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 21FC
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Drkt%26refUrl%3D%26vid%3D239251746631539411774436320...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=rkt&refUrl=&vid=23925174663153941177443632000V10&ovsid=2019090387663718195
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=rkt&refUrl=&vid=23925174663153941177443632000V10&ovsid=2019090387663718195
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 30 Dec 2022 09:28:40 GMT
expires
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 30 Dec 2022 09:28:40 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=rkt&refUrl=&vid=23925174663153941177443632000V10&ovsid=2019090387663718195
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9332 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.28.212 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-28-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41996
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 30 Dec 2022 09:28:38 GMT
expires
Fri, 30 Dec 2022 21:08:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 0D9F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dapx%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=apx&refUrl=&vid=23925174663153941177443632000V10&ovsid=7886676477272632521
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=apx&refUrl=&vid=23925174663153941177443632000V10&ovsid=7886676477272632521
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:37 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:37 GMT

Redirect headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8c5064aa-6c15-4f67-8f55-234f41529d76
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=apx&refUrl=&vid=23925174663153941177443632000V10&ovsid=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 0D9F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3153941177443632...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=opx&refUrl=&vid=23925174663153941177443632000V10&ovsid=82c85980-7e6a-49d5-8b76-f6469488e385
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=opx&refUrl=&vid=23925174663153941177443632000V10&ovsid=82c85980-7e6a-49d5-8b76-f6469488e385
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:38 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:38 GMT

Redirect headers

date
Fri, 30 Dec 2022 09:28:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3153941177443632000V10&type=opx&refUrl=&vid=23925174663153941177443632000V10&ovsid=82c85980-7e6a-49d5-8b76-f6469488e385
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 0D9F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dmma%26refUrl%3D%26vid%3D239251746631539411774436...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=mma&refUrl=&vid=23925174663153941177443632000V10&ovsid=319263ae-af44-4400-817a-36c11968c700
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=mma&refUrl=&vid=23925174663153941177443632000V10&ovsid=319263ae-af44-4400-817a-36c11968c700
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:37 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:37 GMT

Redirect headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=mma&refUrl=&vid=23925174663153941177443632000V10&ovsid=319263ae-af44-4400-817a-36c11968c700
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 09:28:36 GMT
usersync
usersync.gumgum.com/ Frame 0D9F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dr1%26refUrl%3D%26vid%3D23925174663153941177...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dr1%26refUrl%3D%26vid%3D23925174663153...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8724952385
  • https://sync.1rx.io/usersync/tradedesk/7dcb16d6-9b28-4350-83ad-9d69d70817f1
  • https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-06b2d434-da93-4867-903e-6567c80fe655-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX06b2d434da934867903e6567c80fe655004
content-type
text/html
cksync
cs.media.net/ Frame 0D9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE1Mzk0MTE3NzQ0MzYzMjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFsz2aA5Hy2F98Yr3d5CGSw&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFsz2aA5Hy2F98Yr3d5CGSw&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.50.20.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-20-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 30 Dec 2022 09:28:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFsz2aA5Hy2F98Yr3d5CGSw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0D9F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23925174663153941177443...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=dxu&refUrl=&vid=23925174663153941177443632000V10&ovsid=FTKvaueN1PbbGK5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=dxu&refUrl=&vid=23925174663153941177443632000V10&ovsid=FTKvaueN1PbbGK5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:37 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:37 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0cfbcc7100bd67995@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=dxu&refUrl=&vid=23925174663153941177443632000V10&ovsid=FTKvaueN1PbbGK5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0D9F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bac0fb1c-b88f-43a6-9270-f1c3fe4ba1e9
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bac0fb1c-b88f-43a6-9270-f1c3fe4ba1e9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bac0fb1c-b88f-43a6-9270-f1c3fe4ba1e9
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1359344
content-length
0
expires
Fri, 30 Dec 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0D9F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D2d843f2c-c6f7-4311-a7de-e85a87b69e...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=319263ae-af44-4400-817a-36c11968c700&expires=30&ssp=medianet&bsw_param=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:39 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 30 Dec 2022 09:28:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 0D9F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dzem%26refUrl%3D%26vid%3D23925174663153941177443632...
  • https://stags.bluekai.com/site/23178?id=A3CP00ZoH4BL8AHZ-HOZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKBGNBVAMBQLJXUQNCCJQ4ECSC2FVEE6...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=A3CP00ZoH4BL8AHZ-HOZ&refUrl=&type=zem&vid=23925174663153941177443632000V10&vsid=3153941177443632000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=A3CP00ZoH4BL8AHZ-HOZ&refUrl=&type=zem&vid=23925174663153941177443632000V10&vsid=3153941177443632000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:39 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=A3CP00ZoH4BL8AHZ-HOZ&refUrl=&type=zem&vid=23925174663153941177443632000V10&vsid=3153941177443632000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 0D9F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3153941177443632000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3153941177443632000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=d4f65e1b-7a32-4d9a-b16a-f123d928901b&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=d4f65e1b-7a32-4d9a-b16a-f123d928901b&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:40 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=d4f65e1b-7a32-4d9a-b16a-f123d928901b&cs=1
Date
Fri, 30 Dec 2022 09:28:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame 0D9F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7dcb16d6-9b28-4350-83ad-9d69d70817f1
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7dcb16d6-9b28-4350-83ad-9d69d70817f1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.50.20.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-20-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 30 Dec 2022 09:28:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7dcb16d6-9b28-4350-83ad-9d69d70817f1
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
usync.js
eus.rubiconproject.com/ Frame 7914 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0dedd68065a53fa6a335ef3692f1c0a13cdd96159b60bc9fc03dc99822dca07c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Dec 2022 08:43:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83701
Connection
keep-alive
Content-Length
10065
Expires
Sat, 31 Dec 2022 08:43:38 GMT
xuid
eb2.3lift.com/ Frame DE56
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Dec 2022 09:28:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame DE56
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2MTE0NTcyODg5NzAxNjI5MDg5Mw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame DE56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFRedUCFrKVJiAaCaSylHfc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFRedUCFrKVJiAaCaSylHfc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Dec 2022 09:28:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFRedUCFrKVJiAaCaSylHfc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DE56
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2MTE0NTcyODg5NzAxNjI5MDg5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2MTE0NTcyODg5NzAxNjI5MDg5Mw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2MTE0NTcyODg5NzAxNjI5MDg5Mw%3D%3D
date
Fri, 30 Dec 2022 09:28:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame DE56
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3161145728897016290893&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3161145728897016290893&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3161145728897016290893&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:37 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B516C28AB6354726845F618EC2E717A9 Ref B: SYD03EDGE1107 Ref C: 2022-12-30T09:28:38Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxCDn9SNyoqfN1OASoCw==

Redirect headers

date
Fri, 30 Dec 2022 09:28:37 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 821FFB45D6E04877862C820502EFF7F6 Ref B: SYD03EDGE1107 Ref C: 2022-12-30T09:28:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/setuid?partner=tripleliftdbredirect&tlUid=3161145728897016290893&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxCDn1Xoh/+tIN3Ouvfg==
xuid
eb2.3lift.com/ Frame DE56
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3161145728897016290893&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e43d13f1-0e7c-4f22-8ca6-a3a7983a039f&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Dec 2022 09:28:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 30 Dec 2022 09:28:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame DE56
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3161145728897016290893?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-NuUSktlE2oSfk0YgpKiVxEMlky8VQXJLnrUKw3hrdQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-NuUSktlE2oSfk0YgpKiVxEMlky8VQXJLnrUKw3hrdQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Dec 2022 09:28:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 30 Dec 2022 09:28:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-NuUSktlE2oSfk0YgpKiVxEMlky8VQXJLnrUKw3hrdQ--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame DE56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3161145728897016290893
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame DE56 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3161145728897016290893&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
last-modified
Tue, 13 Dec 2022 19:05:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 95AFE844069846769C6455C1171F9C03 Ref B: SYD03EDGE1911 Ref C: 2022-12-30T09:28:38Z
etag
"66efadef25fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame DE56
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7886676477272632521&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7886676477272632521&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 30 Dec 2022 09:28:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c54fcb30-b1ba-47fc-a2fe-354bc8d39077
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7886676477272632521&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D372 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAwhYD4-IC0osNGpwNvlhhIIKlbz8OBNuR-og0-6FZ-1S1zpK1Rb-L9K-urMTC7e3Y3YGnzkQ-CHvIzEV1MPG3t3HLZcEZLeDtqKdWB5X-Hnamcqks7BHOhFI-heVBh-SYTqM&sai=AMfl-YR72gSjVpBWBEGAgART33CL19CB7F1vMdRsrPZ6MT9lZamkxFySL4auVmqsAHyybEIIlzUKkm9nc5Olp23Ypg1H-OwFlhpG9iSGqQ&sig=Cg0ArKJSzCig5bC0uqu9EAE&cid=CAQSKQDq26N9jjJUy3weEiyCo-MlFvkDa_okvdFjtNOM9hX7G15kMALP3Sy9GAEgCg&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3853246281&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672392515444&rpt=1093&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13926
g2.gumgum.com/usync/ Frame ABAB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.27.164 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-27-164.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cb24b002fd729a15ba07ff30219340568a49fa75df633c66763b6292db7e8289

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 30 Dec 2022 09:28:38 GMT
etag
W/"0533fdcd24fb43ccf1fbf770baf30f1db"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 7A29 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
b617bc9ceaab7237f5bd5ba65289364afa6748add50a21e94795178754595d92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1361
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 677E 		586 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
ba781625da0631fa1bc4cfce1011441847c9ab9780578d025c40c9d05a70db13

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
586
content-type
text/html
date
Fri, 30 Dec 2022 09:28:38 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1D07 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4609998b5d9cf8aa5ece8e1de7e17d85aaccc5f36a385d35512f4fa01f2f0beb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7819bf14ea4e1c54-AKL
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 09:28:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jko2KNCCHxQ1X1AYBQOKiKtBNyzhwza419eZUDs3le%2BNxQ0aQLDkGUxGYFLCkHhXkZViP9vV7gpXOHsgWXDVUOVl%2FyEERTi13Hl7p1qcybnF3uFvZ5bMUdZ%2FrQvzqg0LeBxnX3fmH831Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E478
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Dec 2022 09:28:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 30 Dec 2022 09:28:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9541 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.28.212 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-28-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41996
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 30 Dec 2022 09:28:38 GMT
expires
Fri, 30 Dec 2022 21:08:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame F383 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-40.sin2.r.cloudfront.net
Software
/
Resource Hash
4de0c0773c7c6afca4ef3fe89c78a65c055e4a01432ffccaa5df2190a902a715

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Fri, 30 Dec 2022 09:28:38 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
x-amz-cf-id
7G3EyzK3NfF7eFkRF57MuIO7051VfHRmT9Tyb-QNnEZ8VW6iwms3Uw==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 1A6F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7886676477272632521
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7886676477272632521
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 30 Dec 2022 09:28:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2ff26596-4d63-40de-b37b-98bb4d72e421
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 1A6F
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=F5t4CLZHazrZKzetQMCLBzQQ
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=F5t4CLZHazrZKzetQMCLBzQQ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=F5t4CLZHazrZKzetQMCLBzQQ
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 1A6F
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=F5t4CLZHazrZKzetQMCLBzQQ
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=F5t4CLZHazrZKzetQMCLBzQQ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=F5t4CLZHazrZKzetQMCLBzQQ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
usersync.gumgum.com/ Frame 1A6F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1672392518458
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6301328728
  • https://sync.1rx.io/usersync/tradedesk/7dcb16d6-9b28-4350-83ad-9d69d70817f1
  • https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-06b2d434-da93-4867-903e-6567c80fe655-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX06b2d434da934867903e6567c80fe655004
content-type
text/html
sync
ads.servenobid.com/ Frame 1A6F
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1917759395183683064
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1917759395183683064
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1917759395183683064
Date
Fri, 30 Dec 2022 09:28:40 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 1A6F 		0
0
pixel
ap.lijit.com/ Frame 1A6F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7841%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dab05a955-391b-459a-b96...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7841%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dab05a955-391b-459a-b965-dadd9b411dff%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 09:28:38 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7841%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dab05a955-391b-459a-b965-dadd9b411dff%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Fri, 30 Dec 2022 09:28:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 1A6F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
date
Fri, 30 Dec 2022 09:28:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame 1A6F
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zY...
0
0
sync
ads.servenobid.com/ Frame 1A6F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
date
Fri, 30 Dec 2022 09:28:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 3ED8 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
AN-X-Request-Uuid
173f8bcb-9270-4efe-b102-4d565d628dec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7914
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zaMh8gob6hmNbMrG3p6dIQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PQCpJmlE2oK6fS7kdTx85IZOJya8yxUpYpJigQ--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PQCpJmlE2oK6fS7kdTx85IZOJya8yxUpYpJigQ--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 30 Dec 2022 09:28:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PQCpJmlE2oK6fS7kdTx85IZOJya8yxUpYpJigQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7914
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENBQkJLV0ItWi1FTUFL
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENBQkJLV0ItWi1FTUFL
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENBQkJLV0ItWi1FTUFL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7914
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 7914
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTFlMWQ1NGQzMDYxYjVlMGVjNzJhNmNhZGMwZGNiZTU1ZDQ4OTJiYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTFlMWQ1NGQzMDYxYjVlMGVjNzJhNmNhZGMwZGNiZTU1ZDQ4OTJiYg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTFlMWQ1NGQzMDYxYjVlMGVjNzJhNmNhZGMwZGNiZTU1ZDQ4OTJiYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7914 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TZ925X6JZRMFFVR74FGM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 7914
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCABBKWB-Z-EMAK
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCABBKWB-Z-EMAK
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:38 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: EB383666B77542F2AA10C5CF393E7D58 Ref B: SYD03EDGE1107 Ref C: 2022-12-30T09:28:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxCDoIU7ZFfLDwh5O4Eg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCABBKWB-Z-EMAK
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7914
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEENgS2T0PI2xt50O-vPkdm0&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEENgS2T0PI2xt50O-vPkdm0&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEENgS2T0PI2xt50O-vPkdm0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 7914
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pcSCYo82Q1yrFuJnQVoDJQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pcSCYo82Q1yrFuJnQVoDJQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pcSCYo82Q1yrFuJnQVoDJQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G44S0HPWY8A78W3KWSHD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pcSCYo82Q1yrFuJnQVoDJQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 1D07
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=31CB8A23053C483D935929F708821FAF
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=31CB8A23053C483D935929F708821FAF
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Fri, 30 Dec 2022 09:28:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=31CB8A23053C483D935929F708821FAF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 29 Dec 2022 09:28:38 GMT
crum
dsum-sec.casalemedia.com/ Frame 1D07
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688117318&external_user_id=38891fe1-b719-4719-b0a1-3a8095632825
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688117318&external_user_id=38891fe1-b719-4719-b0a1-3a8095632825
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Fri, 30 Dec 2022 09:28:38 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688117318&external_user_id=38891fe1-b719-4719-b0a1-3a8095632825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 1D07
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=66a60719-4a3e-4ba2-aabc-5ceac54ee5e7&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=66a60719-4a3e-4ba2-aabc-5ceac54ee5e7&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=66a60719-4a3e-4ba2-aabc-5ceac54ee5e7&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 30 Dec 2022 09:28:39 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 1D07
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Fri, 30 Dec 2022 09:28:39 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 1D07
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7886676477272632521
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7886676477272632521
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
713a0a11-c6c8-459e-9cde-92d35034c9d2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1D07
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044007509491951027
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044007509491951027
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4044007509491951027
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1D07
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKZ3U7HXV8AACBhxMcsag&expiration=1673602118
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKZ3U7HXV8AACBhxMcsag&expiration=1673602118
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKZ3U7HXV8AACBhxMcsag&expiration=1673602118
Date
Fri, 30 Dec 2022 09:28:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 1D07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE00-nAGIWlxXco57g6Gx24&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE00-nAGIWlxXco57g6Gx24&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSlohtmRw2sRW4R31kibSDsapMfbav%2Fni7204BPDc5BPPDiVF7wcQkgCkVfRHRL0MjZ7f8Gj3OKhKlFrv0oDobt2qGyJr0KplxJ2rWAtjYwEEpMzgAcDdxx5Sj%2FoqsCSP6O%2BVlpcH8oy7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7819bf19bedd1c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE00-nAGIWlxXco57g6Gx24&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 1D07 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7A29
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcq4eooBEI7KgbIqNDYMfGyT6b_gGbWQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcq4eooBEI7KgbIqNDYMfGyT6b_gGbWQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcq4eooBEI7KgbIqNDYMfGyT6b_gGbWQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 7A29 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 7A29
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 09:28:37 GMT
/
onetag-sys.com/match/ Frame 7A29
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LCABBKWB-Z-EMAK&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LCABBKWB-Z-EMAK&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LCABBKWB-Z-EMAK&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
onetag-sys.com/match/ Frame 7A29
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7886676477272632521
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7886676477272632521
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
60e1645b-39de-4833-80e2-3919424a2773
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7A29 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9heGVDN4Jc_TDtjtPFTDx3NOkwgWifAi8yoTA5hz0qM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 7A29
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1363465109712402442
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1363465109712402442
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1363465109712402442
date
Fri, 30 Dec 2022 09:28:38 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7A29
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7FBCDFXXBRE2CZG55EHF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 7A29
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzk2RkMxOUItNEZDMi00NzMyLUFFMTctREUzQjQ3NTE3NDhF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 7A29
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
date
Fri, 30 Dec 2022 09:28:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 7A29
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
sync.ad-stir.com/ Frame 7A29
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-DDuSW69E2pmaaNIIk_UgB3Kh9baUwG9DG7eHww--~A&expires=5
  • https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=2d843f2c-c6f7-4311-a7de-e85a87b69e25
43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=2d843f2c-c6f7-4311-a7de-e85a87b69e25
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
35.74.106.211 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:40 GMT
cache-control
max-age=300
content-length
43
content-type
image/gif

Redirect headers

Location
//sync.ad-stir.com/?symbol=BIDSWITCH&uid=2d843f2c-c6f7-4311-a7de-e85a87b69e25
Date
Fri, 30 Dec 2022 09:28:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 7A29 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=9heGVDN4Jc_TDtjtPFTDx3NOkwgWifAi8yoTA5hz0qM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9332 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1641465&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8d638f4a7b704254ef2b7a8abe5a04eb2ca104e6b0fe61e643cc97a351cfe6e3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 09:28:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 8B75 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0dedd68065a53fa6a335ef3692f1c0a13cdd96159b60bc9fc03dc99822dca07c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Dec 2022 08:43:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83700
Connection
keep-alive
Content-Length
10065
Expires
Sat, 31 Dec 2022 08:43:38 GMT
usync.js
eus.rubiconproject.com/ Frame E478 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0dedd68065a53fa6a335ef3692f1c0a13cdd96159b60bc9fc03dc99822dca07c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Dec 2022 08:43:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83700
Connection
keep-alive
Content-Length
10065
Expires
Sat, 31 Dec 2022 08:43:38 GMT
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7886676477272632521
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7886676477272632521
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 30 Dec 2022 09:28:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f9f83e34-9a0e-41e8-a884-a455b8697c75
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_85683235-54c4-4a40-ba9a-7d1558b3bb21&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2d843f2c-c6f7-4311-a7de-e85a87b69e25&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524630856467605591&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=55fe6a3e-3974-4bc6-9844-040055253860&ssp=gumgum2&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524630856467605591&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209030804381002976900&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524630856467605591&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=2d843f2c-c6f7-4311-a7de-e85a87b69e25
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2d843f2c-c6f7-4311-a7de-e85a87b69e25
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=2d843f2c-c6f7-4311-a7de-e85a87b69e25
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-81cb2fa0-9f57-443d-740b-c8e75ca44f3d$ip$116.90.74.196
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-81cb2fa0-9f57-443d-740b-c8e75ca44f3d$ip$116.90.74.196
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-81cb2fa0-9f57-443d-740b-c8e75ca44f3d$ip$116.90.74.196
Date
Fri, 30 Dec 2022 09:28:38 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_85683235-54c4-4a40-ba9a-7d1558b3bb21&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=A3CP00ZoH4BL8AHZ-HOZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QJTINIDAMC2N5EDIQSMHBAUQWRNJBHVU...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=A3CP00ZoH4BL8AHZ-HOZ&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=A3CP00ZoH4BL8AHZ-HOZ&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=A3CP00ZoH4BL8AHZ-HOZ&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7700803618
  • https://sync.1rx.io/usersync/tradedesk/7dcb16d6-9b28-4350-83ad-9d69d70817f1
  • https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-06b2d434-da93-4867-903e-6567c80fe655-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-06b2d434-da93-4867-903e-6567c80fe655-004
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX06b2d434da934867903e6567c80fe655004
content-type
text/html
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Zy4mgODCQ0qo&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Zy4mgODCQ0qo&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=Zy4mgODCQ0qo&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
cookie-sync
sync.outbrain.com/ Frame ABAB
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28yaTg3GGZIqmbe6Fpdfq9-ZE_yhiKWz1tq57svhEq5FOSz3k0NlQo1FDg7GxabiDq%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_85683235-54c4-4a40-ba9a-7d1558b3bb21&obuid=ENC(yaTg3GGZIqmbe6Fpdfq9-ZE_yhiKWz1tq57svhEq5FOSz3k0NlQo1FDg7GxabiDq)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=yaTg3GGZIqmbe6Fpdfq9-ZE_yhiKWz1tq57svhEq5FOSz3k0NlQo1FDg7GxabiDq
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=outbrain
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7720908349641310251&ssp=outbrain
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
0
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=bdd9946f-fd7f-4b63-8f42-98c5ee37701f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=bdd9946f-fd7f-4b63-8f42-98c5ee37701f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 30 Dec 2022 09:28:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=bdd9946f-fd7f-4b63-8f42-98c5ee37701f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ecKrbHtE2pfhl9ntyRhA.GA.M.p2LFf.cDg9~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-ecKrbHtE2pfhl9ntyRhA.GA.M.p2LFf.cDg9~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 30 Dec 2022 09:28:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-ecKrbHtE2pfhl9ntyRhA.GA.M.p2LFf.cDg9~A
content-length
0
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b944d645-b836-4ea7-8708-858753f499c7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b944d645-b836-4ea7-8708-858753f499c7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b944d645-b836-4ea7-8708-858753f499c7
Date
Fri, 30 Dec 2022 09:28:41 GMT
Connection
keep-alive
X-CI-RTID
5d982869-56a0-4852-9053-ea3cfe048077
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame ABAB 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.94.115 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:40 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
326420811
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame ABAB 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:40 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=ea89f0d2-e720-4ba7-9469-f83b7b497c05
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=ea89f0d2-e720-4ba7-9469-f83b7b497c05
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=ea89f0d2-e720-4ba7-9469-f83b7b497c05
access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:41 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame ABAB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1363465109712402442
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1363465109712402442
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1363465109712402442
date
Fri, 30 Dec 2022 09:28:39 GMT
content-length
0
sync
ads.servenobid.com/ Frame ABAB 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_85683235-54c4-4a40-ba9a-7d1558b3bb21
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame BCDB
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-ab4fV40Q1g3ttONU4hzX-nYFrX-IP9fECsE00tFYzw
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-ab4fV40Q1g3ttONU4hzX-nYFrX-IP9fECsE00tFYzw
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-ab4fV40Q1g3ttONU4hzX-nYFrX-IP9fECsE00tFYzw
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 912D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.28.212 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-28-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41996
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 30 Dec 2022 09:28:38 GMT
expires
Fri, 30 Dec 2022 21:08:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 03E9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=7dcb16d6-9b28-4350-83ad-9d69d70817f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=7dcb16d6-9b28-4350-83ad-9d69d70817f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 30 Dec 2022 09:28:38 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=7dcb16d6-9b28-4350-83ad-9d69d70817f1
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 9BA2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:38 GMT
Expires
Fri, 30 Dec 2022 09:28:37 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master hkg-pixel-x20 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame DCB7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 30 Dec 2022 09:28:38 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fty21347-FTY
x-timer
S1672392519.943299,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 133D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84NTY4MzIzNS01NGM0LTRhNDAtYmE5YS03ZDE1NThiM2JiMjE=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 09:28:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 7606 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.56.33 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 30 Dec 2022 09:28:39 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 0F3B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y66vPcCo8XwAAGleYTsAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y66vPcCo8XwAAGleYTsAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 30 Dec 2022 09:28:38 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y66vPcCo8XwAAGleYTsAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40014.dc2p.scaleout.jp
X-SO-IP
116.90.74.196
X-SO-Key
Y66vPcCo8XwAAGleYTsAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.196","key":"Y66vPcCo8XwAAGleYTsAAAAA","privacy_sensitive":false,"uid":"Y66vPcCo8XwAAGleYTsAAAAA","upstream_id":"a-ad40014"}
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-UID
Y66vPcCo8XwAAGleYTsAAAAA
X-SO-Upstream-ID
a-ad40014
usersync
usersync.gumgum.com/ Frame 8DD3
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=a_85683235-54c4-4a40-ba9a-7d1558b3bb21&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=a0603876-8a04-448b-961a-0664a96212b4
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=a0603876-8a04-448b-961a-0664a96212b4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 30 Dec 2022 09:28:39 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=a0603876-8a04-448b-961a-0664a96212b4
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame 8F0D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y66vPTF3RFEf8C0cBH4YgwAA%264735
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y66vPTF3RFEf8C0cBH4YgwAA%264735
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7819bf1acfbb1c54-AKL
content-length
0
date
Fri, 30 Dec 2022 09:28:38 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y66vPTF3RFEf8C0cBH4YgwAA%264735
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJOK36s%2Fm%2BPvIqoL%2FsGn5ZZulixOSUyxz9WEhu02VXlR0VyZYdidgaOpuxS%2BEgnPH1gLDqbeqlrRC6vEmVebRapblLIh8n6q2sy69GW4bmtibVy5Ek91k7kpEXqGPdq%2FWN3g28CizBqC8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 6078
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=lNeQIFFvQ2SLFOL1zIbV&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=lNeQIFFvQ2SLFOL1zIbV&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 30 Dec 2022 09:28:40 GMT Fri, 30 Dec 2022 09:28:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=lNeQIFFvQ2SLFOL1zIbV&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame EB0E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Dec 2022 09:28:39 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 30 Dec 2022 09:28:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 677E 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6691594450986858750&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
264.gif
id5-sync.com/k/ Frame 677E
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-0273GgMaPHM0vv5-sX-A4WF4kSoAlnO-QwaDay_xpQ&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=1363465109712402442&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttl=%%TTL%%
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 677E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1672392519.987200,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
redir
rtb-csync.smartadserver.com/ Frame 677E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFSoE7HXV8AACAQYU-Mkg&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFSoE7HXV8AACAQYU-Mkg&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFSoE7HXV8AACAQYU-Mkg&gdpr=0
Date
Fri, 30 Dec 2022 09:28:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 677E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=Fgj7UEFdqVENAq5WFwm3DBMIrwENDKtQEgnomJGv
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=Fgj7UEFdqVENAq5WFwm3DBMIrwENDKtQEgnomJGv
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:40 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=Fgj7UEFdqVENAq5WFwm3DBMIrwENDKtQEgnomJGv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cksync.php
contextual.media.net/ Frame 8B75
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LCABBKWB-Z-EMAK
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LCABBKWB-Z-EMAK
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LCABBKWB-Z-EMAK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 09:28:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 30 Dec 2022 09:28:39 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LCABBKWB-Z-EMAK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
async_usersync
ib.adnxs.com/ Frame 3ED8 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
AN-X-Request-Uuid
9a8eacc0-58fb-4340-9b18-8b03ac58a7fc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame E478
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LCABBKWB-Z-EMAK
  • https://ads.servenobid.com/sync?pid=323&uid=LCABBKWB-Z-EMAK
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LCABBKWB-Z-EMAK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
54.154.5.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-5-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LCABBKWB-Z-EMAK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
all
csm.as.criteo.net/ Frame 648F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=6LSk3XqK3Sru1nCyeGDN93bPKLinDWR5dBNy9l_knFqM7VZKD2azjIPuO0qrvBBwuoLkm0MiP-4dm6kj1KE2pnJGr5kTgZsoGaflLfVmIYi0CpzaFRA51L9jBj5qDuWDTVVc03OHaz-rlzNraxH6TYbybm-LsZ-fEwTbbJZ2yiK__gxlSSwryq9y5TawPXxywkcjSjb3yhPoeYnd2vUkDtp7hN79zgMAvdzTMTeec6cSvrjC4QkOvgD-kqOIYQ8w03FSEA&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y66vPAALHgEKaPgSAA1FZ_Vx-hpXKbvHX_ECfQ&u=%7C8WQHdG373CRCupME3mqWT2kLZO%2FdlinLZZ1apLt7fxI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bn3LmZ3mpCuZwfG7jZFvkvuqhihlTre7twPrR2HsyEw93_N9mcONmJI8bOM8hTw6mp69j7CmqlBdsSB22v0yAKLz0rzXNvbnJcHX8v2FEZ5V0XSJO57MI_BAnwoSj1LQYqKlLUkNqvKxi-yry4gQZOmfz3j02mgNoctEewtK3UMEn9CX2ujt3MykYCvzha6JfZ4WkhcuXSmFOWZa7zghX2dx42a4t7isSoWVfkHYhn43Pua6TKErp-W1r7ClHi6oUyXohiDX1CGOb216pj5bV2HvHufrwKNVlKzjk24hFDPz431wuURmoIEDcWDJamcJIK8QaZ_1zfHw22QDC-Mpy1H_AAeKxToKRnmt7QNVTAj51IhixFa5oHSdhV6uTXyPqBsua4Xw-djzqNCGCyl4Km-vDLcpxz5AZDvP1mpNYkBho65i-RJKrcLm04PGRC_YjJjOXiHabMgT37ueAzsYQGxGCu4Bp1wom8rktu7ElcIfSjuyE4-0jNQh5UbclHGGf3JXFxEErMnNKy0qughbqy3jVRzEK9_Bu3SmYq3Hk3Byp08jrjfp65bmQr4YjcCp8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0eTPK-uY4G8LJLwowPnirXgA5j80bFcip-05YUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAnYwMQ-AvqY-qAMBqgSMAk_Q0Shx-KYrFnyshZV2oNbM3n3O2Qw1CTVdcwfOZTXpIgAIaLighvsX6wyJz0ifi3etdsZrPaeeRoWrig4fRXOEbNsOBmGH3RudbAiSHEJ96YeoHjPDgX452QQyaQI81enro5P9angwr5jsQXeTrqmBv-I3GdlF8v2hjjTItDRFhLH1eQ8DXBkptxBxFfoUfVBJnaK36DT5Md56ee7mVo7czr6yire4kud6t_TLdAjBB1JEEUI_Cbu05CpRdGSTsyzimoIRtCIHzolmalk-GYuV_WUSSQ1fr2nTVWJ_CsmpXlzIi8y2W11rse0ucLsL_eMBSmWXmy5hfCGJUZlvTi5tnvUP9hGxDBf6UFqABuCB5-7K7_jTrAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2W3RoMmZMApu6Rpb1PEqNc8G0faA%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 09:28:38 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=efeb723d-ce41-4028-876a-068deba28960
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=efeb723d-ce41-4028-876a-068deba28960
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21503&id=efeb723d-ce41-4028-876a-068deba28960
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=myFgbsQ2zowa&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=myFgbsQ2zowa&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=myFgbsQ2zowa&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7675cfbcb7-98hm7
expires
-1
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=7886676477272632521
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&id=7886676477272632521
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Fri, 30 Dec 2022 09:28:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9fc1e16e-f721-48d4-a3dd-d4b484b3ec11
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cs.minutemedia-prebid.com/cs?aid=21484&id=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame F383
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zY...
0
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=2a1d3d35-d9c5-4de5-aa00-77f5e1a3d0a3&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=2a1d3d35-d9c5-4de5-aa00-77f5e1a3d0a3&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=2a1d3d35-d9c5-4de5-aa00-77f5e1a3d0a3&gdpr=0
date
Fri, 30 Dec 2022 09:28:39 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=gb77fc058829a78350f5&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=gb77fc058829a78350f5&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=gb77fc058829a78350f5&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=6c5b13b5-d5ac-4eb2-999d-d636ba0bd86e
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=6c5b13b5-d5ac-4eb2-999d-d636ba0bd86e
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:39 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=6c5b13b5-d5ac-4eb2-999d-d636ba0bd86e
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=F5t4CLZHazrZKzetQMCLBzQQ
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=F5t4CLZHazrZKzetQMCLBzQQ
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Fri, 30 Dec 2022 09:28:39 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=F5t4CLZHazrZKzetQMCLBzQQ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212067299787330
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212067299787330
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:41 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:40 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212067299787330
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y66vPTF3RFEf8C0cBH4YgwAA%264735
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y66vPTF3RFEf8C0cBH4YgwAA%264735
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ap86GB6wnzWq4a4ekoVfC9%2FIA0FxtcysBttke37uMY5t4V%2F%2FrDH59x%2BhLZ6IYnomtsYAJX13o5G1rXjYPbJ7d%2FnaoDLqim%2FGfm92zXt02TsE%2FoCDweE3kvLbdF3MWivTmO47T6IcrmzDUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y66vPTF3RFEf8C0cBH4YgwAA%264735
cache-control
no-cache
cf-ray
7819bf2498b11c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A&gdpr=0&gdpr_consent=
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A&gdpr=0&gdpr_consent=
date
Fri, 30 Dec 2022 09:28:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame F383 		0
0
cookie
cm.adform.net/ Frame F383
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F24719%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dab05a955-391b-459a-b965-dadd9b411...
0
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=53d04e48-35bc-546c-bdfd-b5a5de531aed
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=53d04e48-35bc-546c-bdfd-b5a5de531aed
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:41 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=53d04e48-35bc-546c-bdfd-b5a5de531aed
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
x.bidswitch.net/ Frame F383
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminu...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=fb475f908c424b1395636f13194f4283&ssp=minutemedia&bsw_param=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&consent=&gdpr_pd=&expires=7
0
0
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3161145728897016290893
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3161145728897016290893
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:41 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3161145728897016290893
date
Fri, 30 Dec 2022 09:28:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame F383
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=1363465109712402442&gdpr=0&gdpr_consent=
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=1363465109712402442&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Fri, 30 Dec 2022 09:28:41 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=1363465109712402442&gdpr=0&gdpr_consent=
date
Fri, 30 Dec 2022 09:28:40 GMT
content-length
0
minute_media
cs.admanmedia.com/sync/ Frame F383 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame F383 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame F383 		0
0
server_match
ad.360yield.com/ Frame F383 		0
0
cm
u.openx.net/w/1.0/ Frame F383 		0
0
us
sync.go.sonobi.com/ Frame F383 		0
0
sync
ads.servenobid.com/ Frame F383 		0
0
/
onetag-sys.com/usync/ Frame 0D58 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e40f3a8fda8c3ab97126b67119cadf99e6d13e1475a751cae14aad0afc103578
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1372
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 6D28
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Dec 2022 09:28:39 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 30 Dec 2022 09:28:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/match/ Frame 5428
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:319263ae-af44-4400-817a-36c11968c700&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame F9FD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y66vRAAH5LY5dAAp&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 97AF
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=ydptrwpgj4u
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 7FC8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7886676477272632521&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 23AC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KDJGdH9nFHUzOBNyKTMKKC0yEiUzNhZ0LDO4HUeK
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 53C1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 5002
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gcsvoJ9XRD10C8jnXKRPPXRaSsQ
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 2742 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:40 GMT
Pragma
no-cache
Server
nginx
expires
-1
pubmatic
gocm.c.appier.net/ Frame 2689 		0
0
cm
ipac.ctnsnet.com/int/ Frame DC24 		43 B
62 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 30 Dec 2022 09:28:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
/
onetag-sys.com/match/ Frame 982F
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=82c4cccaf3c64d5281191756283b3b7b
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pxd
dps.jp.cinarra.com/ Frame F275 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.187.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Fri, 30 Dec 2022 09:28:40 GMT
/
onetag-sys.com/match/ Frame 8529
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FTKvaueN1PbbGK5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame B257 		0
0
RX-06b2d434-da93-4867-903e-6567c80fe655-004
sync.targeting.unrulymedia.com/csync/ Frame 4D99
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5602659928
  • https://sync.1rx.io/usersync/tradedesk/7dcb16d6-9b28-4350-83ad-9d69d70817f1
  • https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 , Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
43
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 30 Dec 2022 09:28:40 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-06b2d434-da93-4867-903e-6567c80fe655-004
pragma
no-cache
bridge
cm.adgrx.com/ Frame 68BB 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.118.249 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Fri, 30 Dec 2022 09:28:40 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1b-delivery-2
i.match
a.tribalfusion.com/ Frame 843E 		43 B
664 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7819bf1e7fac1c59-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 09:28:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
cookiesync
core.iprom.net/ Frame A766 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 30 Dec 2022 09:28:40 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-16d2479409ff@version_1.531
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame DEB8
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 30 Dec 2022 09:28:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cksync.php
contextual.media.net/ Frame D670 		45 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3153941177443632000V10&type=pba&refUrl=&vid=23925174663153941177443632000V10&ovsid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 30 Dec 2022 09:28:39 GMT
expires
Fri, 30 Dec 2022 09:28:39 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9332
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uvr6lCmHQmq92geOENFiPg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
184.31.28.212 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-28-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=41995
accept-ranges
bytes
content-length
5554
expires
Fri, 30 Dec 2022 21:08:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9332
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BAFAFA94-2987-426A-BDDA-078E10D1623E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=55fe6a3e-3974-4bc6-9844-040055253860%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttd_puid=55fe6a3e-3974-4bc6-9844-040055253860%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttd_puid=55fe6a3e-3974-4bc6-9844-040055253860%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttd_puid=55fe6a3e-3974-4bc6-9844-040055253860%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
qmap
sync.crwdcntrl.net/ Frame 9332
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BAFAFA94-2987-426A-BDDA-078E10D1623E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BAFAFA94-2987-426A-BDDA-078E10D1623E&gdpr=0&gdpr_consent=&ct=y
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BAFAFA94-2987-426A-BDDA-078E10D1623E&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
3.0.14.222 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.23.140
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BAFAFA94-2987-426A-BDDA-078E10D1623E&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.20.69
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 9332
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BAFAFA94-2987-426A-BDDA-078E10D1623E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BAFAFA94-2987-426A-BDDA-078E10D1623E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BAFAFA94-2987-426A-BDDA-078E10D1623E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:48 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:48 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=BAFAFA94-2987-426A-BDDA-078E10D1623E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
onetag-sys.com/match/ Frame 9332
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkFGQUZBOTQtMjk4Ny00MjZBLUJEREEtMDc4RTEwRDE2MjNF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 9332
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEaLVoynjs7ojHhsZWScCIY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 9332
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:31CB8A23053C483D935929F708821FAF
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
BAFAFA94-2987-426A-BDDA-078E10D1623E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9332 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BAFAFA94-2987-426A-BDDA-078E10D1623E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.36.219 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-36-219.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
/
onetag-sys.com/match/ Frame 9332
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E
date
Fri, 30 Dec 2022 09:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 9332
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BAFAFA94-2987-426A-BDDA-078E10D1623E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T2n4PpJE2uVa8pVcLRjXyFp.e7wjvG8-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T2n4PpJE2uVa8pVcLRjXyFp.e7wjvG8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T2n4PpJE2uVa8pVcLRjXyFp.e7wjvG8-~A&gdpr=0&gdpr_consent=
date
Fri, 30 Dec 2022 09:28:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 9332
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2d843f2c-c6f7-4311-a7de-e85a87b69e25
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2d843f2c-c6f7-4311-a7de-e85a87b69e25
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f23ba59c-2964-4b6a-912d-a9584ec3c03d&user_group=1&ssp=pubmatic&bsw_param=2d843f2c-c6f7-4311-a7de-e85a87b69e25
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9332
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7720908349641310251
42 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7720908349641310251
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7720908349641310251
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9332
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4044007509491951027&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4044007509491951027&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 09:28:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4044007509491951027&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 30 Dec 2022 09:28:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9332 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9332
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7886676477272632521
0
0
usync.js
eus.rubiconproject.com/ Frame EB0E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0dedd68065a53fa6a335ef3692f1c0a13cdd96159b60bc9fc03dc99822dca07c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Dec 2022 08:43:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83699
Connection
keep-alive
Content-Length
10065
Expires
Sat, 31 Dec 2022 08:43:38 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0D58 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0D58
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcr6tG7p4mJBJo_rGTPzLTMd871P9Knw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcr6tG7p4mJBJo_rGTPzLTMd871P9Knw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhWJcr6tG7p4mJBJo_rGTPzLTMd871P9Knw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 0D58 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
x.bidswitch.net/ Frame 0D58 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 0D58
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 30 Dec 2022 09:28:39 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=319263ae-af44-4400-817a-36c11968c700&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 30 Dec 2022 09:28:38 GMT
/
onetag-sys.com/match/ Frame 0D58
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7886676477272632521
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7886676477272632521
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 30 Dec 2022 09:28:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
31667796-c229-493d-b91d-7ef53889646c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7886676477272632521
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0D58 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 0D58 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0D58
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M03AWD4J6MQKEHB6B9XR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 0D58 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 0D58 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 0D58
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
cs
cs.minutemedia-prebid.com/ Frame 0D58 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://onetag-sys.com/
date
Fri, 30 Dec 2022 09:28:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
usync.js
eus.rubiconproject.com/ Frame 6D28 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0dedd68065a53fa6a335ef3692f1c0a13cdd96159b60bc9fc03dc99822dca07c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 09:28:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Dec 2022 08:43:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83699
Connection
keep-alive
Content-Length
10065
Expires
Sat, 31 Dec 2022 08:43:38 GMT
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LCABBKWB-Z-EMAK
  • https://usersync.gumgum.com/usersync?b=mag&i=LCABBKWB-Z-EMAK
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LCABBKWB-Z-EMAK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 30 Dec 2022 09:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LCABBKWB-Z-EMAK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=272360328&cid=530218868.1672392506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1672392514&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&dt=2023%E5%B9%B4%EF%BC%8C%E5%93%AA%E4%BA%9B%E8%B3%BD%E4%BA%8B%E5%80%BC%E5%BE%97%E6%88%91%E5%80%91%E6%9C%9F%E5%BE%85%EF%BC%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 09:28:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 6D28
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LCABBKWB-Z-EMAK
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LCABBKWB-Z-EMAK
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LCABBKWB-Z-EMAK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
35.174.148.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://eus.rubiconproject.com/
date
Fri, 30 Dec 2022 09:28:41 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LCABBKWB-Z-EMAK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 9332 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3153941177443632000V10%26type%3Dpba%26refUrl%3D%26vid%3D23925174663153941177443632000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:28:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 9541 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FTKvaueN1PbbGK5
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUyAhoMOAE=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Domain
id5-sync.com
URL
https://id5-sync.com/k/264.gif?puid=7dcb16d6-9b28-4350-83ad-9d69d70817f1&ttl=%%TTL%%
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUyAhoMOAE=
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F24719%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dab05a955-391b-459a-b965-dadd9b411dff%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=354&user_id=fb475f908c424b1395636f13194f4283&ssp=minutemedia&bsw_param=2d843f2c-c6f7-4311-a7de-e85a87b69e25&gdpr=0&consent=&gdpr_pd=&expires=7
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=348&uid=pTqpm7Wtk_mm
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f23ba59c-2964-4b6a-912d-a9584ec3c03d&user_group=1&ssp=pubmatic&bsw_param=2d843f2c-c6f7-4311-a7de-e85a87b69e25
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BAFAFA94-2987-426A-BDDA-078E10D1623E&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7886676477272632521
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90340221&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| AMP object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString object| adRecover function| setImmediate function| clearImmediate function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter boolean| ampInaboxInitialized object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags number| ampAdPageCorrelator object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents boolean| noPreviewPage object| dataLayer function| gtag function| quantserve function| __qc object| ezt object| _qoptions object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_tag_manager function| onYouTubeIframeAPIReady

150 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQlM7yktYwCgoIgQIQlM7yktYwCgoI4gEQlM7yktYwCgoI5gEQlM7yktYwCgoIhwIQlM7yktYwCgkICRCUzvKS1jAKCQg6EJTO8pLWMAoKCIwCEJTO8pLWMAoJCF8QlM7yktYwCgkIHxCUzvKS1jA=
.aralego.com/ Name: sspid
Value: 70e82f2e-4c30-3e86-8bdd-5a51bf474921
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.bg3.co/ Name: __gpi
Value: UID=00000b9a8586a5c4:T=1672392507:RT=1672392507:S=ALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A
www.bg3.co/ Name: __AP_SESSION__
Value: d2faaa6a-b6c0-4f19-9a21-6b082daca40c
.doubleclick.net/ Name: IDE
Value: AHWqTUnwpyBrHPTX1xoUbJ1rmFEdofD7Kt-Oi8aBjiqq5ejk30dMt-XqOvjfHOJe_ys
.casalemedia.com/ Name: CMID
Value: Y66vPTF3RFEf8C0cBH4YgwAA
.casalemedia.com/ Name: CMPS
Value: 4735
.casalemedia.com/ Name: CMPRO
Value: 4735
.quantserve.com/ Name: mc
Value: 63aeaf3d-94c72-93354-71e22
.yahoo.com/ Name: A3
Value: d=AQABBD2vrmMCENrzQsIbm0jKsfEnUNfIbiIFEgEBAQEAsGO4YwAAAAAA_eMAAA&S=AQAAAkj3ndzbZLGzVa9VDU_L0Gw
.socdm.com/ Name: SOC
Value: Y66vPcCo8XwAAGleYTsAAAAA
.bidswitch.net/ Name: tuuid
Value: 2d843f2c-c6f7-4311-a7de-e85a87b69e25
.bidswitch.net/ Name: c
Value: 1672392509
.simpli.fi/ Name: suid
Value: 31CB8A23053C483D935929F708821FAF
.ctnsnet.com/ Name: gid_CAESEIGxlitbmT_B4bSjDJJhWCI
Value: 1
.smaato.net/ Name: SCM
Value: fd6ddd27
.smaato.net/ Name: SCMg
Value: fd6ddd27
.yieldmo.com/ Name: yieldmo_id
Value: gb77fc058829a78350f5%7C1672392510040%7C0%7C
.bidswitch.net/ Name: tuuid_lu
Value: 1672392510
.adpushup.com/ Name: ap_uid
Value: 5266c360-8824-11ed-a733-6045bd1bcd2b
.adpushup.com/ Name: ap_usid
Value: 5266c361-8824-11ed-a733-6045bd1bcd2b
.w55c.net/ Name: wfivefivec
Value: FTKvaueN1PbbGK5
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 99480f46-7ced-4cc2-b2ef-40c0424042a4
.w55c.net/ Name: matchgoogle
Value: 5
.zemanta.com/ Name: zuid
Value: A3CP00ZoH4BL8AHZ-HOZ
.openx.net/ Name: i
Value: 99480f46-7ced-4cc2-b2ef-40c0424042a4|1672392511
.omnitagjs.com/ Name: ayl_visitor
Value: 15cf08c87a5198518a2cffb034761ff8
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwv966nQY4AUABSAEQv966nQYYAA..
.adnxs.com/ Name: uuid2
Value: 7886676477272632521
.teads.tv/ Name: tt_viewer
Value: e7786855-d752-46a3-a458-83693c2ee3fa
.rubiconproject.com/ Name: khaos
Value: LCABBKWB-Z-EMAK
.bg3.co/ Name: __gads
Value: ID=a59bb2fc236df86b-225483f710d900a8:T=1672392507:S=ALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1672392514.1.0.1672392514.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.530218868.1672392506
.bg3.co/ Name: __qca
Value: P0-1088104555-1672392513861
.blismedia.com/ Name: b
Value: 63AEAF43C5758B6F0857F2CABLIS
.w55c.net/ Name: matchcasale
Value: 5
.mathtag.com/ Name: mt_mop
Value: 4:1672392516
.adsrvr.org/ Name: TDID
Value: 7dcb16d6-9b28-4350-83ad-9d69d70817f1
.mookie1.com/ Name: id
Value: 10524630856467605591
.mookie1.com/ Name: mdata
Value: 1|10524630856467605591|1672392516072
.mookie1.com/ Name: ov
Value: 99887c4b94b6c9510fd96ecb0816a97a
.mathtag.com/ Name: uuid
Value: 319263ae-af44-4400-817a-36c11968c700
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y66vRAAH5LY5dAAp
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-81cb2fa0-9f57-443d-740b-c8e75ca44f3d.iWhT3Pzfwj%2BF2oJ0%2BQrTpDelYmRKHt0NC%2BjUP7rO2DQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AgcsvoJ9XRD10C8jnXKRPPXRaSsQ.fzGoBk0vZQZkQoPgTMF69rjVDCOp%2B9m5%2FW4Ldkl5Xqk
.adform.net/ Name: uid
Value: 7720908349641310251
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%227dcb16d6-9b28-4350-83ad-9d69d70817f1%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-30T09%3A28%3A36%22%7D
.tapad.com/ Name: TapAd_TS
Value: 1672392516674
.tapad.com/ Name: TapAd_DID
Value: 55fe6a3e-3974-4bc6-9844-040055253860
.openx.net/ Name: pd
Value: v2|1672392516|jElYiuvOiahI
.doubleclick.net/ Name: DSID
Value: NO_DATA
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY3MjM5MjUxMSwib3BlbngiOjE2NzIzOTI1MTd9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.3lift.com/ Name: tluid
Value: 3161145728897016290893
.openx.net/ Name: univ_id
Value: 537072971|7dcb16d6-9b28-4350-83ad-9d69d70817f1|1672392517173846
.adkernel.com/ Name: ADKUID
Value: A256220992459480452
.media.net/ Name: visitor-id
Value: 3153941177443632000V10
.amazon-adsystem.com/ Name: ad-id
Value: A7SUd5T-xk_CkNaklUmLCyg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mookie1.com/ Name: syncdata_TAP
Value: 1
.ladsp.com/ Name: cr
Value: 1
.w55c.net/ Name: matchmedianet
Value: 5
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A256220992459480452
.ladsp.com/ Name: smn_uid
Value: W1Y01wRa7G_UM1OegtFRRQ8y0Yl5ABc
.ladsp.com/ Name: lum
Value: CNHR8pLWMBIFCAMQ0AU
.media.net/ Name: data-xu
Value: FTKvaueN1PbbGK5~~8
.media.net/ Name: data-mm
Value: 319263ae-af44-4400-817a-36c11968c700~~8
.media.net/ Name: data-a
Value: 7886676477272632521~~8
.bg3.co/ Name: cto_bundle
Value: FHezoV9zOGtIYmUwdE1Zb0RvVWZ5emwzQ0lia2xPUGlUaXp1cDgzbEdUSXFJbll6RTdhc2VQc3YyUXVFc2RaVU1DbU14UmxXJTJCQ2k3aW14bjhsS2NJVGJxZ2IyeERhbEtkd0N2WkdadHRQbUJObSUyRjAlM0Q
.bg3.co/ Name: cto_bidid
Value: Ts2CBF9HWFRadGpvYWlXSjdJV2RMT3BPTzZraVhuU2ZJJTJCMDBhWW9mOTdDOCUyQjJMeDhaY0ZURTl6NzF6WGJKUTVaQzZWWWU4NDFxS0RVZHElMkZteG5OWDZKY1JiQSUzRCUzRA
.media.net/ Name: data-o
Value: 82c85980-7e6a-49d5-8b76-f6469488e385~~8
.turn.com/ Name: uid
Value: 4044007509491951027
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.a-mo.net/ Name: amuid2
Value: ab05a955-391b-459a-b965-dadd9b411dff
.prebid.a-mo.net/ Name: sd_amuid2
Value: ab05a955-391b-459a-b965-dadd9b411dff
.criteo.com/ Name: uid
Value: bac0fb1c-b88f-43a6-9270-f1c3fe4ba1e9
.linkedin.com/ Name: li_sugr
Value: 723866c1-c120-491c-a1f3-0cc31e8d572f
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&edb069d1-b431-4f4a-824c-a3ca83a470e1"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2403:u=1:x=1:i=1672392517:t=1672478917:v=2:sig=AQFeoJx7YN4oHtXCh9ctYc39lFpUVyNF"
.rlcdn.com/ Name: rlas3
Value: MSqZcW3Ch2J+cd0Ol3olqzO33jMcgHaETx86bVbHccc=
.bing.com/ Name: MUID
Value: 2802D9B4658B6E0601D0CB3E641A6F43
.c.bing.com/ Name: MR
Value: 0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.servenobid.com/ Name: pid_337
Value: y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
.media.net/ Name: data-c
Value: bac0fb1c-b88f-43a6-9270-f1c3fe4ba1e9~~1
.media.net/ Name: data-c-ts
Value: 1672392518
.servenobid.com/ Name: pid_312
Value: 7886676477272632521
.agkn.com/ Name: ab
Value: 0001%3ADjzdiA8NDifsIgMvZ4fwrEkOmVMt6Cax
.bidr.io/ Name: bitoIsSecure
Value: ok
.rlcdn.com/ Name: pxrc
Value: CAA=
.gumgum.com/ Name: vst
Value: a_85683235-54c4-4a40-ba9a-7d1558b3bb21
.lijit.com/ Name: ljt_reader
Value: F5t4CLZHazrZKzetQMCLBzQQ
.media.net/ Name: data-g
Value: CAESEFsz2aA5Hy2F98Yr3d5CGSw~~8
.sportradarserving.com/ Name: zuuid
Value: e43d13f1-0e7c-4f22-8ca6-a3a7983a039f
.sportradarserving.com/ Name: c
Value: 1672392518
.mookie1.com/ Name: syncdata_NEU
Value: 1
.bidr.io/ Name: bito
Value: AAKZ3U7HXV8AACBhxMcsag
.smartadserver.com/ Name: pid
Value: 1363465109712402442
.bluekai.com/ Name: bku
Value: ikG99WSFgZw90m/S
.bluekai.com/ Name: bkpa
Value: KJyLpDNFGp9xQma4y2btctmV2kv+11ReegjewchTqGxQq5x6URU66wlN36i8FTdKhdPTUH8OwnIXdMTKl7JHqJIKInBvj4mSPd0pXFpMLC0mkfzdNIF4BHa89MGOFU2KFXdpyfdkRpo4oT48X01OdqDrkdUfwYKQ2bKF8U6bJ3e7bUESEdwfpxk2u/H0W3GbPPEPRXiiteGslsu3Xl6fh/SzfxmsSnpM1BSBD1fhs9xopHcqPn8RhyHKGrNEHaeu1xtqqUBlMqz2aaS/yq+r3nzqiDftrjP+RXSr5DPCtgxLxQsbnX+LtvWlRqO2WN0qO4+nLjKO/Yw+m3GLBsUPLqoatWU0EQTRZxo73YoOa5S1Z/v3nx2GV56IZhQoBlEdsX/uYnloLnh8fgOkLoRe8kckdVbcI4XO9nwK5Rx=
.media.net/ Name: data-ttd
Value: 7dcb16d6-9b28-4350-83ad-9d69d70817f1~~1
.company-target.com/ Name: tuuid
Value: 38891fe1-b719-4719-b0a1-3a8095632825
.company-target.com/ Name: tuuid_lu
Value: 1672392518
.minutemedia-prebid.com/ Name: wrvUserID
Value: pTqpm7Wtk_mm
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^1^0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.servenobid.com/ Name: pid_339
Value: y-PgbbzPhE2uHH1DKjDILKd8DgoPIM2QdBMiluILk-~A
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BAFAFA94-2987-426A-BDDA-078E10D1623E
.pubmatic.com/ Name: pi
Value: 159463:2
.pubmatic.com/ Name: DPSync3
Value: 1673568000%3A201_245_226%7C1672963200%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1673654400%3A35%7C1673568000%3A247_13_107_176_233_179_204_99_71_254_238_21_214_5_234_220_3_56_96_209_54_22_8_7_165%7C1672963200%3A2_15_223%7C1673222400%3A63
.servenobid.com/ Name: pid_317
Value: 6691594450986858750
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~294x:175w~294x:196n~294x:198o~294x:194o~294x"
.servenobid.com/ Name: pid_333
Value: Y66vPTF3RFEf8C0cBH4YgwAAEn8AAAAB
.mookie1.com/ Name: syncdata_IOW
Value: 1
.media.net/ Name: data-bs
Value: 2d843f2c-c6f7-4311-a7de-e85a87b69e25~~1
.sportradarserving.com/ Name: zuuid_lu
Value: 1672392519
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1672392519
.quantserve.com/ Name: d
Value: EGkBGwH3J4EO-TC_vLEM-7EA
.w55c.net/ Name: matchpubmatic
Value: 5
.servenobid.com/ Name: pid_310
Value: F5t4CLZHazrZKzetQMCLBzQQ
.servenobid.com/ Name: pid_318
Value: 9heGVDN4Jc_TDtjtPFTDx3NOkwgWifAi8yoTA5hz0qM
.onetag-sys.com/ Name: OTP
Value: 3hvSVMQJM7tqCzsxc75NYsTd_Vqf5qFm0UTcKZNaT-w
.media.net/ Name: data-pba
Value: BAFAFA94-2987-426A-BDDA-078E10D1623E~~8
.adotmob.com/ Name: uid
Value: 088d220419e5af4f8c86fa28
.adotmob.com/ Name: uuid
Value: 088d220419e5af4f8c86fa28
.adotmob.com/ Name: partners
Value: IX%3A1672392519392
.media.net/ Name: data-r
Value: LCABBKWB-Z-EMAK~~1
.casalemedia.com/ Name: CMTS
Value: 5326
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIGpuWeDa6MkHXrd8oPN4aCnBK31KCfKS485SJ1yvI9HCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.contextweb.com/ Name: V
Value: Zy4mgODCQ0qo
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1i2s|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ac8c19898681a777
.mfadsrvr.com/ Name: tuuid
Value: d4f65e1b-7a32-4d9a-b16a-f123d928901b
.mfadsrvr.com/ Name: c
Value: 1672392519
.mfadsrvr.com/ Name: tuuid_lu
Value: 1672392519
.ctnsnet.com/ Name: cid
Value: 82c4cccaf3c64d5281191756283b3b7b
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-06b2d434-da93-4867-903e-6567c80fe655-004%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: a8nvJOw5EGjAaINQeAsIwD95UBZcIVoNvmlvraUUbnWiMGPK1M7b9c1nkeSJTGfMl9uENmrnIBLf1KEFES69DlecxIU1o1PWZcEmSiGFOjBa2ajH3Gjry7OHZcY
.csync.loopme.me/ Name: viewer_token
Value: 9c94ae68-1c78-447a-b97f-29185b8a2166
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI9L7nqMiUtTsQBRIWCgdzdng5dDUwEgsI1OPTtciUtTsQBRIWCgdydWJpY29uEgsI1LqIuciUtTsQBRIUCgV0YXBhZBILCM7m8sjIlLU7EAUYASABKAIyCwjO3vX13pS1OxAFOAFaBXRhcGFkYAI.

22 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202212/84a2feeecad00b4f77b220b141e94fee.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/04679f71a5353d471fb2734b26d5792d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/00dacf9427a79118b0900c317d7533b8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202201/69f1e4d67d339210f2922970df98cc21.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/807ef53126bfcc5e50ff2d76c4221470.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202211/3f30a3eb59bbeec3fe7ed56b7443060a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/4fd3b0481bf134ee0efc6bfab4d5200f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202212/7c7357a333b3f9af3501219a3201f7bd.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202212/03b5fefa9e62d6c791c8f34e44aba2af.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202109/fc3df509db50a7c8975b2abd587531bc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/1644dadde6b663f31eb9ff5268aed6ff.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202206/996a8d1569ad1df7b88e319a777a8846.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/65541b633735c6c0368a583b2282cc14.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/3ea4b6a59c8ba3059fb50f2cd8c0cb9f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202212/0aa0fdc11c230d5d54f347d2852681ad.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672392508&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2023nian-na-xie-sai-shi-zhi-de-wo-men-qi-dai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392505685&bpp=12&bdt=801&idt=2507&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&cookie=ID%3Da59bb2fc236df86b-225483f710d900a8%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYxPLkVcOBW1E9-4zlWa09jyzL2TA&gpic=UID%3D00000b9a8586a5c4%3AT%3D1672392507%3ART%3D1672392507%3AS%3DALNI_MYClQhUrL9jA0iwwwEyHHrrT_FE7A&correlator=4854653267089&frm=23&ife=1&pv=2&ga_vid=266432245.1672392508&ga_sid=1672392508&ga_hid=1739263336&ga_fc=0&ga_cid=amp-JbCM8S2p4s8WEXQP6F_HBA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4131702729&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071276%2C44779794%2C44780792&oid=2&pvsid=3742373109198497&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gvlrgynhd490&fsb=1&dtd=2522
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520749&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392511519&bpp=4&bdt=540&idt=410&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&nras=1&correlator=7893217242726&frm=8&ife=1&pv=2&ga_vid=1872464899.1672392512&ga_sid=1672392512&ga_hid=1137247931&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166%2C31070202%2C31071220%2C44779793%2C44780792&oid=2&pvsid=1047411241418837&tmod=1318328584&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.bl1gmrhpzn7f&fsb=1&dtd=426
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093737&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672392511523&bpp=1&bdt=544&idt=432&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7893217242726&frm=8&ife=1&pv=1&ga_vid=1872464899.1672392512&ga_sid=1672392512&ga_hid=1137247931&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166%2C31070202%2C31071220%2C44779793%2C44780792&oid=2&pvsid=1047411241418837&tmod=1318328584&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.oqzlz24tu6ic&fsb=1&dtd=437
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.adpushup.com/42753/L2EvMjAyM25pYW4tbmEteGllLXNhaS1zaGktemhpLWRlLXdvLW1lbi1xaS1kYWkuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FTKvaueN1PbbGK5
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f075bb0e200f94515b6bd4c2ffbbb78.safeframe.googlesyndication.com
9fb94f345e7c082e57f78cb003f3d3b0.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a5317.casalemedia.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
ap.lijit.com
b1sync.zemanta.com
b42aaf6a07e9ee7ac6737a1c2d04fe62.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csm.as.criteo.net
csync.loopme.me
d-22684713342858665507.ampproject.net
d.adroll.com
d2849lw36e7cot.cloudfront.net
delivery.adrecover.com
dis.criteo.com
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gdn.socdm.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.ad-stir.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
y.one.impact-ad.jp
ad.360yield.com
ads.servenobid.com
cm-supply-web.gammaplatform.com
cm.adform.net
cs.admanmedia.com
cs.iqzone.com
dsum-sec.casalemedia.com
gocm.c.appier.net
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
prebid-server.rubiconproject.com
pubmatic-match.dotomi.com
simage2.pubmatic.com
sync.1rx.io
sync.go.sonobi.com
sync.outbrain.com
u.openx.net
x.bidswitch.net
103.229.10.247
103.229.206.241
103.231.98.194
103.231.98.196
103.231.98.197
104.17.24.14
104.18.25.173
104.18.33.19
104.254.151.60
107.178.244.193
119.9.108.180
124.146.215.50
129.80.94.115
13.107.42.14
13.112.54.241
13.113.27.164
13.113.72.46
13.251.111.79
13.251.231.199
13.33.33.118
13.33.33.127
13.33.88.107
13.33.88.40
13.33.88.71
13.76.45.37
139.5.84.243
139.5.86.127
139.99.49.250
142.250.4.154
142.250.4.157
142.250.4.94
142.250.4.97
142.251.10.132
142.251.10.157
142.251.12.156
142.251.12.94
142.251.12.99
145.40.88.5
151.101.130.49
151.101.65.229
152.199.39.108
162.19.138.117
169.197.150.8
172.217.194.156
172.64.151.162
172.64.154.237
172.67.71.254
172.67.72.16
174.137.133.49
18.138.18.111
18.138.91.242
18.140.14.246
18.140.36.219
18.155.68.53
18.155.70.32
18.176.5.180
18.179.187.167
18.180.33.210
18.65.39.15
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.31.28.198
184.31.28.212
184.50.20.24
185.183.112.148
185.184.8.90
185.84.60.30
195.5.165.20
198.8.71.131
20.127.253.7
202.241.208.4
203.195.121.142
204.79.197.200
209.191.163.208
209.191.163.210
209.54.182.161
209.58.188.181
220.150.223.50
23.106.127.38
23.106.127.52
23.106.127.53
23.207.185.68
23.44.27.86
23.50.118.44
23.50.119.72
3.0.14.222
3.127.206.75
3.233.146.44
3.33.220.150
34.107.148.139
34.193.12.44
34.83.125.63
34.95.69.49
34.96.105.8
34.96.71.22
34.98.64.218
35.174.148.180
35.174.181.179
35.186.193.173
35.190.60.146
35.213.109.249
35.213.117.18
35.213.12.39
35.213.93.179
35.214.223.115
35.227.202.26
35.244.159.8
35.71.178.8
35.74.106.211
42.99.140.144
42.99.140.200
46.137.233.19
50.116.239.135
52.74.118.249
52.74.13.196
52.76.217.175
52.95.118.179
54.154.5.50
54.209.56.33
54.69.44.22
64.120.88.131
64.74.236.127
67.199.150.85
67.199.150.86
67.202.105.22
69.16.175.42
69.173.144.139
69.173.158.64
69.173.158.65
74.118.186.45
74.125.24.132
74.125.24.154
74.125.24.156
74.125.24.95
74.125.68.101
74.125.68.154
74.214.196.131
8.2.110.134
8.43.72.97
80.77.87.163
84.17.37.44
000caedef0ae798a564669089a3e54a5ea6aacc08d4a3f08da400128bbd1bcaf
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01d8c417d836b59777b1808fa9d8b91e510044284efb86681fbe72d14f79f0bf
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
03c3a154afa6115b410d38b8d1b3f845ba143e73f0a14ff87e0a06bf4e7daa9b
03e6eea86f4b1b3d4b201bf65fdc934dbdf58ef3a0cbd691120ad95b8cc3f4cf
0419ff85ff7d8b7c3cb2871e70a7dcc244a70f75bf52cd97686388eb5a547ba0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a46e89e7d29cfda66c551f121a219b17e00e7cb48a29ba291c29d6ea9779408
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9d0c6d02bb1fb859faa94cea216ca72714c776865d9c735cc93df5aafae3f1
0b9f23e5756cae289fe5cba515bb0b0b822452eae958bb986a9417dc694bedd9
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49
0dedd68065a53fa6a335ef3692f1c0a13cdd96159b60bc9fc03dc99822dca07c
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
1044d391e0a5f737fb31aac022baa383dc3b166b5224adbb59009c8da7c82bf8
11475796970cdcb6865f665aa75f08abed5210055911d0ab4d9b02757df2e27e
14963a4e83ce89d71389d35d252f9cc75400c281b783bc63bb6af8fbf88d6950
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
168bf9b21d696d9e6e03bb069093d46b95e38d78645d1ae9b492b54dabec0597
17ad2ba9644dc2e2245219e384abf35638308374aad83151d64b9af2cd0d7e7d
17bda91f3d4a1e42de95609789f76c68a0f5098f6a498a499d71a9dc11a14b7a
18071e0dceff5f97d6fe9b82ad8f347a1ffe89e2c2b6ecd1d66b4d7194ac383e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1ddaede6386d419531afbca8ca32f35d9147d29bbde13d6500052dd257439bfd
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1ff10f8f5b12e998c22541bc3b25d4df17071595e616b454934c455783b874bc
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
23e42c8df94701ca3a16ce7b645759754a5a50dc4c571fd554dbc4c94126ebf3
2400797e6cdc3aa0e87ecfcf346be3ddf2179ec973448a82a260c562061a7c0a
2591854729275112dd7f2b4c4a9cca06df274a4248d5d9cb9b7aba68f9351e70
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2913a73ad1e6b89e0212ff60ec04cfda51e6a837a6cdd0c05ba531c3d8dfdaaf
2a4e6c69cc39d554eefc3ea0a07c0c4895f24efed7e6863774d985d7c8b1cb5e
2aa74208a4f4d05458016ed3889e54c115501643a7f11016e3b17ad96a488e17
2aeaeef400d5a4f40e60bd080ee0fe9dce537a5381b62d9371946dd056d66776
2e2a16d7b601d37237194f63c308549ef01b7cce55a421bfd0074b43d7619391
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321b3e630cd5162192ca9753f956dda11f61aba3f45c8265d4604e41257c60a7
34a61bea7b2e652683aa0fa36f75f6952ddcfd011af0a391fb9343dfdfddd43c
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
376b9a21cd2e1dfcd781cb7aa717914f69a65b113839cd116436e98939bf4ee8
37f6ae60595a0d47a07f29de8025c7f9023ede6b23230df0af72a9698c7ca849
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
3895941be098198e344eb6868c64f269b537129e505ddaaefa16e6e003c4327e
3bd3fb9f25b8c4b6741c0430c375f4b4b14f9a0c03779ac6bd228cea036f04e3
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3deaf0ec138de1c006d3f0800bfcd4f73884482a843d8ff5656210a44216a953
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbe444d1f4e3b13e9fd14f21af01e40d5d060335e5f76992b17f918ee4c1d6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408706d02527a6dcdeaa97b34de8ef0e4e884f881d47d0799924c6b033b591f5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442048a0e9bba6bbebf1778d2c99cf486c6ed737303ea69d2ce0f3b52a50c8cc
4609998b5d9cf8aa5ece8e1de7e17d85aaccc5f36a385d35512f4fa01f2f0beb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f85bda31018208bf8a639dfaa5a2720a7190ea62dab4dfaaf4c1708c244e89
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48aa7991ecc2ee28d3153d5fee2e109711487d2edb5616e24f3195621caff2cf
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
4de0c0773c7c6afca4ef3fe89c78a65c055e4a01432ffccaa5df2190a902a715
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
519667b8e13dd324ad433effde7844624c16185a456f6f424f244802d629e4c4
52bec2060b214433df2f44f9a6355eadbf21b7a36e2987c00b7b96c3b72caefb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568f4728ef82c64a5b4ccd6565aee3fac824d4b22da2b25fc346b9735d4b8dd4
59efc8772fcf7a6b28fe052066be54bef31f9c186bfa6580b4e0549c80252954
5b0570558c1b63c5569392865cad79234d882182c6b8c7da8e4abfe09ac6c7b8
5d3b77437c3158339d2e8cf60038beee5edfc2eba341e4b405f806a7d8db68aa
5dbd18add5d2b0f498b6927484a6a31903a170d91aab74a7c15f79209be9bf8a
605dd6345d41bd062385a3168ec71dac45bedf26b0962376e1a72d9de7f02702
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
611001c8dbef57b65ebd6f7c6ac7f112f20a217a0ab68def2268d4afc945b2a1
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d63d999add09579786354f515ea6d984d4dd741c5ad004f531c51f7554a012
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67ad5d1cae6d7b82fe6ba4008533dd6cf753d57af7cfc5d2a0aae08de058756d
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b8862dc9f13243471e6dd36bbd7a276923489380c582a4076cf2e8619cdf8ba
6ca82b761e577303f6149a1614f9a51d1cbd2b0dd78931fa4201c878c492dc4d
6cfe39c74341b5455de08039c07530b334ed13cefb147aad4be52441dfd66f4f
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6f6bffd21ca2ebe90d8a49749b2945398116dcdc46ded782f854cd1365811d44
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74a728f3606e8e792cd0959126c33a0d15aa2c047e20efc083aecf408ee16fce
74bd7c501477c1d9373372ecf4dcbf66acb3b40c810fb46edef437d9b98399bf
7815887f3bf038d92dcbb3ae1455da4417c3365dce5045316972ba448a098b1c
7b803ad1dd4b7e46b45dfa6f3cdf42053ae31b0ca7e1ed7cc71ed2d098324ebd
8237b57b351f0f3e002af54d1a14670227c1f9c4a32e7d7c34401311c9223a84
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87e708d4895549290624cdda1268bba48ae78ab289a955f39b2adf8d54fdf5fc
889c8dd97d82a778b37300d54b338cd093040b2aacc208df8b2c4f5896bde98e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473
8bb4dcd53084c57f432aa2286091df8ce527a30e35411f8b4c6af9819627e4ba
8c4591f30d7246bfd1500c5cf596cfea1655e616493cda06332b14f8fa858e34
8c534949d07c05af442bba919bb35513a754a1fe8ecefc32aece8067477a2217
8d638f4a7b704254ef2b7a8abe5a04eb2ca104e6b0fe61e643cc97a351cfe6e3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9300b5131fa1e8c938b2a9d8e2a26f9dfba67370ffe110c56e9f8c8fe9e9b96d
93b2423dc949960987fdf61c1b7211965585300e8aa9625460f8d8e97e30ed58
9518056a696e02b2ddcb4188203bac553418591c6016fab7151f5e3fb3cb161b
97c8f33907af175766e0e886a67b5677958e66077e9218bee2a3c11d6b8b8a06
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc4fb8670a897c9709587ea772bad70c4ef634e45e247be4582ce3c442e4eae
9cc461ea39786f400d7b380f9d0b96c228e4135b85ca90a1b5f12fafab342d8a
9d505b15037ec2ceb81a50b2751823257fef912bd6a93856316cc9b23bdea8e2
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e41acae3b9dbcfc0aa7551c2f6a26da03a1b622e9c69868171d7378565881c4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a19340e80c40e3fbf64fd9547f94d8c354cf34d3d151fdda46caa6abca847fad
a1e52980bf76d3ffcfa2ba699b8081567c3beb7f76960a18bd57885635cda72c
a259d0634006b70fbad42415a0d78c2abd4cc9c1407801734b030fa53c228b9f
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4254e34fdb8bc7e2457d6f77b8be5a9f2476ac6489fc4bea1c8be964696270f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a516a10c04cc6af4b6e7bdbd553cc303c6b9ad296053cca91ae848ca920edfde
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
a6ceb75a24dbdacd2ec2ba6e7334aab8eb2e0620cb2bb31eb35e36c2209a76d4
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7f98c59ab2c47e847e5b2b94c0b797e447fe2e2e05fb327db83d88deb88a4da
a8878aa26259f8131ab94f61451f59cc0e240f7d45fd5b31a8d988050bdb1f9c
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
ad1d00d4ac69a44594354178d8f79b0d28a7ee251b355a4804a803fef49d5d77
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27eee9973b430ad5c1a2036da6ec0baca4b5a136c0f73cc5633c2ca62e72034
b2b9ce5a36ccba3ece4734fdb725fe8e855e5d68d70c099f6d0b3d4a0670d05b
b5515b6dfb2178843273ccdf6a3b10dfe174803c893c35f145f5f003ede65675
b617bc9ceaab7237f5bd5ba65289364afa6748add50a21e94795178754595d92
ba781625da0631fa1bc4cfce1011441847c9ab9780578d025c40c9d05a70db13
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc
bc32880b79418d26e0086d338a2c349a23190a91d9511a9bbc5e2e1cdbc19dea
bc8d3d86e78b202a5ef30d5ea26da6e86191717fed70b71081bea967bd4e0349
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87
c709ea195bac6707f0c4dbb252bbb55b3d125cc08c6d534ba846d7e91699b5e5
c7a9ac5d12f027d56bb5300f3d9d977aa6e98f4b0f63920e37a79d4a1a622ab8
c8c525c55cf82a2b7abf6fbfb179c7b8c21f0ae7efef5ddc53372422440444ee
ca7afd434acdde7c05ee72923d5c806c32b95a42e3209283e0b30adb87384db6
cb24b002fd729a15ba07ff30219340568a49fa75df633c66763b6292db7e8289
cd574b9c19e9e70a5444bfcecaa9d52e74fc96030a46fb685cd48ab160984ded
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d22d20359a1bd2eedcc24894c0af70b70e9cb4afae92b519b1d4447f1a478094
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d890adb2cee66d5527d37756a7c31451767903ffcc0f7063cb923043db885c25
d8f0f698caefe3d120c885d688095fd472746cead805b5a688fac21312f82bd2
d9e90811c7cc99535eb1731c2d056f64db946e0b9588d1b3c49c8d0ab2e21e66
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db49cd0a9525be37293bbec39406b757d336b4c995b121ab09494a39407721aa
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e01036e9c78592783e0e017aed0548c58bb66d33b7d908556da46cc847c5bf7e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f3a8fda8c3ab97126b67119cadf99e6d13e1475a751cae14aad0afc103578
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ed7ee241e2ed96eedfb2935a39ca60c8b705129b7e8d0f7907577bd50415ff
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f50bace322ad73b823033c501d4cf1f7a977785dd04626fd7cee78cd1571069f
f5d0c763967dc8b98f8d986708451b127d638e27a801f2e5e6969e9f0a9cffb5
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e